Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07DC1D86C3C311EF9A65896D762E951A.roa
File: 07DC1D86C3C311EF9A65896D762E951A.roa (raw, json)
Hash identifier: zkjSONkxc4PvRfTNUTOC9oO9UpbSEiMlkNqKQj3YCUk=
Subject key identifier: 93:7F:40:EC:39:5A:93:B3:9A:22:78:40:57:61:1B:FF:6A:A5:CE:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0127B2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07DC1D86C3C311EF9A65896D762E951A.roa
Signing time: Thu 26 Dec 2024 19:53:09 +0000
ROA not before: Thu 26 Dec 2024 19:53:05 +0000
ROA not after: Fri 12 Dec 2025 19:53:05 +0000
asID: 984
IP address blocks: 154.81.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75698 (0x127b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 19:53:05 2024 GMT
Not After : Dec 12 19:53:05 2025 GMT
Subject: CN=676db425-7024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:10:0d:bf:8f:ae:25:9e:83:a9:b7:54:61:0c:
14:dc:a0:53:c2:1d:06:5a:cb:fd:77:37:26:58:a2:
97:cb:4a:cc:dd:d3:38:50:a5:c8:f7:37:65:10:55:
36:0a:c7:a9:2f:c9:a8:bf:96:9d:0f:ca:45:b9:51:
81:57:ec:ae:02:61:ae:fc:19:3b:82:01:4a:9e:17:
73:08:e4:53:57:44:8e:e9:32:fd:3e:3b:55:9d:e2:
7c:9c:32:66:75:1a:dc:4f:0b:f4:5f:42:9b:f4:3a:
de:21:8a:91:9b:bd:c4:bc:5e:bd:9f:8c:66:55:2e:
d7:19:da:b9:bb:db:8b:cc:a7:74:0a:59:ec:c7:1d:
70:4c:4b:38:c2:36:92:db:01:bf:fb:e0:8a:a7:e1:
0c:67:a9:6f:f6:70:e8:0b:dc:ac:0e:f7:da:63:56:
5a:8a:c2:26:b6:86:f7:d3:32:7d:2c:0f:29:fe:fc:
34:00:9f:c8:c4:92:bd:29:e1:ba:bd:32:aa:b9:67:
46:f3:c2:f5:f4:8e:21:c8:23:65:86:1a:aa:b9:32:
2a:30:a3:3d:f5:f2:23:67:4a:9b:ea:5f:fb:a6:1f:
d4:62:c5:b7:1c:81:2e:b3:8a:b3:c5:de:c9:5f:70:
5b:a0:48:b1:e4:82:6f:6e:9b:5f:c6:3c:76:d5:0d:
df:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7F:40:EC:39:5A:93:B3:9A:22:78:40:57:61:1B:FF:6A:A5:CE:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07DC1D86C3C311EF9A65896D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.221.0/24
Signature Algorithm: sha256WithRSAEncryption
17:bf:03:0e:44:75:c5:33:91:66:b5:2a:dd:59:1d:c8:02:9c:
fa:81:dc:4e:62:09:63:3b:d1:da:d7:a8:5e:c5:03:a9:dd:66:
50:b7:43:f0:c3:b0:cb:a1:70:dd:b7:6c:20:77:4b:a1:0a:76:
78:bf:fe:71:4b:1e:8f:61:99:d1:08:fc:df:ed:26:bc:6a:8c:
f1:0e:06:58:d8:38:9a:c3:cd:fa:2f:c1:f5:80:3a:4f:a9:b7:
75:b8:07:3c:38:c5:70:a9:c4:15:21:b1:d2:f0:66:53:fd:e4:
1e:ef:bf:d3:af:b8:37:0b:79:b3:a5:16:26:0e:22:34:42:54:
69:c3:64:e2:47:58:e1:c2:60:4b:03:e4:50:0d:7f:d9:fa:9f:
67:1e:6f:14:af:78:1a:4c:24:e3:5b:38:bf:25:3a:ef:e1:02:
9b:b4:e4:80:e2:d3:d4:49:ef:4e:0f:f1:7c:ba:7f:f3:8b:88:
64:b8:70:80:8a:2e:c6:7c:2e:44:b4:17:17:98:7f:38:1e:4f:
1c:85:1e:34:a1:a5:7c:0b:11:31:82:41:ee:41:16:31:de:ae:
e4:c0:9d:86:3b:ab:20:fb:6b:5b:67:73:68:a4:2a:8e:81:5e:
7c:95:e0:77:45:bd:31:a4:a6:bf:bc:5f:3c:89:0c:34:fe:64:
6b:ea:a5:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASeyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTk1MzA1WhcNMjUxMjEyMTk1MzA1WjAYMRYw
FAYDVQQDEw02NzZkYjQyNS03MDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyRANv4+uJZ6DqbdUYQwU3KBTwh0GWsv9dzcmWKKXy0rM3dM4UKXI9zdl
EFU2CsepL8mov5adD8pFuVGBV+yuAmGu/Bk7ggFKnhdzCORTV0SO6TL9PjtVneJ8
nDJmdRrcTwv0X0Kb9DreIYqRm73EvF69n4xmVS7XGdq5u9uLzKd0Clnsxx1wTEs4
wjaS2wG/++CKp+EMZ6lv9nDoC9ysDvfaY1ZaisImtob30zJ9LA8p/vw0AJ/IxJK9
KeG6vTKquWdG88L19I4hyCNlhhqquTIqMKM99fIjZ0qb6l/7ph/UYsW3HIEus4qz
xd7JX3BboEix5IJvbptfxjx21Q3fcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJN/
QOw5WpOzmiJ4QFdhG/9qpc4eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wN0RDMUQ4NkMzQzMxMUVGOUE2NTg5NkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlHdMA0GCSqGSIb3DQEB
CwUAA4IBAQAXvwMORHXFM5FmtSrdWR3IApz6gdxOYgljO9Ha16hexQOp3WZQt0Pw
w7DLoXDdt2wgd0uhCnZ4v/5xSx6PYZnRCPzf7Sa8aozxDgZY2Diaw836L8H1gDpP
qbd1uAc8OMVwqcQVIbHS8GZT/eQe77/Tr7g3C3mzpRYmDiI0QlRpw2TiR1jhwmBL
A+RQDX/Z+p9nHm8Ur3gaTCTjWzi/JTrv4QKbtOSA4tPUSe9OD/F8un/zi4hkuHCA
ii7GfC5EtBcXmH84Hk8chR40oaV8CxExgkHuQRYx3q7kwJ2GO6sg+2tbZ3NopCqO
gV58leB3Rb0xpKa/vF88iQw0/mRr6qXu
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:17:06 2025 by rpki-client