Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AFE8938C1D711EF9D139CAE762E951A.roa
File: 0AFE8938C1D711EF9D139CAE762E951A.roa (raw, json)
Hash identifier: XdNKfTStWKyuLlzHmumA9iXDJv4gU6L71IzmOME9KVg=
Subject key identifier: D6:5B:DF:90:55:C4:47:25:94:B9:6D:8B:73:36:0E:1C:3A:BD:2B:F1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0122D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AFE8938C1D711EF9D139CAE762E951A.roa
Signing time: Tue 24 Dec 2024 09:11:22 +0000
ROA not before: Tue 24 Dec 2024 09:11:18 +0000
ROA not after: Wed 10 Dec 2025 09:11:18 +0000
asID: 984
IP address blocks: 154.194.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74451 (0x122d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 09:11:18 2024 GMT
Not After : Dec 10 09:11:18 2025 GMT
Subject: CN=676a7aba-423a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d7:e5:06:9b:08:76:f3:53:e0:3b:ce:a8:0b:
92:64:5a:3c:16:3c:2f:15:e2:9c:5a:a9:b3:f3:79:
ca:42:43:a9:74:58:68:9c:f8:08:9d:b7:57:d8:58:
d5:56:03:c6:b6:87:b1:31:09:3b:c1:f6:50:ac:b2:
c7:71:fa:13:05:7f:6b:92:a8:8c:59:80:24:3b:a9:
3e:e9:0e:59:21:b1:49:bd:69:75:3a:b4:6b:7f:00:
4c:a2:26:9a:2c:e3:c3:b4:30:6a:91:7f:0b:d7:0a:
c3:24:c6:1c:49:e5:70:98:b7:3d:61:92:15:d8:5b:
20:bd:68:35:bd:df:06:5a:47:3b:6b:a6:cc:92:55:
5d:36:37:b0:9a:ef:6e:ef:2f:81:e1:d0:a2:ef:c1:
cd:04:ea:73:b6:21:14:51:8b:46:b6:02:4b:7c:64:
00:19:fb:13:9d:4c:0b:59:d4:3f:ec:75:d2:1c:fd:
72:45:f7:30:11:6c:3b:48:d8:9b:63:fd:62:50:43:
5c:11:da:fd:2f:6e:b5:1f:ba:5b:1a:fb:40:c7:6a:
a5:c8:6e:23:26:b0:1f:f2:d3:5f:62:55:3a:54:bd:
ba:60:a9:f2:74:b0:e6:1a:22:74:bb:0a:1a:fc:69:
0a:96:bd:40:53:fa:89:49:12:f1:de:90:c5:35:36:
08:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5B:DF:90:55:C4:47:25:94:B9:6D:8B:73:36:0E:1C:3A:BD:2B:F1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AFE8938C1D711EF9D139CAE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:2f:be:e4:fe:df:15:ec:c4:3c:22:a6:3c:53:e6:f7:e6:a0:
68:96:7a:4c:ac:7b:b6:77:eb:fd:4d:56:61:d2:41:76:6f:b1:
79:cf:7d:88:c3:53:04:59:ce:b4:15:62:cc:f1:9f:35:4d:df:
6a:9c:e6:cb:76:74:16:de:68:3e:37:2b:10:a1:bc:ed:2f:22:
97:42:a2:29:7f:34:8b:55:73:39:b4:11:3f:3c:24:be:84:9e:
29:93:64:8f:99:e2:19:3f:e8:2a:93:cd:49:f3:37:d9:9f:ec:
38:4d:45:ea:1a:58:57:76:79:a6:28:28:d2:42:59:21:75:be:
31:3d:87:4f:0e:6f:ce:36:7d:4e:77:a5:4c:3c:f8:a2:f3:cf:
01:cd:34:4b:ab:43:dc:47:6f:f7:90:c4:00:a4:cc:4e:e1:70:
87:ba:c4:fb:79:18:18:06:57:fa:55:fb:5c:13:9a:84:0c:19:
5f:39:78:ef:53:19:7d:34:67:50:a9:4d:1b:9c:16:e1:c5:b5:
97:8d:e7:f5:79:40:a3:e2:05:d6:6a:b7:5f:e5:4a:13:d9:db:
1d:8d:83:e3:6a:7f:7a:ef:ca:6d:27:80:13:77:60:75:2e:7c:
aa:4e:2d:5b:45:6c:cf:3a:d0:48:a7:12:08:b2:ab:fd:18:2e:
cd:96:9d:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASLTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDkxMTE4WhcNMjUxMjEwMDkxMTE4WjAYMRYw
FAYDVQQDEw02NzZhN2FiYS00MjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAztflBpsIdvNT4DvOqAuSZFo8FjwvFeKcWqmz83nKQkOpdFhonPgInbdX
2FjVVgPGtoexMQk7wfZQrLLHcfoTBX9rkqiMWYAkO6k+6Q5ZIbFJvWl1OrRrfwBM
oiaaLOPDtDBqkX8L1wrDJMYcSeVwmLc9YZIV2FsgvWg1vd8GWkc7a6bMklVdNjew
mu9u7y+B4dCi78HNBOpztiEUUYtGtgJLfGQAGfsTnUwLWdQ/7HXSHP1yRfcwEWw7
SNibY/1iUENcEdr9L261H7pbGvtAx2qlyG4jJrAf8tNfYlU6VL26YKnydLDmGiJ0
uwoa/GkKlr1AU/qJSRLx3pDFNTYI3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNZb
35BVxEcllLlti3M2Dhw6vSvxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQUZFODkzOEMxRDcxMUVGOUQxMzlDQUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsLeMA0GCSqGSIb3DQEB
CwUAA4IBAQBvL77k/t8V7MQ8IqY8U+b35qBolnpMrHu2d+v9TVZh0kF2b7F5z32I
w1MEWc60FWLM8Z81Td9qnObLdnQW3mg+NysQobztLyKXQqIpfzSLVXM5tBE/PCS+
hJ4pk2SPmeIZP+gqk81J8zfZn+w4TUXqGlhXdnmmKCjSQlkhdb4xPYdPDm/ONn1O
d6VMPPii888BzTRLq0PcR2/3kMQApMxO4XCHusT7eRgYBlf6VftcE5qEDBlfOXjv
Uxl9NGdQqU0bnBbhxbWXjef1eUCj4gXWardf5UoT2dsdjYPjan9678ptJ4ATd2B1
LnyqTi1bRWzPOtBIpxIIsqv9GC7Nlp15
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:37 2025 by rpki-client