Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CDB7AD4C26411EF9DAA17B8762E951A.roa
File: 1CDB7AD4C26411EF9DAA17B8762E951A.roa (raw, json)
Hash identifier: pb6wGMjFYBUk2Rtigjcxg5Zt+IYZLRkLer4h+862+rY=
Subject key identifier: 47:19:2E:BC:73:97:3E:18:4A:87:86:0D:EA:AC:62:7C:DA:C7:1E:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0123D4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CDB7AD4C26411EF9DAA17B8762E951A.roa
Signing time: Wed 25 Dec 2024 02:01:11 +0000
ROA not before: Wed 25 Dec 2024 02:01:07 +0000
ROA not after: Wed 10 Dec 2025 02:01:07 +0000
asID: 984
IP address blocks: 154.199.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74708 (0x123d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 02:01:07 2024 GMT
Not After : Dec 10 02:01:07 2025 GMT
Subject: CN=676b6767-3746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c0:ff:02:bd:9b:de:3e:24:f3:f6:43:f3:f1:
53:d0:f2:10:e5:65:25:be:49:23:64:bd:6b:13:39:
23:7f:ae:a2:a7:00:7c:42:f3:f4:e6:ef:18:24:ca:
41:dc:aa:88:bc:a9:07:dc:0a:4d:de:a9:92:0f:8a:
0c:29:90:08:cb:33:21:46:6a:ff:e0:84:f4:6a:45:
54:2e:83:9b:e5:e3:88:0d:79:ea:f3:ca:00:79:99:
b5:84:f3:bb:e9:06:88:dd:ee:5a:0a:a2:0b:d2:c2:
bf:10:bb:80:25:71:41:f0:5d:27:ce:21:ee:3c:84:
85:6e:d3:f1:07:3a:65:df:62:0a:f1:f6:94:f7:f6:
0a:78:49:92:85:20:b9:f4:fe:54:57:02:6d:e0:8a:
5e:b7:eb:39:4e:f7:96:e0:38:9a:56:8b:bf:1c:be:
f5:c6:6b:48:43:51:8a:8f:e2:be:c6:05:38:d6:1c:
9f:50:6a:dd:4e:ef:11:e7:50:6d:e0:da:74:de:10:
bd:9f:53:f8:7b:1e:5d:bc:11:1f:1a:df:1d:87:75:
98:f4:cd:13:4a:e8:e9:18:05:b8:41:cf:5c:c5:08:
ab:7d:c5:c2:99:ff:0f:72:27:39:44:88:4c:1c:4f:
33:b5:1c:bf:6f:48:7f:0f:e9:24:08:88:2f:4e:9e:
f1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:19:2E:BC:73:97:3E:18:4A:87:86:0D:EA:AC:62:7C:DA:C7:1E:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CDB7AD4C26411EF9DAA17B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.119.0/24
Signature Algorithm: sha256WithRSAEncryption
95:d2:bb:d1:b4:9d:a9:1e:3c:ba:fa:25:b4:6c:cd:73:46:c8:
be:32:19:5d:21:75:9b:e1:f9:78:19:f9:a9:58:a5:63:83:45:
4a:78:52:79:93:0a:ca:b8:b5:49:d1:1e:be:3c:11:e6:a1:f2:
fc:13:3d:a8:85:33:bd:71:bf:92:78:c2:83:3e:47:b3:44:6e:
a4:29:f5:5e:dd:a3:29:24:4e:29:cc:29:1e:2b:0f:b6:24:b7:
dc:f7:55:be:4b:5f:a4:67:18:fd:d0:a4:db:ea:e1:71:1f:dd:
0d:34:17:a6:cd:1a:4a:03:f7:8f:b7:50:40:ac:c5:61:1b:28:
1c:53:7d:88:28:ad:91:b8:7a:6e:16:16:45:fa:c0:d2:a1:29:
2d:19:9d:b5:d3:bd:36:eb:2c:f5:47:bd:8b:81:79:4b:b5:31:
14:3d:9f:12:30:84:b5:bd:6a:55:b0:70:1e:0f:4a:5e:55:06:
9d:73:a6:a6:d9:43:9e:0b:de:e0:ee:39:c6:82:27:70:73:ac:
5f:47:88:5c:ac:bd:26:63:1a:eb:45:74:1a:f5:99:43:49:fc:
4c:3d:2a:e5:bd:b1:cf:5c:2a:f8:c5:97:64:55:a0:80:cd:28:
89:dc:ce:46:e3:69:b6:fd:98:08:c2:71:83:20:11:7c:b0:2b:
18:e2:ee:fd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASPUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDIwMTA3WhcNMjUxMjEwMDIwMTA3WjAYMRYw
FAYDVQQDEw02NzZiNjc2Ny0zNzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4sD/Ar2b3j4k8/ZD8/FT0PIQ5WUlvkkjZL1rEzkjf66ipwB8QvP05u8Y
JMpB3KqIvKkH3ApN3qmSD4oMKZAIyzMhRmr/4IT0akVULoOb5eOIDXnq88oAeZm1
hPO76QaI3e5aCqIL0sK/ELuAJXFB8F0nziHuPISFbtPxBzpl32IK8faU9/YKeEmS
hSC59P5UVwJt4Ipet+s5TveW4DiaVou/HL71xmtIQ1GKj+K+xgU41hyfUGrdTu8R
51Bt4Np03hC9n1P4ex5dvBEfGt8dh3WY9M0TSujpGAW4Qc9cxQirfcXCmf8Pcic5
RIhMHE8ztRy/b0h/D+kkCIgvTp7xkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEcZ
Lrxzlz4YSoeGDeqsYnzaxx5gMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQ0RCN0FENEMyNjQxMUVGOURBQTE3Qjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsd3MA0GCSqGSIb3DQEB
CwUAA4IBAQCV0rvRtJ2pHjy6+iW0bM1zRsi+MhldIXWb4fl4GfmpWKVjg0VKeFJ5
kwrKuLVJ0R6+PBHmofL8Ez2ohTO9cb+SeMKDPkezRG6kKfVe3aMpJE4pzCkeKw+2
JLfc91W+S1+kZxj90KTb6uFxH90NNBemzRpKA/ePt1BArMVhGygcU32IKK2RuHpu
FhZF+sDSoSktGZ2107026yz1R72LgXlLtTEUPZ8SMIS1vWpVsHAeD0peVQadc6am
2UOeC97g7jnGgidwc6xfR4hcrL0mYxrrRXQa9ZlDSfxMPSrlvbHPXCr4xZdkVaCA
zSiJ3M5G42m2/ZgIwnGDIBF8sCsY4u79
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:13:52 2025 by rpki-client