Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07C43C40C5E711EFBC45E488762E951A.roa
File: 07C43C40C5E711EFBC45E488762E951A.roa (raw, json)
Hash identifier: +bFfjXr1OcKw508BpDXI5uO5DLY3jQyyOT/81WYPE8Q=
Subject key identifier: 06:73:5A:3F:61:DC:80:00:3B:BF:10:D4:F7:52:94:C7:76:79:A0:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D82
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07C43C40C5E711EFBC45E488762E951A.roa
Signing time: Sun 29 Dec 2024 13:15:53 +0000
ROA not before: Sun 29 Dec 2024 13:15:49 +0000
ROA not after: Fri 12 Dec 2025 13:15:49 +0000
asID: 984
IP address blocks: 154.210.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77186 (0x12d82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 13:15:49 2024 GMT
Not After : Dec 12 13:15:49 2025 GMT
Subject: CN=67714b89-3fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:08:62:e2:7f:7c:06:e2:32:79:72:05:39:05:
4e:5b:21:05:35:69:f7:b4:eb:2c:2b:38:3e:41:20:
ed:58:ad:58:19:9a:78:8c:fd:e3:46:a2:5c:69:78:
d3:33:64:af:e5:d0:b9:e6:15:80:0a:de:6e:89:be:
96:f1:e0:3a:d9:76:04:3c:d1:9f:96:a9:63:37:30:
24:c3:97:47:91:4d:28:8a:23:30:fe:21:f0:f2:13:
c3:d6:87:9a:99:cf:be:88:38:68:ba:c3:23:26:5f:
dc:02:a5:55:96:6b:66:a6:26:bd:70:ff:fe:bd:46:
75:dd:fc:31:a7:43:12:4a:44:81:82:60:46:28:45:
b7:96:a7:16:dc:d7:00:65:cb:e7:77:6e:18:37:ba:
a2:22:b4:d0:e0:6e:50:0a:a4:1c:04:a8:71:27:5d:
fa:32:26:bf:1a:52:72:e9:72:e1:60:8a:60:11:9c:
f8:6a:eb:b4:9f:01:57:bf:8e:27:b3:b5:8d:c8:10:
b3:46:6f:af:62:48:aa:82:4b:00:d5:fe:10:b2:b6:
2c:42:73:5b:bd:77:ad:7b:19:a3:05:5e:f4:a0:b5:
52:dc:64:af:bf:72:7a:08:94:24:ae:da:0d:71:3a:
a1:bd:78:a3:b7:40:0f:0a:e4:fa:9a:5c:76:41:63:
2a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:73:5A:3F:61:DC:80:00:3B:BF:10:D4:F7:52:94:C7:76:79:A0:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07C43C40C5E711EFBC45E488762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.240.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:a8:de:c9:12:b3:ce:91:2e:e8:a2:23:58:67:a6:b9:72:4c:
8c:02:01:20:59:85:f1:ea:bc:31:c1:4c:77:26:1d:95:ed:bc:
39:7f:ef:52:9c:4b:40:46:1f:2e:50:4f:0e:8a:86:e6:86:db:
52:86:9d:1a:e9:81:aa:bf:3b:88:86:f0:16:24:a5:08:f6:0d:
50:0a:50:f4:30:42:89:80:6c:86:bc:f3:b1:f7:bd:d7:98:95:
2f:5f:3d:5a:24:fe:03:2c:ab:b6:92:32:86:bf:85:c9:57:28:
e4:a5:14:9b:60:d9:5c:bf:c6:2f:64:da:d5:14:d3:7e:bd:7e:
d2:57:45:84:3e:28:5c:9f:d4:46:66:37:2d:26:7b:61:d4:19:
c3:ba:fa:f1:bd:e9:42:80:be:56:7b:56:c8:e9:3e:5e:13:a5:
6e:d2:9b:90:87:cb:be:29:16:ee:68:11:03:c7:cb:e7:88:75:
da:bb:f0:51:8b:f2:3d:88:f7:43:2f:0a:6f:7d:69:a0:be:4c:
d2:55:31:5d:b2:24:36:1c:1b:c7:8b:92:a2:14:87:9f:5c:08:
82:a6:b1:35:e1:c8:94:78:f6:07:99:21:33:53:7c:68:b6:21:
bb:6f:c1:05:9b:55:cf:a9:a2:1f:cd:5a:7f:68:b6:36:8d:18:
ab:53:b5:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS2CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTMxNTQ5WhcNMjUxMjEyMTMxNTQ5WjAYMRYw
FAYDVQQDEw02NzcxNGI4OS0zZmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuwhi4n98BuIyeXIFOQVOWyEFNWn3tOssKzg+QSDtWK1YGZp4jP3jRqJc
aXjTM2Sv5dC55hWACt5uib6W8eA62XYEPNGflqljNzAkw5dHkU0oiiMw/iHw8hPD
1oeamc++iDhousMjJl/cAqVVlmtmpia9cP/+vUZ13fwxp0MSSkSBgmBGKEW3lqcW
3NcAZcvnd24YN7qiIrTQ4G5QCqQcBKhxJ136Mia/GlJy6XLhYIpgEZz4auu0nwFX
v44ns7WNyBCzRm+vYkiqgksA1f4QsrYsQnNbvXetexmjBV70oLVS3GSvv3J6CJQk
rtoNcTqhvXijt0APCuT6mlx2QWMq0QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAZz
Wj9h3IAAO78Q1PdSlMd2eaDoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wN0M0M0M0MEM1RTcxMUVGQkM0NUU0ODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLwMA0GCSqGSIb3DQEB
CwUAA4IBAQCqqN7JErPOkS7ooiNYZ6a5ckyMAgEgWYXx6rwxwUx3Jh2V7bw5f+9S
nEtARh8uUE8OiobmhttShp0a6YGqvzuIhvAWJKUI9g1QClD0MEKJgGyGvPOx973X
mJUvXz1aJP4DLKu2kjKGv4XJVyjkpRSbYNlcv8YvZNrVFNN+vX7SV0WEPihcn9RG
ZjctJnth1BnDuvrxvelCgL5We1bI6T5eE6Vu0puQh8u+KRbuaBEDx8vniHXau/BR
i/I9iPdDLwpvfWmgvkzSVTFdsiQ2HBvHi5KiFIefXAiCprE14ciUePYHmSEzU3xo
tiG7b8EFm1XPqaIfzVp/aLY2jRirU7Uj
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:39:51 2025 by rpki-client