Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18079E38C37D11EFAE2482B4762E951A.roa
File: 18079E38C37D11EFAE2482B4762E951A.roa (raw, json)
Hash identifier: rrTNn3vI4swHOYy+rSfNm07zAlzYlqLE6vZfy3pNUj4=
Subject key identifier: 08:E5:45:22:8D:39:11:25:3E:41:18:14:AA:E9:90:72:54:7A:4F:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012736
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18079E38C37D11EFAE2482B4762E951A.roa
Signing time: Thu 26 Dec 2024 11:32:31 +0000
ROA not before: Thu 26 Dec 2024 11:32:27 +0000
ROA not after: Fri 12 Dec 2025 11:32:27 +0000
asID: 984
IP address blocks: 154.94.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75574 (0x12736)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 11:32:27 2024 GMT
Not After : Dec 12 11:32:27 2025 GMT
Subject: CN=676d3ecf-18ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:53:b1:0d:30:af:e5:39:e8:b0:61:02:bf:b6:
e8:11:5f:ec:94:d0:b8:52:76:c2:6f:26:f5:6d:36:
a9:e4:73:ae:35:c3:e3:38:bd:8c:8f:54:06:b2:9f:
1a:04:71:54:bf:ba:4a:3c:c6:25:30:b6:f4:17:68:
53:1e:69:98:91:8a:b5:51:82:89:c8:24:fb:7f:36:
fa:cf:88:7f:3d:2d:57:bf:94:5c:2e:41:72:d6:80:
74:75:e6:9a:d0:a0:91:01:8e:82:c8:e6:e6:d2:9f:
13:c7:e4:f6:1f:d1:37:93:4e:4d:fc:4d:01:83:99:
d0:78:26:0b:72:e3:0d:62:42:60:6d:a4:57:15:53:
54:39:29:cd:7a:17:23:6f:cf:01:6a:b6:16:d4:11:
6d:18:af:65:e1:9d:80:fe:11:ae:60:4f:a0:e4:0a:
38:10:1d:98:4c:0a:76:f6:8b:c5:89:e7:82:c5:da:
70:cf:72:41:bf:c6:64:c3:57:c5:84:e7:c0:a0:98:
75:30:3c:e4:1f:78:a8:32:50:6b:02:b2:78:d4:ec:
96:6e:85:47:67:41:3f:97:32:ca:02:9a:22:56:0e:
28:33:24:34:df:62:d8:6a:1c:b2:31:8c:01:4d:33:
2e:59:e2:76:df:42:80:71:f5:df:c8:4b:b0:c9:0c:
67:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E5:45:22:8D:39:11:25:3E:41:18:14:AA:E9:90:72:54:7A:4F:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18079E38C37D11EFAE2482B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.178.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:a8:23:f2:b8:5e:e1:13:4d:5d:d9:bb:c4:21:5a:fb:94:10:
5a:05:f1:93:cf:04:9a:09:6f:ba:5d:a9:b8:53:9b:9b:6c:fb:
0d:32:17:1d:43:ee:c8:77:04:30:5c:4c:e0:f4:8c:eb:aa:23:
9a:1f:49:1b:05:b0:ca:ce:6f:21:0c:44:57:43:61:db:a4:35:
e8:7f:2b:1e:d8:50:fb:88:c6:3a:13:73:d7:b0:15:f2:1f:ac:
28:dc:94:48:20:f5:51:0d:ae:37:0c:be:4d:a4:dd:23:11:6b:
58:fa:2a:66:57:43:f5:5b:14:5a:46:f0:05:b6:69:16:e7:5d:
f0:1d:29:74:73:b9:bc:8b:80:41:e4:ef:f2:fe:bb:e9:4b:32:
8c:6a:b1:c1:d0:52:b3:eb:cb:31:4b:6d:c2:3e:3d:73:ad:dc:
de:5e:a1:e4:7c:55:63:70:89:12:53:f3:a7:93:cc:99:97:49:
80:20:50:8b:ec:c5:e3:4c:85:b9:d2:56:a9:1b:ca:dc:2c:05:
53:4d:12:f3:da:6a:dc:2e:7a:e6:e7:eb:a8:60:53:55:64:c9:
77:1e:10:5a:4b:d9:03:79:4f:14:dd:25:ad:92:c4:75:39:e3:
b5:41:c1:e4:33:18:3f:c2:20:86:1f:68:6e:51:5b:90:23:e9:
71:62:85:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASc2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTEzMjI3WhcNMjUxMjEyMTEzMjI3WjAYMRYw
FAYDVQQDEw02NzZkM2VjZi0xOGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlOxDTCv5TnosGECv7boEV/slNC4UnbCbyb1bTap5HOuNcPjOL2Mj1QG
sp8aBHFUv7pKPMYlMLb0F2hTHmmYkYq1UYKJyCT7fzb6z4h/PS1Xv5RcLkFy1oB0
deaa0KCRAY6CyObm0p8Tx+T2H9E3k05N/E0Bg5nQeCYLcuMNYkJgbaRXFVNUOSnN
ehcjb88BarYW1BFtGK9l4Z2A/hGuYE+g5Ao4EB2YTAp29ovFieeCxdpwz3JBv8Zk
w1fFhOfAoJh1MDzkH3ioMlBrArJ41OyWboVHZ0E/lzLKApoiVg4oMyQ032LYahyy
MYwBTTMuWeJ230KAcfXfyEuwyQxn8wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAjl
RSKNORElPkEYFKrpkHJUek97MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xODA3OUUzOEMzN0QxMUVGQUUyNDgyQjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml6yMA0GCSqGSIb3DQEB
CwUAA4IBAQBsqCPyuF7hE01d2bvEIVr7lBBaBfGTzwSaCW+6Xam4U5ubbPsNMhcd
Q+7IdwQwXEzg9IzrqiOaH0kbBbDKzm8hDERXQ2HbpDXofyse2FD7iMY6E3PXsBXy
H6wo3JRIIPVRDa43DL5NpN0jEWtY+ipmV0P1WxRaRvAFtmkW513wHSl0c7m8i4BB
5O/y/rvpSzKMarHB0FKz68sxS23CPj1zrdzeXqHkfFVjcIkSU/Onk8yZl0mAIFCL
7MXjTIW50lapG8rcLAVTTRLz2mrcLnrm5+uoYFNVZMl3HhBaS9kDeU8U3SWtksR1
OeO1QcHkMxg/wiCGH2huUVuQI+lxYoXT
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:28 2025 by rpki-client