Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CEA9BDEC27111EF9D9C8D95762E951A.roa
File: 0CEA9BDEC27111EF9D9C8D95762E951A.roa (raw, json)
Hash identifier: VU+7viG9s50s/vUUbXadwwx/O5ctqOewwBf1WjI8m5o=
Subject key identifier: 57:80:EC:3D:FF:91:80:EC:BE:C1:26:E6:27:2A:5D:91:E0:05:0B:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012464
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CEA9BDEC27111EF9D9C8D95762E951A.roa
Signing time: Wed 25 Dec 2024 03:33:47 +0000
ROA not before: Wed 25 Dec 2024 03:33:44 +0000
ROA not after: Wed 10 Dec 2025 03:33:44 +0000
asID: 984
IP address blocks: 154.211.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74852 (0x12464)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 03:33:44 2024 GMT
Not After : Dec 10 03:33:44 2025 GMT
Subject: CN=676b7d1b-4ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ad:69:20:9e:cb:48:d8:49:34:8a:ae:e0:38:
81:d6:88:ec:41:11:3a:82:7a:aa:70:e1:2a:ec:31:
af:53:d5:1b:8c:ac:85:30:d3:e4:05:c9:dc:02:f0:
04:ed:01:dd:e8:b9:10:20:3f:08:09:1a:a8:da:2c:
7d:0a:16:ff:dc:81:ad:64:3b:84:b7:1d:00:ab:81:
2c:a4:7e:f8:ae:e5:48:3f:dc:39:ca:8f:12:ed:9e:
d2:aa:9c:7a:8e:b1:f4:17:3f:54:bc:2b:82:4f:ba:
09:f9:11:67:0c:24:43:4f:87:1c:ae:2a:9a:48:e0:
65:ac:c0:7f:cb:d2:24:79:2e:0f:f4:48:58:80:ce:
29:91:4b:f0:b7:14:d1:b2:ae:e4:83:70:8c:e1:cb:
09:3a:6d:50:f7:cb:c9:e5:99:72:77:e9:4e:73:cf:
31:1a:ea:a5:b0:36:49:0b:d0:8b:53:0c:02:9f:15:
87:7c:6c:8d:6b:25:f0:21:1d:15:be:6a:9b:49:09:
33:ce:f5:45:9d:89:f3:c9:ea:e7:12:c1:c5:7d:41:
39:c9:ca:af:a1:d2:35:45:95:07:ae:48:26:9a:5c:
eb:43:66:ba:c8:48:37:e0:be:98:6f:c3:1a:33:2b:
62:5a:4b:dd:88:1d:82:14:95:df:3e:cc:ee:cf:ae:
41:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:80:EC:3D:FF:91:80:EC:BE:C1:26:E6:27:2A:5D:91:E0:05:0B:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CEA9BDEC27111EF9D9C8D95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.201.0/24
Signature Algorithm: sha256WithRSAEncryption
87:41:14:bc:4e:b5:c4:d9:b6:ec:5b:3a:51:5b:e6:a3:09:a8:
85:90:00:61:c2:ef:59:3f:56:f7:7e:24:6e:78:eb:86:6e:d9:
c5:08:55:4f:ff:72:d2:89:a4:e5:b2:0f:a7:ba:06:70:a7:8b:
50:8e:9e:4d:5c:8c:f7:3f:39:d2:c0:77:4a:ff:08:e4:b2:ec:
27:ac:35:58:f2:73:ef:e7:0e:a3:e7:a5:ef:e8:80:97:fb:f9:
1d:06:ad:65:4c:d1:5a:58:de:e6:85:90:e5:21:0b:71:35:80:
3e:d1:53:e3:a2:f9:35:1c:6e:d7:b5:b1:8e:9e:92:f9:d7:7d:
1a:26:80:d2:35:cc:76:55:79:a8:69:56:37:cc:15:10:64:4e:
8b:a4:fe:78:72:2b:7a:3b:97:89:4a:59:bb:97:65:3d:8b:b6:
60:a6:3c:6f:47:92:97:1a:81:b7:fb:54:00:40:3e:d4:9a:2a:
73:6c:5f:59:5b:e2:f2:01:87:ba:58:ee:e1:a8:aa:36:40:89:
fb:20:d7:ed:ef:0e:d4:cf:66:cb:c3:f5:01:29:ec:ed:30:66:
3f:31:44:92:cf:30:18:b7:f6:b5:92:9b:c8:78:0c:b7:ad:14:
6b:c6:85:40:ff:c1:ef:59:ea:94:e0:d0:94:93:91:00:d5:f9:
2c:91:ed:af
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASRkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDMzMzQ0WhcNMjUxMjEwMDMzMzQ0WjAYMRYw
FAYDVQQDEw02NzZiN2QxYi00YWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyK1pIJ7LSNhJNIqu4DiB1ojsQRE6gnqqcOEq7DGvU9UbjKyFMNPkBcnc
AvAE7QHd6LkQID8ICRqo2ix9Chb/3IGtZDuEtx0Aq4EspH74ruVIP9w5yo8S7Z7S
qpx6jrH0Fz9UvCuCT7oJ+RFnDCRDT4ccriqaSOBlrMB/y9IkeS4P9EhYgM4pkUvw
txTRsq7kg3CM4csJOm1Q98vJ5Zlyd+lOc88xGuqlsDZJC9CLUwwCnxWHfGyNayXw
IR0VvmqbSQkzzvVFnYnzyernEsHFfUE5ycqvodI1RZUHrkgmmlzrQ2a6yEg34L6Y
b8MaMytiWkvdiB2CFJXfPszuz65BsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFeA
7D3/kYDsvsEm5icqXZHgBQvZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQ0VBOUJERUMyNzExMUVGOUQ5QzhEOTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtPJMA0GCSqGSIb3DQEB
CwUAA4IBAQCHQRS8TrXE2bbsWzpRW+ajCaiFkABhwu9ZP1b3fiRueOuGbtnFCFVP
/3LSiaTlsg+nugZwp4tQjp5NXIz3PznSwHdK/wjksuwnrDVY8nPv5w6j56Xv6ICX
+/kdBq1lTNFaWN7mhZDlIQtxNYA+0VPjovk1HG7XtbGOnpL5130aJoDSNcx2VXmo
aVY3zBUQZE6LpP54cit6O5eJSlm7l2U9i7ZgpjxvR5KXGoG3+1QAQD7UmipzbF9Z
W+LyAYe6WO7hqKo2QIn7INft7w7Uz2bLw/UBKeztMGY/MUSSzzAYt/a1kpvIeAy3
rRRrxoVA/8HvWeqU4NCUk5EA1fkske2v
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:50:39 2025 by rpki-client