Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/171663DCC5EA11EF9235139C762E951A.roa
File: 171663DCC5EA11EF9235139C762E951A.roa (raw, json)
Hash identifier: mdNXN5XEsF2OwiZFs37wv06QTJGFWJLg+totHALbrus=
Subject key identifier: 89:C6:F2:6A:F3:EF:0B:BC:AF:27:33:85:6E:C6:99:E2:5E:DC:60:10
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D9C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/171663DCC5EA11EF9235139C762E951A.roa
Signing time: Sun 29 Dec 2024 13:37:47 +0000
ROA not before: Sun 29 Dec 2024 13:37:44 +0000
ROA not after: Fri 12 Dec 2025 13:37:44 +0000
asID: 984
IP address blocks: 154.210.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77212 (0x12d9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 13:37:44 2024 GMT
Not After : Dec 12 13:37:44 2025 GMT
Subject: CN=677150ab-b928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d3:ca:c0:7f:7b:2a:3a:73:ab:d0:ec:26:2b:
c8:52:4d:34:80:a0:61:41:a0:36:8d:d3:93:0a:46:
a7:12:35:4a:9d:a0:a7:36:6f:cd:bc:e7:18:6c:c1:
16:fb:c5:50:4a:4f:ff:95:4a:75:c4:92:3e:35:5b:
17:88:a9:2a:63:13:a1:b8:2d:b6:0f:9f:b9:94:3f:
dc:a8:ef:2d:89:a8:70:b4:61:e5:63:7b:24:35:14:
f7:66:35:27:40:54:11:e3:9a:ea:2c:6d:14:80:ee:
54:22:03:6c:44:6c:0c:99:cb:9e:c0:f9:ee:28:94:
3f:db:76:54:eb:41:23:70:71:62:7f:3c:b5:14:82:
45:5f:6f:1b:15:01:ea:d5:6f:71:b4:82:96:ca:a7:
0f:94:23:08:08:b3:c1:81:9a:8a:0c:b8:d5:3d:a9:
09:c9:de:14:e0:4b:02:ad:f1:9a:3a:37:af:7a:11:
61:9b:96:ef:fb:e7:50:2b:ff:e7:54:05:9d:e0:ef:
f3:90:6f:79:59:a5:69:d4:d3:7c:e1:96:a8:f0:1c:
84:1e:a0:45:c2:c7:1d:a2:79:43:b4:f4:9c:c7:cb:
51:16:d7:ee:dd:80:a0:94:a6:8a:75:3d:11:3e:1b:
9b:f2:05:b2:7e:0f:ba:2c:43:46:86:e5:c5:88:83:
2c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C6:F2:6A:F3:EF:0B:BC:AF:27:33:85:6E:C6:99:E2:5E:DC:60:10
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/171663DCC5EA11EF9235139C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.253.0/24
Signature Algorithm: sha256WithRSAEncryption
32:8a:d5:f7:63:74:55:06:01:75:0c:a9:86:fe:b9:35:4a:1b:
70:7e:82:bb:89:97:c7:7f:32:89:0a:42:2c:2f:cc:3c:75:e6:
00:bd:f9:ad:6a:61:86:19:b7:3a:c9:b3:54:14:a8:1a:2d:2b:
08:c1:0c:b1:83:1c:8d:a5:1d:78:38:ea:a2:09:9a:11:cf:23:
d6:05:00:4d:91:8e:8c:13:bb:34:1a:c8:5e:16:2d:ff:57:9b:
65:60:f9:f5:17:f3:fd:93:a5:70:7a:c3:b2:25:60:53:d6:fb:
7d:41:32:a2:f6:6c:1c:99:ce:fa:75:79:2d:aa:46:b6:70:37:
a5:de:33:67:cf:a2:b0:36:b1:ce:d4:8d:2e:8b:e1:73:25:9a:
a4:82:85:d1:fa:bc:07:7f:5a:cd:79:94:0d:1d:e9:03:ce:85:
e9:23:c6:8b:97:ea:d0:23:56:82:42:41:a9:31:de:c6:3d:f2:
b0:d2:be:13:f9:fb:29:e3:28:c5:1c:b9:1b:d2:56:32:87:3a:
4b:f1:e2:91:7a:39:bd:6c:e1:29:9b:5d:04:9e:30:eb:87:02:
7d:6c:09:fe:38:e1:e5:45:7c:9b:b6:a8:ce:64:0b:e0:d3:26:
0d:1e:18:e2:69:08:55:66:e2:05:bb:f8:18:c9:28:1c:6b:46:
ad:12:f0:90
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS2cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTMzNzQ0WhcNMjUxMjEyMTMzNzQ0WjAYMRYw
FAYDVQQDEw02NzcxNTBhYi1iOTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvtPKwH97Kjpzq9DsJivIUk00gKBhQaA2jdOTCkanEjVKnaCnNm/NvOcY
bMEW+8VQSk//lUp1xJI+NVsXiKkqYxOhuC22D5+5lD/cqO8tiahwtGHlY3skNRT3
ZjUnQFQR45rqLG0UgO5UIgNsRGwMmcuewPnuKJQ/23ZU60EjcHFifzy1FIJFX28b
FQHq1W9xtIKWyqcPlCMICLPBgZqKDLjVPakJyd4U4EsCrfGaOjevehFhm5bv++dQ
K//nVAWd4O/zkG95WaVp1NN84Zao8ByEHqBFwscdonlDtPScx8tRFtfu3YCglKaK
dT0RPhub8gWyfg+6LENGhuXFiIMs8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFInG
8mrz7wu8ryczhW7GmeJe3GAQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNzE2NjNEQ0M1RUExMUVGOTIzNTEzOUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtL9MA0GCSqGSIb3DQEB
CwUAA4IBAQAyitX3Y3RVBgF1DKmG/rk1ShtwfoK7iZfHfzKJCkIsL8w8deYAvfmt
amGGGbc6ybNUFKgaLSsIwQyxgxyNpR14OOqiCZoRzyPWBQBNkY6ME7s0GsheFi3/
V5tlYPn1F/P9k6VwesOyJWBT1vt9QTKi9mwcmc76dXktqka2cDel3jNnz6KwNrHO
1I0ui+FzJZqkgoXR+rwHf1rNeZQNHekDzoXpI8aLl+rQI1aCQkGpMd7GPfKw0r4T
+fsp4yjFHLkb0lYyhzpL8eKRejm9bOEpm10EnjDrhwJ9bAn+OOHlRXybtqjOZAvg
0yYNHhjiaQhVZuIFu/gYySgca0atEvCQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:04:06 2025 by rpki-client