Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0028AFBAC5E311EFA3E78A6F762E951A.roa
File: 0028AFBAC5E311EFA3E78A6F762E951A.roa (raw, json)
Hash identifier: 0COZgCC+Q13cT3px7G2bTe3ratbm/kcPCed3mMARPbg=
Subject key identifier: 34:73:3C:26:83:DA:69:89:6B:04:56:ED:7C:CB:99:5E:BE:74:45:A2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D60
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0028AFBAC5E311EFA3E78A6F762E951A.roa
Signing time: Sun 29 Dec 2024 12:47:02 +0000
ROA not before: Sun 29 Dec 2024 12:46:59 +0000
ROA not after: Sun 12 Dec 2027 12:46:59 +0000
asID: 17561
IP address blocks: 154.210.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 10 Apr 2025 08:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77152 (0x12d60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 12:46:59 2024 GMT
Not After : Dec 12 12:46:59 2027 GMT
Subject: CN=677144c6-aa43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2c:2c:8d:8d:bb:18:a7:bb:5c:94:a0:9c:5a:
b7:57:1d:8e:39:e4:8c:27:7c:15:1f:6c:28:d0:61:
7b:0b:66:0e:d2:d1:01:28:06:2a:1f:8c:f5:b7:b8:
10:ca:c9:23:d4:0e:ff:1f:20:84:24:6c:46:5d:0e:
9b:96:dd:c1:62:0d:ad:51:a3:ca:8a:48:8c:61:31:
28:99:b7:79:77:17:62:46:9c:eb:63:a1:e0:20:b5:
25:d3:20:98:90:79:97:38:2a:75:f5:d2:97:62:5e:
46:93:59:f8:e2:06:f9:60:7f:6c:ed:db:ca:09:f3:
b3:27:5d:b2:ce:6e:1e:ff:2c:ac:7b:61:e5:24:3a:
dd:b1:60:c1:f5:c2:49:a2:ed:a3:5d:08:98:f4:85:
1a:e4:15:b7:25:cf:36:d5:88:fc:80:92:8a:61:bf:
1a:a2:d8:87:9e:eb:67:39:42:d0:57:db:1d:a5:17:
42:c4:2a:31:d2:ea:9c:b3:4c:33:ba:3f:46:94:0d:
4f:27:8f:6e:38:c6:e7:7c:a6:ca:5b:cb:18:01:bc:
94:22:dc:fc:fc:cb:72:2d:9c:00:57:e0:00:ba:f2:
96:05:bc:9a:63:76:c8:b7:5b:7c:c1:6f:22:90:7e:
1c:33:fd:47:33:44:5d:38:40:5d:8a:ea:b9:f0:78:
12:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:73:3C:26:83:DA:69:89:6B:04:56:ED:7C:CB:99:5E:BE:74:45:A2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0028AFBAC5E311EFA3E78A6F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.114.0/24
Signature Algorithm: sha256WithRSAEncryption
85:43:ff:b2:07:3f:a7:c4:ba:bb:5c:72:d6:1f:81:13:89:f8:
fd:3e:be:ad:3b:83:49:af:54:ca:4e:80:27:61:bf:d4:5b:6e:
eb:c4:ef:ca:da:ec:2d:3b:0b:df:57:e4:76:66:7c:67:f9:b5:
70:ce:d9:11:12:4a:1a:6b:7b:5f:8e:8c:0b:fe:87:a5:bd:97:
18:b7:db:ff:f9:02:c4:f4:cc:82:4f:cf:e4:9a:39:7b:91:07:
96:b9:1d:87:7e:1f:13:e3:5b:0e:67:e7:e4:d1:27:64:2c:f9:
a1:f2:50:a5:d5:db:b3:58:e6:87:68:a9:3c:5e:3c:16:12:1d:
b2:69:b3:c2:68:75:32:fc:cb:85:11:7b:d9:c3:d3:61:8d:cf:
9e:0f:c6:ee:70:9e:4a:5e:2f:89:70:74:1e:cf:16:8b:14:53:
40:78:50:a9:27:a6:d3:dd:c5:80:7a:01:8c:94:3e:1c:85:a6:
21:e5:bb:67:c9:45:87:48:5d:77:7c:c4:ef:94:3a:60:67:bc:
a3:4f:ab:77:0b:09:0b:12:ee:5d:b9:67:5e:24:fe:b1:b8:39:
2b:59:9d:92:a6:93:23:c7:eb:b1:6d:74:6e:b3:78:4e:80:ef:
a8:18:4b:25:12:d9:6a:00:cb:92:c5:c6:2b:86:46:3c:23:b4:
67:a3:92:92
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS1gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTI0NjU5WhcNMjcxMjEyMTI0NjU5WjAYMRYw
FAYDVQQDEw02NzcxNDRjNi1hYTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtSwsjY27GKe7XJSgnFq3Vx2OOeSMJ3wVH2wo0GF7C2YO0tEBKAYqH4z1
t7gQyskj1A7/HyCEJGxGXQ6blt3BYg2tUaPKikiMYTEombd5dxdiRpzrY6HgILUl
0yCYkHmXOCp19dKXYl5Gk1n44gb5YH9s7dvKCfOzJ12yzm4e/yyse2HlJDrdsWDB
9cJJou2jXQiY9IUa5BW3Jc821Yj8gJKKYb8aotiHnutnOULQV9sdpRdCxCox0uqc
s0wzuj9GlA1PJ49uOMbnfKbKW8sYAbyUItz8/MtyLZwAV+AAuvKWBbyaY3bIt1t8
wW8ikH4cM/1HM0RdOEBdiuq58HgSbwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDRz
PCaD2mmJawRW7XzLmV6+dEWiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMDI4QUZCQUM1RTMxMUVGQTNFNzhBNkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJyMA0GCSqGSIb3DQEB
CwUAA4IBAQCFQ/+yBz+nxLq7XHLWH4ETifj9Pr6tO4NJr1TKToAnYb/UW27rxO/K
2uwtOwvfV+R2Znxn+bVwztkREkoaa3tfjowL/oelvZcYt9v/+QLE9MyCT8/kmjl7
kQeWuR2Hfh8T41sOZ+fk0SdkLPmh8lCl1duzWOaHaKk8XjwWEh2yabPCaHUy/MuF
EXvZw9Nhjc+eD8bucJ5KXi+JcHQezxaLFFNAeFCpJ6bT3cWAegGMlD4chaYh5btn
yUWHSF13fMTvlDpgZ7yjT6t3CwkLEu5duWdeJP6xuDkrWZ2SppMjx+uxbXRus3hO
gO+oGEslEtlqAMuSxcYrhkY8I7Rno5KS
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:52:12 2025 by rpki-client