Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BD7C7A2C0C811EFA3A7A96C762E951A.roa
File: 1BD7C7A2C0C811EFA3A7A96C762E951A.roa (raw, json)
Hash identifier: HWY9fkUm5zJmhxB7AtxqRlqP+3tcPLR1qo5m2724Eog=
Subject key identifier: C1:91:68:CF:F5:BF:D3:CA:5C:D9:D1:4F:AC:A4:16:A5:0B:46:E3:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011DD0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BD7C7A2C0C811EFA3A7A96C762E951A.roa
Signing time: Mon 23 Dec 2024 00:51:57 +0000
ROA not before: Mon 23 Dec 2024 00:00:53 +0000
ROA not after: Wed 10 Dec 2025 00:00:53 +0000
asID: 984
IP address blocks: 154.82.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73168 (0x11dd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 00:00:53 2024 GMT
Not After : Dec 10 00:00:53 2025 GMT
Subject: CN=6768b42c-760a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:20:d4:c0:f1:b3:ba:9a:bb:98:f2:f3:0e:27:
15:af:17:bc:b9:fb:67:a9:60:da:34:60:39:1f:0e:
8d:e2:87:a4:2d:1b:bb:a8:cd:d5:fb:c8:96:51:4b:
57:fd:ba:6f:bb:04:d6:58:fa:b4:76:ed:24:1f:52:
81:57:79:42:64:a2:b4:84:24:1a:e7:a5:ed:6f:ef:
a5:91:62:f3:d3:82:08:60:26:be:66:39:85:4b:e3:
42:24:bd:b0:7f:76:96:ca:54:c5:96:da:37:58:f8:
c5:6d:3f:62:d0:62:19:6f:7e:86:1f:70:15:f1:dd:
27:6e:93:91:9c:f6:ae:f9:9b:f6:71:50:53:13:26:
b4:e2:28:a2:81:50:ac:57:77:9e:8f:2e:f1:2b:ea:
ad:1c:cc:b9:c8:19:34:6b:8f:25:45:bc:52:d0:97:
c6:5a:f5:c9:c1:54:f7:a8:f3:b7:a4:3e:58:ab:a8:
8d:e3:b5:a1:a8:7e:67:88:ed:51:a2:ff:77:16:3d:
d6:a6:7f:1a:57:66:16:72:42:eb:c2:9f:15:21:64:
42:07:e2:17:6e:bc:75:56:17:d8:43:ef:10:e2:b2:
ea:b0:7f:5c:84:ab:0c:39:cb:bc:26:de:d2:e4:14:
7b:c4:83:3b:c1:05:a1:85:c8:83:3b:8e:06:59:42:
d6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:91:68:CF:F5:BF:D3:CA:5C:D9:D1:4F:AC:A4:16:A5:0B:46:E3:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BD7C7A2C0C811EFA3A7A96C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.219.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b9:cf:18:d3:d7:41:7d:95:75:29:69:f5:f8:52:37:a3:87:
d7:87:83:67:e5:5e:4f:ed:84:fb:a5:dc:54:a5:dc:7d:b6:6b:
2b:15:51:27:6d:71:bb:c2:0d:dc:2d:6c:06:3a:f8:1b:dd:b0:
de:73:03:b7:12:2f:30:70:d5:9c:b6:a1:ea:a9:8f:29:eb:ac:
3e:76:64:77:48:31:9a:f5:38:1e:db:d4:a2:20:91:89:6a:b6:
0f:24:9a:19:c5:a0:00:2a:9e:29:c9:55:62:ce:b5:38:66:98:
65:1c:57:4e:34:d5:d2:8a:ed:77:5c:6e:ed:fb:42:29:3c:08:
90:66:24:43:2b:07:05:02:c4:54:f7:fc:39:3c:62:f8:2c:47:
3f:b2:60:de:c9:25:ea:16:ac:66:dd:ce:aa:87:40:c2:94:a8:
b4:4e:a2:b5:4b:ea:7b:3b:9f:42:bc:2d:b7:b5:4a:4e:7b:07:
c7:2a:c7:85:1a:87:4f:21:3d:4d:60:81:1c:55:5e:26:47:3c:
c3:28:4c:e0:04:7c:bf:29:23:85:7f:58:b1:dc:44:a7:a6:05:
29:37:e4:ac:6a:ba:f2:2b:16:a6:55:d7:b4:a7:fd:81:27:ab:
35:e1:e3:52:28:f2:34:f6:2e:9d:14:7e:ab:c1:4c:e0:04:0d:
a4:68:24:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR3QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDAwMDUzWhcNMjUxMjEwMDAwMDUzWjAYMRYw
FAYDVQQDEw02NzY4YjQyYy03NjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3yDUwPGzupq7mPLzDicVrxe8uftnqWDaNGA5Hw6N4oekLRu7qM3V+8iW
UUtX/bpvuwTWWPq0du0kH1KBV3lCZKK0hCQa56Xtb++lkWLz04IIYCa+ZjmFS+NC
JL2wf3aWylTFlto3WPjFbT9i0GIZb36GH3AV8d0nbpORnPau+Zv2cVBTEya04iii
gVCsV3eejy7xK+qtHMy5yBk0a48lRbxS0JfGWvXJwVT3qPO3pD5Yq6iN47WhqH5n
iO1Rov93Fj3Wpn8aV2YWckLrwp8VIWRCB+IXbrx1VhfYQ+8Q4rLqsH9chKsMOcu8
Jt7S5BR7xIM7wQWhhciDO44GWULWYQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMGR
aM/1v9PKXNnRT6ykFqULRuNpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQkQ3QzdBMkMwQzgxMUVGQTNBN0E5NkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLbMA0GCSqGSIb3DQEB
CwUAA4IBAQBwuc8Y09dBfZV1KWn1+FI3o4fXh4Nn5V5P7YT7pdxUpdx9tmsrFVEn
bXG7wg3cLWwGOvgb3bDecwO3Ei8wcNWctqHqqY8p66w+dmR3SDGa9Tge29SiIJGJ
arYPJJoZxaAAKp4pyVVizrU4ZphlHFdONNXSiu13XG7t+0IpPAiQZiRDKwcFAsRU
9/w5PGL4LEc/smDeySXqFqxm3c6qh0DClKi0TqK1S+p7O59CvC23tUpOewfHKseF
GodPIT1NYIEcVV4mRzzDKEzgBHy/KSOFf1ix3ESnpgUpN+SsarryKxamVde0p/2B
J6s14eNSKPI09i6dFH6rwUzgBA2kaCRJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:56 2025 by rpki-client