Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1820ECB8C1DD11EF8AF2D054762E951A.roa
File: 1820ECB8C1DD11EF8AF2D054762E951A.roa (raw, json)
Hash identifier: AbVueTR83z4KI0dRwoXvC/QD1fg4/J/0UJOUwIQQTWI=
Subject key identifier: 75:7C:86:8A:83:8C:4B:0A:F7:E3:A8:47:30:1E:A7:8A:C3:5E:96:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012319
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1820ECB8C1DD11EF8AF2D054762E951A.roa
Signing time: Tue 24 Dec 2024 09:54:41 +0000
ROA not before: Tue 24 Dec 2024 09:54:37 +0000
ROA not after: Wed 10 Dec 2025 09:54:37 +0000
asID: 984
IP address blocks: 154.199.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74521 (0x12319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 09:54:37 2024 GMT
Not After : Dec 10 09:54:37 2025 GMT
Subject: CN=676a84e1-c51e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f4:27:e6:bd:cc:79:11:c5:b3:69:e8:f6:c2:
56:88:3d:65:f5:87:1c:09:98:87:76:a4:19:9d:c7:
2b:7e:f6:77:a1:ef:09:c2:ee:77:ae:8b:19:0d:81:
dc:0f:d5:44:64:55:61:50:2d:b3:b3:fb:53:ab:6e:
06:0a:d9:cc:50:4a:fb:0b:fe:11:29:a7:e7:55:fc:
d3:ca:12:13:cc:33:a8:5c:76:a1:70:77:2a:85:8c:
a1:31:cb:ac:19:c1:97:a7:56:93:c7:6b:72:0d:6b:
5f:0e:ea:70:02:a6:08:42:2e:4b:be:0f:f6:38:23:
cf:55:bc:cc:05:b6:df:ac:27:bc:bb:5a:b8:5d:c7:
86:22:65:e2:a6:e9:40:15:7f:af:95:0b:e6:9d:c1:
62:d1:aa:f2:cc:f2:43:60:9d:ba:dd:0d:27:3d:3e:
6e:20:71:30:40:a0:6e:47:f4:1b:80:d5:de:77:98:
0b:a7:15:73:c1:22:84:fd:67:05:74:d3:42:0b:9b:
db:c7:b4:15:99:0e:a4:db:a1:71:04:ee:00:eb:78:
44:27:b8:69:4f:69:7a:d2:2a:2d:66:bc:9b:b8:5f:
08:55:16:96:1a:49:bc:49:b5:24:df:32:51:ef:dd:
57:be:a3:af:1e:0c:de:cb:be:06:c7:af:26:03:11:
87:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:7C:86:8A:83:8C:4B:0A:F7:E3:A8:47:30:1E:A7:8A:C3:5E:96:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1820ECB8C1DD11EF8AF2D054762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.29.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:27:99:63:80:67:f0:3a:90:1b:80:b0:68:7a:4d:30:5f:3d:
98:5a:40:08:41:49:66:48:c2:05:0a:a9:15:76:f4:71:9c:9a:
bb:2d:a5:ea:9a:a2:be:51:6c:d7:d1:9d:48:5d:68:25:e5:6f:
51:1c:6c:c9:e9:52:b1:09:7b:73:a3:35:9a:bb:4c:3a:13:aa:
3a:00:18:fb:c4:f5:fa:ca:96:75:d8:90:ae:0b:0d:bc:17:3f:
0b:c9:65:07:1b:3f:7c:35:d1:29:d1:ee:18:1e:19:25:36:1f:
09:4c:5b:74:0b:51:f0:ac:0b:53:37:cd:21:88:a6:b8:94:ae:
e9:6c:3b:b0:44:be:91:23:76:71:8f:3c:0c:b9:07:23:9a:7f:
c3:d5:53:fc:be:a4:6b:3b:27:12:4d:06:51:bb:2b:f2:8f:54:
22:a9:da:65:7c:0b:6b:f2:67:1b:15:29:d7:82:29:27:97:40:
28:29:98:32:58:58:3b:79:ce:5b:ad:47:3c:1b:8e:ac:64:88:
e3:1a:04:41:0d:10:5e:dc:0c:c5:88:ed:7d:83:3e:b8:8f:c9:
18:09:29:c9:5b:fb:57:f0:6f:cd:2a:10:40:f6:1e:d2:b0:26:
a9:95:5d:6a:d2:0f:97:18:e4:cf:3a:d6:31:2e:a7:c7:4b:16:
53:fe:4b:f2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASMZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDk1NDM3WhcNMjUxMjEwMDk1NDM3WjAYMRYw
FAYDVQQDEw02NzZhODRlMS1jNTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzPQn5r3MeRHFs2no9sJWiD1l9YccCZiHdqQZnccrfvZ3oe8Jwu53rosZ
DYHcD9VEZFVhUC2zs/tTq24GCtnMUEr7C/4RKafnVfzTyhITzDOoXHahcHcqhYyh
McusGcGXp1aTx2tyDWtfDupwAqYIQi5Lvg/2OCPPVbzMBbbfrCe8u1q4XceGImXi
pulAFX+vlQvmncFi0aryzPJDYJ263Q0nPT5uIHEwQKBuR/QbgNXed5gLpxVzwSKE
/WcFdNNCC5vbx7QVmQ6k26FxBO4A63hEJ7hpT2l60iotZrybuF8IVRaWGkm8SbUk
3zJR791XvqOvHgzey74Gx68mAxGHvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHV8
hoqDjEsK9+OoRzAep4rDXpbvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xODIwRUNCOEMxREQxMUVGOEFGMkQwNTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscdMA0GCSqGSIb3DQEB
CwUAA4IBAQCwJ5ljgGfwOpAbgLBoek0wXz2YWkAIQUlmSMIFCqkVdvRxnJq7LaXq
mqK+UWzX0Z1IXWgl5W9RHGzJ6VKxCXtzozWau0w6E6o6ABj7xPX6ypZ12JCuCw28
Fz8LyWUHGz98NdEp0e4YHhklNh8JTFt0C1HwrAtTN80hiKa4lK7pbDuwRL6RI3Zx
jzwMuQcjmn/D1VP8vqRrOycSTQZRuyvyj1QiqdplfAtr8mcbFSnXgiknl0AoKZgy
WFg7ec5brUc8G46sZIjjGgRBDRBe3AzFiO19gz64j8kYCSnJW/tX8G/NKhBA9h7S
sCaplV1q0g+XGOTPOtYxLqfHSxZT/kvy
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:43 2025 by rpki-client