Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B418624C1CE11EFAA8A0776762E951A.roa
File: 0B418624C1CE11EFAA8A0776762E951A.roa (raw, json)
Hash identifier: lUNCw96BlsM0FVAb3axJSpOJDu+OCBJcYB74xnN1HCg=
Subject key identifier: C5:32:22:E0:BA:89:E7:DF:20:B9:4A:1C:37:25:60:7B:AB:BE:0B:BE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01227F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B418624C1CE11EFAA8A0776762E951A.roa
Signing time: Tue 24 Dec 2024 08:06:57 +0000
ROA not before: Tue 24 Dec 2024 08:06:53 +0000
ROA not after: Wed 10 Dec 2025 08:06:53 +0000
asID: 984
IP address blocks: 154.193.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74367 (0x1227f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 08:06:53 2024 GMT
Not After : Dec 10 08:06:53 2025 GMT
Subject: CN=676a6ba1-b7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:75:4f:30:8f:0f:d5:73:e8:69:46:f1:ee:37:
9a:55:a9:06:5d:d7:6f:dd:ba:0d:da:59:0c:07:44:
47:5e:56:d9:c7:a2:77:6e:25:c7:5c:a2:92:ee:6b:
c8:76:44:a1:6b:32:f0:e6:e2:d9:61:bb:c9:1a:51:
b5:ee:74:94:8c:39:e2:cc:5e:5c:37:8f:49:35:fd:
45:40:fe:67:6b:60:c7:e8:97:56:44:f2:e5:4c:bb:
8b:f2:ab:81:0e:5f:ca:21:ce:09:fd:ac:5a:d0:89:
17:fd:b8:b1:da:f0:3d:95:a3:08:2e:75:35:fa:c2:
11:43:e9:7a:07:1c:fd:ea:63:c7:7c:54:df:17:f8:
eb:f3:54:db:91:b5:81:bb:0c:7f:03:a1:3a:c9:cc:
db:42:d8:a2:4c:16:c0:b1:f7:85:8c:08:bf:bb:be:
23:00:c6:0b:bc:51:41:0d:1c:1f:f1:2d:7c:8b:0f:
82:f1:15:55:48:4a:08:29:c8:0b:3f:63:38:2e:1a:
69:98:34:0c:c7:88:d9:1c:87:10:0a:6c:c6:06:b7:
ed:72:c3:93:a3:ad:53:02:18:a1:60:a3:cf:08:23:
36:07:a8:94:18:50:a4:ba:0e:a9:6d:11:76:67:b2:
28:50:67:ce:88:17:05:7e:ec:1a:d4:ee:26:65:d1:
96:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:32:22:E0:BA:89:E7:DF:20:B9:4A:1C:37:25:60:7B:AB:BE:0B:BE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B418624C1CE11EFAA8A0776762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.223.0/24
Signature Algorithm: sha256WithRSAEncryption
43:d6:fe:bb:ae:ff:35:0e:60:0a:ad:b1:1a:43:01:96:1b:ed:
75:bc:20:88:b8:90:2a:ee:32:69:25:6c:4d:5c:2e:49:c8:29:
46:43:83:b7:07:0d:5b:0a:13:37:5e:47:f8:3b:a5:fb:7b:47:
0c:a3:7f:aa:7d:7d:1f:40:4d:2d:74:1f:bf:a4:8d:55:4d:c5:
57:9c:71:63:f3:dd:cf:8b:f4:66:49:03:89:d4:af:ed:1e:b2:
ba:40:00:cb:cf:59:3c:0f:91:a8:74:9e:89:57:5c:5e:6c:98:
f5:0c:e3:f6:a4:53:49:f5:cf:9b:dc:7c:b4:48:59:0c:7f:fa:
5f:18:98:e0:9b:e4:00:8b:a2:fc:5f:59:9e:11:3a:9f:6a:45:
76:5f:26:da:79:58:6d:e9:93:c8:65:d4:45:d1:6c:f2:cd:72:
22:ff:c6:e5:27:ed:6d:d5:05:6c:e7:3f:70:74:80:d7:eb:b1:
8f:b2:ad:03:46:df:22:51:17:f9:10:6e:72:2f:a5:13:2e:c3:
58:6d:98:f1:6b:cc:2a:f7:9c:23:2e:13:83:ed:d1:d2:40:9d:
f5:ed:0e:46:e6:64:34:3f:a3:77:88:ee:ae:b1:5f:ac:ab:19:
10:40:3e:5a:7b:84:21:39:0c:df:e4:76:2b:6c:8f:d3:58:6b:
52:4c:32:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASJ/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDgwNjUzWhcNMjUxMjEwMDgwNjUzWjAYMRYw
FAYDVQQDEw02NzZhNmJhMS1iN2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz3VPMI8P1XPoaUbx7jeaVakGXddv3boN2lkMB0RHXlbZx6J3biXHXKKS
7mvIdkShazLw5uLZYbvJGlG17nSUjDnizF5cN49JNf1FQP5na2DH6JdWRPLlTLuL
8quBDl/KIc4J/axa0IkX/bix2vA9laMILnU1+sIRQ+l6Bxz96mPHfFTfF/jr81Tb
kbWBuwx/A6E6yczbQtiiTBbAsfeFjAi/u74jAMYLvFFBDRwf8S18iw+C8RVVSEoI
KcgLP2M4LhppmDQMx4jZHIcQCmzGBrftcsOTo61TAhihYKPPCCM2B6iUGFCkug6p
bRF2Z7IoUGfOiBcFfuwa1O4mZdGWRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMUy
IuC6ieffILlKHDclYHurvgu+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQjQxODYyNEMxQ0UxMUVGQUE4QTA3NzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsHfMA0GCSqGSIb3DQEB
CwUAA4IBAQBD1v67rv81DmAKrbEaQwGWG+11vCCIuJAq7jJpJWxNXC5JyClGQ4O3
Bw1bChM3Xkf4O6X7e0cMo3+qfX0fQE0tdB+/pI1VTcVXnHFj893Pi/RmSQOJ1K/t
HrK6QADLz1k8D5GodJ6JV1xebJj1DOP2pFNJ9c+b3Hy0SFkMf/pfGJjgm+QAi6L8
X1meETqfakV2XybaeVht6ZPIZdRF0WzyzXIi/8blJ+1t1QVs5z9wdIDX67GPsq0D
Rt8iURf5EG5yL6UTLsNYbZjxa8wq95wjLhOD7dHSQJ317Q5G5mQ0P6N3iO6usV+s
qxkQQD5ae4QhOQzf5HYrbI/TWGtSTDIz
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:13 2025 by rpki-client