Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1349633CC0CA11EFBC2E3C7B762E951A.roa
File: 1349633CC0CA11EFBC2E3C7B762E951A.roa (raw, json)
Hash identifier: 2gfA6mayAqbEAd43hqhOPSQXdUB5RtV6lRY1bJWbRes=
Subject key identifier: 4C:EA:F9:02:AC:E8:04:B0:27:62:F5:83:E3:1F:E7:0F:2C:D1:CB:77
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011DEC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1349633CC0CA11EFBC2E3C7B762E951A.roa
Signing time: Mon 23 Dec 2024 01:06:01 +0000
ROA not before: Mon 23 Dec 2024 01:05:58 +0000
ROA not after: Wed 10 Dec 2025 01:05:58 +0000
asID: 984
IP address blocks: 154.82.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73196 (0x11dec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 01:05:58 2024 GMT
Not After : Dec 10 01:05:58 2025 GMT
Subject: CN=6768b779-ec94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1c:6b:e2:41:2e:5d:ac:5f:d5:16:d3:e7:5c:
f2:ed:c6:a1:55:96:8d:f6:03:bd:11:f5:e2:85:2e:
7e:a6:39:c0:b3:cc:f7:a8:f9:4f:b9:0f:2c:32:62:
e4:f5:94:01:05:97:86:ee:d2:37:44:06:f5:46:6f:
31:6d:b7:28:bb:2c:b4:ff:e1:fb:25:bb:c2:26:46:
5c:55:a5:15:2e:de:ea:e8:5b:c3:72:ec:78:a0:06:
ee:31:16:b8:80:68:e4:77:4c:08:3d:d4:9f:f1:59:
0d:9c:66:1c:7a:45:ce:52:b1:85:b8:1a:fa:59:67:
4a:f7:fa:84:b0:3a:57:c9:a2:d4:57:03:f7:b4:69:
cd:72:b3:ad:4f:ef:37:a5:64:92:d7:03:2a:b4:ae:
be:48:f4:4d:3f:e3:a2:40:79:18:39:a9:b5:9e:d1:
47:c0:b5:9b:f7:e0:61:31:12:a2:81:4f:f5:52:7c:
0c:8b:ef:42:8d:74:8d:3f:9a:4b:87:d4:3c:a2:8f:
a5:e6:b8:fc:c2:f4:0c:27:f1:2a:dc:40:b6:f5:dc:
ab:70:1c:10:c5:93:35:56:b8:43:b6:65:d9:ab:99:
07:6a:5e:92:f8:9c:6f:77:dd:d7:ab:7a:a2:8e:04:
bb:d1:db:ec:cb:5a:10:67:5d:a7:ff:28:df:5a:9a:
bb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:EA:F9:02:AC:E8:04:B0:27:62:F5:83:E3:1F:E7:0F:2C:D1:CB:77
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1349633CC0CA11EFBC2E3C7B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.233.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a2:fc:16:24:c8:79:75:cf:85:ca:b4:87:c8:91:15:34:92:
b6:25:71:6e:37:d4:e3:76:b4:11:b1:35:e2:4b:7c:60:68:1f:
a5:ff:4e:2a:3a:79:ef:08:3f:66:1c:03:43:91:ac:f5:e5:5c:
f4:82:e3:8d:99:f7:84:c5:a8:c8:45:6f:91:81:fe:44:27:c8:
96:d3:4c:81:6a:f8:e1:2a:ed:21:b9:22:45:12:58:c1:88:f8:
3f:03:f6:a4:47:d2:ff:4a:1f:20:5b:b9:fa:58:06:67:b2:15:
ef:19:b1:5a:af:59:b4:ce:dc:3f:95:23:09:97:15:26:97:21:
80:34:0a:cb:6b:b1:c8:34:c3:d0:12:13:ff:9d:02:6f:93:60:
2c:a5:4b:25:7a:27:2a:4e:42:5a:99:9d:8d:ff:cf:89:8b:8e:
27:22:81:a9:53:00:0c:92:f9:d1:3d:33:8f:10:0b:bd:a0:b8:
45:4c:51:0f:47:85:84:60:64:90:85:43:ee:2a:b1:fd:17:73:
af:a2:ca:e8:99:eb:3f:4b:27:66:5a:18:7d:e6:b1:e0:75:fe:
80:ea:d0:ae:67:6b:a4:0b:94:83:1e:30:12:5f:88:9d:80:11:
6e:f8:fa:ee:b3:43:84:8f:cb:0a:3f:f2:1a:97:2a:03:32:78:
de:1d:e4:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR3sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDEwNTU4WhcNMjUxMjEwMDEwNTU4WjAYMRYw
FAYDVQQDEw02NzY4Yjc3OS1lYzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAthxr4kEuXaxf1RbT51zy7cahVZaN9gO9EfXihS5+pjnAs8z3qPlPuQ8s
MmLk9ZQBBZeG7tI3RAb1Rm8xbbcouyy0/+H7JbvCJkZcVaUVLt7q6FvDcux4oAbu
MRa4gGjkd0wIPdSf8VkNnGYcekXOUrGFuBr6WWdK9/qEsDpXyaLUVwP3tGnNcrOt
T+83pWSS1wMqtK6+SPRNP+OiQHkYOam1ntFHwLWb9+BhMRKigU/1UnwMi+9CjXSN
P5pLh9Q8oo+l5rj8wvQMJ/Eq3EC29dyrcBwQxZM1VrhDtmXZq5kHal6S+Jxvd93X
q3qijgS70dvsy1oQZ12n/yjfWpq7MQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEzq
+QKs6ASwJ2L1g+Mf5w8s0ct3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMzQ5NjMzQ0MwQ0ExMUVGQkMyRTNDN0I3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLpMA0GCSqGSIb3DQEB
CwUAA4IBAQAKovwWJMh5dc+FyrSHyJEVNJK2JXFuN9TjdrQRsTXiS3xgaB+l/04q
OnnvCD9mHANDkaz15Vz0guONmfeExajIRW+Rgf5EJ8iW00yBavjhKu0huSJFEljB
iPg/A/akR9L/Sh8gW7n6WAZnshXvGbFar1m0ztw/lSMJlxUmlyGANArLa7HINMPQ
EhP/nQJvk2AspUsleicqTkJamZ2N/8+Ji44nIoGpUwAMkvnRPTOPEAu9oLhFTFEP
R4WEYGSQhUPuKrH9F3Ovosromes/SydmWhh95rHgdf6A6tCuZ2ukC5SDHjASX4id
gBFu+Prus0OEj8sKP/IalyoDMnjeHeSz
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:17:07 2025 by rpki-client