Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1352F648CDD311EFB096EC71762E951A.roa
File: 1352F648CDD311EFB096EC71762E951A.roa (raw, json)
Hash identifier: iOgobYLtHL57nCjk1CTdZJGCB7uYb7WNUNGlV+xfznY=
Subject key identifier: E6:AD:21:7D:22:B1:0A:2D:14:B9:AB:EE:73:50:50:5C:AA:7C:63:9D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013753
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1352F648CDD311EFB096EC71762E951A.roa
Signing time: Wed 08 Jan 2025 15:13:12 +0000
ROA not before: Wed 08 Jan 2025 15:13:08 +0000
ROA not after: Mon 03 Jan 2028 15:13:08 +0000
asID: 17561
IP address blocks: 154.83.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79699 (0x13753)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 15:13:08 2025 GMT
Not After : Jan 3 15:13:08 2028 GMT
Subject: CN=677e9608-1883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4b:5c:0c:90:6a:f7:3c:d4:cc:a6:af:e9:34:
2c:7c:fd:6b:7e:f5:a3:47:54:ef:d9:19:5e:23:c3:
69:bb:0c:23:a0:6b:7b:07:9d:ef:cc:0a:84:68:a8:
bb:6b:b9:6d:b8:1e:a8:4c:15:a1:2e:40:75:7f:1a:
1f:49:28:a9:a4:9f:a8:cb:61:a6:27:10:3d:51:66:
67:37:6a:22:0d:71:a4:05:b0:26:f3:e8:b2:cd:8c:
61:67:16:ff:98:41:ea:d1:fc:dd:a3:2c:95:20:24:
e2:8b:e9:2c:9b:48:09:e6:00:7d:5e:49:54:09:98:
fa:e7:7c:48:21:02:17:9b:41:13:db:dc:c0:80:8f:
86:a1:d1:ec:1f:f7:3b:e4:1f:1f:7e:47:3f:2f:82:
60:af:b7:8e:56:4d:b4:ce:07:ae:aa:e5:23:32:2b:
6a:d7:42:f7:fa:5a:8d:8a:e7:2a:78:e3:64:91:39:
e6:7e:00:f4:0d:92:96:d1:29:31:58:aa:bf:9a:4d:
59:6d:3c:85:9b:eb:87:4f:68:6d:5f:8a:0c:59:b2:
58:99:f0:98:61:0f:10:45:b6:db:a9:50:06:8e:9d:
af:39:b3:e1:15:ef:cf:14:a6:4e:15:1b:e8:b7:bd:
cd:ce:60:21:4c:de:b0:5b:33:46:3f:74:d6:67:69:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AD:21:7D:22:B1:0A:2D:14:B9:AB:EE:73:50:50:5C:AA:7C:63:9D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1352F648CDD311EFB096EC71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.25.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:37:be:90:e7:5d:79:49:4a:1d:02:82:51:6d:1e:5c:bc:97:
4e:a9:6b:8b:d4:7c:0c:e2:0a:0f:ff:69:81:bf:4c:b6:de:89:
4f:fc:53:f8:8b:cc:52:9e:60:50:95:79:d8:17:46:ee:8d:ae:
68:35:cf:b7:20:49:dd:73:a4:c9:56:69:76:67:fe:c4:2f:ca:
6c:af:d6:60:f1:e6:bb:78:6a:19:cd:3b:41:9f:2e:d7:64:ba:
45:55:29:c5:11:a8:07:04:97:a6:ee:0c:e4:a9:82:3e:1d:a9:
c7:43:42:70:0e:07:a1:23:95:1e:f7:92:68:c0:b4:95:95:fd:
2e:73:5e:b6:cf:51:ab:a0:a6:3a:e6:fb:b3:14:c8:a9:80:99:
91:06:f9:cd:cd:bb:06:0e:56:63:1b:6f:22:a5:89:0b:38:5d:
09:89:60:98:49:ea:a7:24:8b:33:97:81:e4:52:5a:9b:18:59:
2e:c3:8d:e2:e6:6a:54:fb:43:e5:51:4e:67:af:e4:be:c9:e0:
a0:45:0f:b1:2b:54:a2:6c:48:49:8f:c2:27:e2:30:5b:96:9a:
5b:50:30:6e:bf:a7:8c:a9:66:26:53:59:fb:0d:98:f1:3e:c0:
5f:f0:8a:82:b9:6d:03:6a:7e:bd:64:eb:f0:47:6b:a2:25:f0:
0a:d8:aa:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATdTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTUxMzA4WhcNMjgwMTAzMTUxMzA4WjAYMRYw
FAYDVQQDEw02NzdlOTYwOC0xODgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqEtcDJBq9zzUzKav6TQsfP1rfvWjR1Tv2RleI8NpuwwjoGt7B53vzAqE
aKi7a7ltuB6oTBWhLkB1fxofSSippJ+oy2GmJxA9UWZnN2oiDXGkBbAm8+iyzYxh
Zxb/mEHq0fzdoyyVICTii+ksm0gJ5gB9XklUCZj653xIIQIXm0ET29zAgI+GodHs
H/c75B8ffkc/L4Jgr7eOVk20zgeuquUjMitq10L3+lqNiucqeONkkTnmfgD0DZKW
0SkxWKq/mk1ZbTyFm+uHT2htX4oMWbJYmfCYYQ8QRbbbqVAGjp2vObPhFe/PFKZO
FRvot73NzmAhTN6wWzNGP3TWZ2m9qQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOat
IX0isQotFLmr7nNQUFyqfGOdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMzUyRjY0OENERDMxMUVGQjA5NkVDNzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlMZMA0GCSqGSIb3DQEB
CwUAA4IBAQAdN76Q5115SUodAoJRbR5cvJdOqWuL1HwM4goP/2mBv0y23olP/FP4
i8xSnmBQlXnYF0buja5oNc+3IEndc6TJVml2Z/7EL8psr9Zg8ea7eGoZzTtBny7X
ZLpFVSnFEagHBJem7gzkqYI+HanHQ0JwDgehI5Ue95JowLSVlf0uc162z1GroKY6
5vuzFMipgJmRBvnNzbsGDlZjG28ipYkLOF0JiWCYSeqnJIszl4HkUlqbGFkuw43i
5mpU+0PlUU5nr+S+yeCgRQ+xK1SibEhJj8In4jBblppbUDBuv6eMqWYmU1n7DZjx
PsBf8IqCuW0Dan69ZOvwR2uiJfAK2KqI
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:53:15 2025 by rpki-client