Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/168C5B28C61311EF87C4179C762E951A.roa
File: 168C5B28C61311EF87C4179C762E951A.roa (raw, json)
Hash identifier: wwnKO1HpatD5tomhTeix42uNoZQVhb7rf81n71fDPDc=
Subject key identifier: 73:B8:DE:B8:5B:69:AE:AC:CC:F5:AE:64:6A:C5:A9:57:FF:E3:55:61
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012EF8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/168C5B28C61311EF87C4179C762E951A.roa
Signing time: Sun 29 Dec 2024 18:31:16 +0000
ROA not before: Sun 29 Dec 2024 18:31:12 +0000
ROA not after: Sun 12 Dec 2027 18:31:12 +0000
asID: 17561
IP address blocks: 154.217.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77560 (0x12ef8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 18:31:12 2024 GMT
Not After : Dec 12 18:31:12 2027 GMT
Subject: CN=67719574-3e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:7b:44:a9:ee:95:3a:8f:28:d6:a4:5b:1d:d3:
0f:9c:20:69:9f:c4:c9:25:fd:72:54:20:d3:6d:f6:
a4:2b:a5:8b:85:9c:fa:c3:f2:0b:ab:d6:33:37:d0:
13:fe:13:4f:d2:69:22:06:f4:4a:ea:c2:ec:71:97:
07:19:1a:37:31:db:a9:60:7c:6d:31:30:5e:d8:52:
68:ef:0f:34:28:4b:84:83:5d:ea:4b:a4:82:06:19:
82:af:af:8f:b1:02:9b:25:c2:89:a2:70:f9:ee:6e:
d6:92:4b:fe:45:f7:42:cc:28:fd:cb:a3:e1:5b:94:
62:c3:8c:2d:b0:87:7a:67:06:98:86:a1:ab:2a:de:
d3:19:98:1a:ba:ce:06:64:af:9d:cd:ce:37:51:f9:
22:45:13:7b:7d:3b:3f:a3:66:c4:a9:71:62:a1:b7:
62:ed:6d:bb:85:51:04:81:bf:be:10:15:17:41:8b:
1b:b3:c9:ca:25:38:9f:b8:cc:17:a9:49:f2:bf:ae:
b3:44:ce:c3:3b:ff:8d:22:19:29:bd:77:60:49:51:
99:76:f5:87:1f:2c:41:e2:3c:b8:43:cb:12:0b:df:
b7:de:8e:95:68:5d:d2:74:33:e4:8c:27:e0:46:26:
a4:58:20:7f:c4:f6:9a:14:f5:56:45:f1:df:76:ac:
fc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B8:DE:B8:5B:69:AE:AC:CC:F5:AE:64:6A:C5:A9:57:FF:E3:55:61
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/168C5B28C61311EF87C4179C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.95.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:8b:d7:b6:e0:96:e6:88:27:90:ab:97:29:7d:27:52:d2:b3:
a8:87:78:15:95:d0:85:a1:19:c5:fd:cf:d3:ee:a1:e1:51:7a:
a6:e1:e1:62:4b:d6:44:48:ce:59:75:2a:ac:a0:51:0c:45:34:
42:11:71:0d:b1:05:3b:5a:1e:15:aa:9f:cb:68:a0:18:7a:c6:
3f:40:23:5c:43:5a:43:bb:1d:25:f9:cb:00:43:4c:60:1a:3b:
94:ed:80:ef:80:d0:cb:c4:36:06:9c:46:83:d7:b5:f1:c2:3f:
61:4c:78:99:0d:e9:4b:44:90:9e:10:87:f2:66:01:3d:c9:65:
6c:41:10:74:21:15:cf:28:58:9f:1a:64:11:e7:d0:2c:b3:98:
a6:25:e8:33:0f:e6:7c:5e:b1:07:03:30:1c:ae:60:fe:c1:6a:
0a:99:0e:9e:ba:55:21:0c:ad:0a:29:6f:61:9a:15:94:6d:5f:
13:7f:2c:bd:ca:d5:a0:f8:92:ad:35:77:f0:3e:8c:c3:3e:a8:
5c:f1:41:8d:aa:20:d8:0e:fb:1d:dc:e1:c3:cc:50:f2:3f:cd:
7a:94:64:cc:e6:c7:4b:a2:7a:98:60:09:4c:80:6b:1a:30:90:
eb:e3:88:9d:39:75:6b:87:c6:ba:e2:7d:55:0d:45:17:3a:fc:
8c:13:fc:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS74MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTgzMTEyWhcNMjcxMjEyMTgzMTEyWjAYMRYw
FAYDVQQDEw02NzcxOTU3NC0zZTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7HtEqe6VOo8o1qRbHdMPnCBpn8TJJf1yVCDTbfakK6WLhZz6w/ILq9Yz
N9AT/hNP0mkiBvRK6sLscZcHGRo3MdupYHxtMTBe2FJo7w80KEuEg13qS6SCBhmC
r6+PsQKbJcKJonD57m7Wkkv+RfdCzCj9y6PhW5Riw4wtsId6ZwaYhqGrKt7TGZga
us4GZK+dzc43UfkiRRN7fTs/o2bEqXFiobdi7W27hVEEgb++EBUXQYsbs8nKJTif
uMwXqUnyv66zRM7DO/+NIhkpvXdgSVGZdvWHHyxB4jy4Q8sSC9+33o6VaF3SdDPk
jCfgRiakWCB/xPaaFPVWRfHfdqz8FQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHO4
3rhbaa6szPWuZGrFqVf/41VhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNjhDNUIyOEM2MTMxMUVGODdDNDE3OUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtlfMA0GCSqGSIb3DQEB
CwUAA4IBAQDUi9e24JbmiCeQq5cpfSdS0rOoh3gVldCFoRnF/c/T7qHhUXqm4eFi
S9ZESM5ZdSqsoFEMRTRCEXENsQU7Wh4Vqp/LaKAYesY/QCNcQ1pDux0l+csAQ0xg
GjuU7YDvgNDLxDYGnEaD17Xxwj9hTHiZDelLRJCeEIfyZgE9yWVsQRB0IRXPKFif
GmQR59Ass5imJegzD+Z8XrEHAzAcrmD+wWoKmQ6eulUhDK0KKW9hmhWUbV8Tfyy9
ytWg+JKtNXfwPozDPqhc8UGNqiDYDvsd3OHDzFDyP816lGTM5sdLonqYYAlMgGsa
MJDr44idOXVrh8a64n1VDUUXOvyME/zR
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:45:13 2025 by rpki-client