Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14BF16F6C26111EFB16B6EA0762E951A.roa
File: 14BF16F6C26111EFB16B6EA0762E951A.roa (raw, json)
Hash identifier: rjPXRd2QVqSg83Ak2twqVgJAYFLGiY6Q+WFCIeiM8gA=
Subject key identifier: 10:9A:27:13:7E:58:0D:FB:15:78:4B:12:6F:8F:EE:E1:6E:DA:2F:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0123B2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14BF16F6C26111EFB16B6EA0762E951A.roa
Signing time: Wed 25 Dec 2024 01:39:29 +0000
ROA not before: Wed 25 Dec 2024 01:39:25 +0000
ROA not after: Wed 10 Dec 2025 01:39:25 +0000
asID: 984
IP address blocks: 154.199.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74674 (0x123b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 01:39:25 2024 GMT
Not After : Dec 10 01:39:25 2025 GMT
Subject: CN=676b6251-48dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:69:9f:c8:00:88:ef:80:f8:b0:46:6d:2d:b6:
c0:3d:68:71:6f:23:4f:65:30:bf:16:31:e0:82:0b:
03:9a:12:d4:e8:59:59:d0:01:e1:fc:ea:81:c0:c7:
07:d4:8f:98:c6:81:cd:ab:a7:07:0a:67:fe:09:a5:
d3:19:b8:71:c0:de:26:94:64:90:25:87:3e:cf:09:
a0:46:52:e6:95:43:3d:34:30:c2:34:a2:44:62:7c:
d4:3c:05:88:c5:79:3b:b5:92:80:2f:81:10:46:c8:
5f:62:77:64:e2:43:25:26:89:f9:ef:4b:0d:64:86:
1a:f9:47:5e:4d:eb:39:6c:29:6f:e5:9b:00:21:45:
e7:be:71:02:cc:97:86:09:d7:9d:d9:99:00:83:75:
eb:82:69:9f:45:03:16:d6:4d:52:93:36:89:6f:d8:
f0:41:5a:2c:2b:71:a7:52:9b:7d:44:c8:27:26:2d:
28:ac:d3:41:af:23:c7:68:1b:6e:04:a4:be:7c:33:
d3:fd:c0:3a:4e:4c:c8:b9:6e:b0:8e:43:4a:7e:67:
84:0d:12:08:c0:b1:71:a5:bc:4d:ae:df:cb:0c:1f:
78:57:47:96:83:fd:b8:3b:bb:ee:12:7d:45:7f:c9:
2b:83:d3:86:57:fe:83:9d:6d:dd:f0:4a:59:9e:9f:
18:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9A:27:13:7E:58:0D:FB:15:78:4B:12:6F:8F:EE:E1:6E:DA:2F:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14BF16F6C26111EFB16B6EA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.102.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:8e:33:e1:9e:5f:43:88:e9:9c:9e:ee:1c:2d:0e:cb:1f:14:
3e:d8:dd:38:c6:66:f1:64:6b:ae:8c:39:5c:86:30:3b:b6:ab:
3d:d6:0a:f2:4b:b8:89:00:d4:a9:33:c5:55:73:e4:3e:95:18:
ed:40:b9:39:94:51:cd:dd:24:10:f9:02:37:33:b9:8c:4c:fd:
c2:43:d9:8c:b6:87:33:f6:5c:6c:09:04:b1:79:e8:de:fd:21:
5c:97:95:42:39:aa:64:cf:44:90:4b:5c:b4:8d:5c:88:ad:f4:
49:2d:bf:10:03:b6:39:77:47:e9:1c:ac:65:e4:d1:15:f7:98:
c1:5d:ae:f6:b3:33:cc:f3:24:3e:a1:1a:56:9b:2b:66:d0:a7:
7c:c3:29:58:e4:2a:d0:33:35:cb:e3:c7:71:eb:bb:e0:63:df:
e7:97:3f:28:24:fa:06:71:f5:94:86:b5:64:11:78:44:8f:69:
11:fb:53:fa:7a:c6:22:e0:e3:6f:5d:1d:95:27:9d:0f:34:76:
ee:0f:57:5d:c7:06:26:07:3b:4e:9e:bc:14:0e:9f:6f:f7:05:
08:87:39:0f:f3:3d:67:0a:c8:31:99:06:c5:70:29:f3:cf:fd:
cf:26:9a:a0:93:15:ea:99:8f:f0:d5:e1:5a:a3:cd:e7:30:8d:
81:29:a3:17
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASOyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDEzOTI1WhcNMjUxMjEwMDEzOTI1WjAYMRYw
FAYDVQQDEw02NzZiNjI1MS00OGRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2GmfyACI74D4sEZtLbbAPWhxbyNPZTC/FjHgggsDmhLU6FlZ0AHh/OqB
wMcH1I+YxoHNq6cHCmf+CaXTGbhxwN4mlGSQJYc+zwmgRlLmlUM9NDDCNKJEYnzU
PAWIxXk7tZKAL4EQRshfYndk4kMlJon570sNZIYa+UdeTes5bClv5ZsAIUXnvnEC
zJeGCded2ZkAg3XrgmmfRQMW1k1SkzaJb9jwQVosK3GnUpt9RMgnJi0orNNBryPH
aBtuBKS+fDPT/cA6TkzIuW6wjkNKfmeEDRIIwLFxpbxNrt/LDB94V0eWg/24O7vu
En1Ff8krg9OGV/6DnW3d8EpZnp8YdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBCa
JxN+WA37FXhLEm+P7uFu2i/cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNEJGMTZGNkMyNjExMUVGQjE2QjZFQTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsdmMA0GCSqGSIb3DQEB
CwUAA4IBAQCLjjPhnl9DiOmcnu4cLQ7LHxQ+2N04xmbxZGuujDlchjA7tqs91gry
S7iJANSpM8VVc+Q+lRjtQLk5lFHN3SQQ+QI3M7mMTP3CQ9mMtocz9lxsCQSxeeje
/SFcl5VCOapkz0SQS1y0jVyIrfRJLb8QA7Y5d0fpHKxl5NEV95jBXa72szPM8yQ+
oRpWmytm0Kd8wylY5CrQMzXL48dx67vgY9/nlz8oJPoGcfWUhrVkEXhEj2kR+1P6
esYi4ONvXR2VJ50PNHbuD1ddxwYmBztOnrwUDp9v9wUIhzkP8z1nCsgxmQbFcCnz
z/3PJpqgkxXqmY/w1eFao83nMI2BKaMX
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:52 2025 by rpki-client