Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08EE1BC0C25B11EFA63E8775762E951A.roa
File: 08EE1BC0C25B11EFA63E8775762E951A.roa (raw, json)
Hash identifier: fSZZ+6zDvtGBr+JHYCx/4Xqq8IwDdKP1UUec0KsnrMs=
Subject key identifier: 6D:D4:F4:8E:DB:F9:C4:63:08:76:82:B3:A6:E6:1C:9C:23:38:78:F9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01236C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08EE1BC0C25B11EFA63E8775762E951A.roa
Signing time: Wed 25 Dec 2024 00:56:12 +0000
ROA not before: Wed 25 Dec 2024 00:00:08 +0000
ROA not after: Wed 10 Dec 2025 00:00:08 +0000
asID: 984
IP address blocks: 154.199.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74604 (0x1236c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 00:00:08 2024 GMT
Not After : Dec 10 00:00:08 2025 GMT
Subject: CN=676b582c-c46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c1:de:9b:fc:71:f0:56:61:a1:40:0b:65:5d:
84:6e:7d:3b:5c:93:db:73:be:a0:a6:ab:70:ea:53:
67:ee:42:fa:93:bf:19:3d:5d:e5:c5:e3:9f:c1:b2:
46:61:de:2c:a4:8e:f7:f6:7b:70:7f:80:c9:78:9d:
84:70:13:40:7c:51:fb:a0:75:e5:d4:25:2f:1e:e2:
42:56:ea:e4:86:43:06:70:7d:8d:0a:fb:51:8d:1c:
58:87:21:85:e1:db:82:b2:69:39:7e:ca:c5:2c:d0:
e1:c3:09:84:61:a0:8c:73:35:03:89:83:95:ac:99:
9b:9d:e7:83:73:90:96:46:cd:2f:92:a4:ef:3a:ee:
10:cd:5b:d4:44:8b:83:19:69:e3:a9:7f:51:7b:b8:
b3:11:c0:90:00:b6:a7:64:d7:b5:6b:8b:47:21:13:
b3:3f:28:69:c9:d6:ad:d9:90:ae:6e:df:1a:a9:ea:
ff:95:f6:08:6f:6a:ef:31:0b:ff:c0:02:72:cd:71:
af:06:23:08:98:fb:0b:b9:a6:fa:18:35:34:32:d9:
35:b4:ce:4d:11:6e:db:b4:f0:fc:75:dd:03:1d:7f:
24:0d:cd:0d:0b:f1:02:5a:ef:48:b7:34:ae:54:da:
a1:2c:a3:7d:f2:96:97:35:37:bc:2d:a9:36:e4:ea:
36:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D4:F4:8E:DB:F9:C4:63:08:76:82:B3:A6:E6:1C:9C:23:38:78:F9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08EE1BC0C25B11EFA63E8775762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.67.0/24
Signature Algorithm: sha256WithRSAEncryption
36:75:f0:51:54:52:79:94:dd:46:59:fd:a3:60:21:a1:cd:ed:
c2:b3:22:bb:be:37:e4:47:c4:e3:f4:c5:51:3d:82:d5:d7:00:
70:e9:a4:f2:81:0f:ff:0a:45:45:c6:19:8a:78:43:5d:6f:a5:
ff:22:6f:c9:65:12:16:a9:90:d9:e2:59:96:1e:15:42:6f:3f:
66:d9:2c:2f:9b:35:5b:82:6d:52:0d:85:56:72:a1:e8:d0:b6:
7b:42:74:1d:a3:80:4d:ac:63:84:aa:b0:e9:fa:f4:e6:95:a9:
83:81:07:eb:50:7e:4b:63:fa:56:12:98:47:58:d5:48:92:cc:
e5:85:cc:67:f1:f2:72:bf:33:48:12:01:01:c6:92:e0:bd:77:
54:78:f5:fe:72:f3:10:38:d6:c1:dc:d9:8a:0d:3d:26:d7:1b:
18:9f:73:82:9c:7e:1b:c7:bc:71:12:3f:07:04:3a:d4:b5:53:
44:a6:4e:72:84:cd:4e:ed:89:2d:f9:9a:ad:21:3b:af:28:a0:
0d:1a:fa:c8:89:57:38:23:fd:f5:44:b0:a9:9a:06:26:73:4d:
c9:2c:b9:c4:a5:25:b1:52:d1:d9:ed:7d:c3:8b:e8:1c:c7:a9:
a0:d2:98:f8:6d:b7:c3:a4:8a:fa:7c:a8:a2:22:3d:4d:3f:e7:
69:8c:22:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASNsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDAwMDA4WhcNMjUxMjEwMDAwMDA4WjAYMRYw
FAYDVQQDEw02NzZiNTgyYy1jNDZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxsHem/xx8FZhoUALZV2Ebn07XJPbc76gpqtw6lNn7kL6k78ZPV3lxeOf
wbJGYd4spI739ntwf4DJeJ2EcBNAfFH7oHXl1CUvHuJCVurkhkMGcH2NCvtRjRxY
hyGF4duCsmk5fsrFLNDhwwmEYaCMczUDiYOVrJmbneeDc5CWRs0vkqTvOu4QzVvU
RIuDGWnjqX9Re7izEcCQALanZNe1a4tHIROzPyhpydat2ZCubt8aqer/lfYIb2rv
MQv/wAJyzXGvBiMImPsLuab6GDU0Mtk1tM5NEW7btPD8dd0DHX8kDc0NC/ECWu9I
tzSuVNqhLKN98paXNTe8Lak25Oo2PQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG3U
9I7b+cRjCHaCs6bmHJwjOHj5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOEVFMUJDMEMyNUIxMUVGQTYzRTg3NzU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsdDMA0GCSqGSIb3DQEB
CwUAA4IBAQA2dfBRVFJ5lN1GWf2jYCGhze3CsyK7vjfkR8Tj9MVRPYLV1wBw6aTy
gQ//CkVFxhmKeENdb6X/Im/JZRIWqZDZ4lmWHhVCbz9m2SwvmzVbgm1SDYVWcqHo
0LZ7QnQdo4BNrGOEqrDp+vTmlamDgQfrUH5LY/pWEphHWNVIkszlhcxn8fJyvzNI
EgEBxpLgvXdUePX+cvMQONbB3NmKDT0m1xsYn3OCnH4bx7xxEj8HBDrUtVNEpk5y
hM1O7Ykt+ZqtITuvKKANGvrIiVc4I/31RLCpmgYmc03JLLnEpSWxUtHZ7X3Di+gc
x6mg0pj4bbfDpIr6fKiiIj1NP+dpjCIz
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:15 2025 by rpki-client