Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/11FD314CC62511EFAE04D08D762E951A.roa
File: 11FD314CC62511EFAE04D08D762E951A.roa (raw, json)
Hash identifier: cn+9+Qgk0GPNuDTuU9Ac3Ho0LEDISVvtF2MYM+zGGoE=
Subject key identifier: 5C:08:4E:BF:34:06:0C:7C:AE:92:3E:CE:7D:E3:C3:31:1A:35:32:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012F8E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/11FD314CC62511EFAE04D08D762E951A.roa
Signing time: Sun 29 Dec 2024 20:39:59 +0000
ROA not before: Sun 29 Dec 2024 20:39:55 +0000
ROA not after: Sun 12 Dec 2027 20:39:55 +0000
asID: 17561
IP address blocks: 154.217.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77710 (0x12f8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 20:39:55 2024 GMT
Not After : Dec 12 20:39:55 2027 GMT
Subject: CN=6771b39f-75af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:13:b7:0f:df:d2:a6:4e:e2:29:56:01:ef:69:
ce:5a:d3:dd:da:82:cd:18:b3:da:7c:ea:0b:d5:e6:
be:09:8f:82:b3:7b:f9:e7:38:8f:4f:59:21:30:36:
41:f1:03:26:95:74:32:4e:28:6a:a7:02:ba:3c:70:
b3:6e:42:1c:76:a4:1f:e9:1e:95:94:8b:54:2e:9d:
28:05:5b:5b:ed:67:48:d6:d4:ff:10:04:9b:e5:c0:
9e:1d:0c:86:0e:71:30:75:87:8f:a7:8c:6c:3d:ee:
8f:e0:7e:49:6d:3b:6d:72:2f:b1:2d:8f:ad:e3:06:
36:bc:f8:19:23:3b:13:0a:cc:1e:86:2d:c1:82:b8:
7f:07:a9:56:40:74:27:35:52:b0:a4:55:d2:cd:ee:
df:c5:ea:3b:0f:53:a4:38:a7:f4:f7:2e:ce:0d:a5:
5e:3c:98:14:e8:3c:1f:d4:9a:0c:92:84:73:43:af:
98:05:c7:0b:36:f9:a0:f8:57:b3:bd:3b:c4:07:9c:
9b:5c:da:da:ce:01:eb:a4:78:d3:eb:8b:92:a5:0f:
f3:ea:5c:c8:37:f5:df:cb:e5:52:e5:bd:4d:f0:0e:
7f:0c:f9:30:ee:d1:ad:f2:d1:e2:fa:99:2b:d5:60:
97:e4:f2:64:a4:03:ec:ca:f9:88:d6:6e:6d:1b:67:
28:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:08:4E:BF:34:06:0C:7C:AE:92:3E:CE:7D:E3:C3:31:1A:35:32:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/11FD314CC62511EFAE04D08D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.170.0/24
Signature Algorithm: sha256WithRSAEncryption
05:f7:54:66:bb:b7:64:4d:a2:52:c2:0d:fe:3c:81:83:d4:65:
4e:ac:98:47:b3:41:32:d1:98:34:06:79:81:3e:67:06:f5:49:
64:9c:62:a4:87:1f:69:cb:ab:94:0e:92:87:db:58:ff:27:7e:
ec:33:06:3a:a5:b3:1e:2b:31:db:65:cf:ff:73:b1:74:9d:f9:
1e:f8:42:20:0b:d8:b4:e1:ac:eb:4a:6c:27:4e:43:82:3a:5d:
eb:28:03:1a:04:8b:1a:ce:56:5a:f3:47:21:1f:e5:b5:0b:b6:
9e:07:78:15:da:20:c3:dc:61:2f:d3:f0:26:cb:e2:b5:3e:17:
36:5a:fb:d9:8a:eb:91:45:23:20:63:0b:f2:2e:e3:03:40:38:
c9:10:6c:b2:71:8c:32:34:fd:75:9d:07:31:ba:03:8c:5d:af:
4f:3a:73:26:d3:6a:a3:b7:79:14:50:cd:98:f9:dc:ac:5f:56:
a2:be:ed:a6:04:d5:00:fe:01:93:f3:53:6f:90:37:80:d8:d8:
fa:30:2c:1d:c9:be:e3:53:1a:cf:1d:85:e0:03:4b:57:e3:f2:
75:e1:63:de:61:61:6b:46:a3:38:73:73:56:4b:3a:62:65:cd:
73:df:22:8c:00:65:8b:d5:7e:7a:e4:37:46:76:00:4a:91:c3:
57:f2:1d:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS+OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjAzOTU1WhcNMjcxMjEyMjAzOTU1WjAYMRYw
FAYDVQQDEw02NzcxYjM5Zi03NWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAshO3D9/Spk7iKVYB72nOWtPd2oLNGLPafOoL1ea+CY+Cs3v55ziPT1kh
MDZB8QMmlXQyTihqpwK6PHCzbkIcdqQf6R6VlItULp0oBVtb7WdI1tT/EASb5cCe
HQyGDnEwdYePp4xsPe6P4H5JbTttci+xLY+t4wY2vPgZIzsTCswehi3Bgrh/B6lW
QHQnNVKwpFXSze7fxeo7D1OkOKf09y7ODaVePJgU6Dwf1JoMkoRzQ6+YBccLNvmg
+FezvTvEB5ybXNrazgHrpHjT64uSpQ/z6lzIN/Xfy+VS5b1N8A5/DPkw7tGt8tHi
+pkr1WCX5PJkpAPsyvmI1m5tG2coAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFwI
Tr80Bgx8rpI+zn3jwzEaNTKyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMUZEMzE0Q0M2MjUxMUVGQUUwNEQwOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtmqMA0GCSqGSIb3DQEB
CwUAA4IBAQAF91Rmu7dkTaJSwg3+PIGD1GVOrJhHs0Ey0Zg0BnmBPmcG9UlknGKk
hx9py6uUDpKH21j/J37sMwY6pbMeKzHbZc//c7F0nfke+EIgC9i04azrSmwnTkOC
Ol3rKAMaBIsazlZa80chH+W1C7aeB3gV2iDD3GEv0/Amy+K1Phc2WvvZiuuRRSMg
YwvyLuMDQDjJEGyycYwyNP11nQcxugOMXa9POnMm02qjt3kUUM2Y+dysX1aivu2m
BNUA/gGT81NvkDeA2Nj6MCwdyb7jUxrPHYXgA0tX4/J14WPeYWFrRqM4c3NWSzpi
Zc1z3yKMAGWL1X565DdGdgBKkcNX8h0J
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:29:26 2025 by rpki-client