Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E315750CF2011EFA6D37B42762E951A.roa
File: 1E315750CF2011EFA6D37B42762E951A.roa (raw, json)
Hash identifier: KjczOMCure1/64nqQuaNpEHsEFrJIPIAEk70BINTbq8=
Subject key identifier: 43:96:FC:FE:1A:E3:AD:86:9A:02:4D:26:BE:3F:BC:86:1D:C0:EE:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013993
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E315750CF2011EFA6D37B42762E951A.roa
Signing time: Fri 10 Jan 2025 06:57:12 +0000
ROA not before: Fri 10 Jan 2025 06:57:09 +0000
ROA not after: Tue 11 Feb 2025 06:57:09 +0000
asID: 174
IP address blocks: 154.202.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80275 (0x13993)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 10 06:57:09 2025 GMT
Not After : Feb 11 06:57:09 2025 GMT
Subject: CN=6780c4c8-d403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:27:35:7d:df:7d:db:cb:50:c7:b6:ab:6c:30:
6d:99:fa:73:e9:57:85:53:4a:27:99:15:7a:1b:10:
fd:e9:f5:93:dc:74:de:5f:95:14:4f:58:3a:0e:b4:
ef:1e:1e:38:1d:e2:7a:d9:3b:96:bb:a8:62:8d:b5:
3f:b0:e8:0e:a6:7a:b9:ed:dc:9c:f6:28:d5:96:ab:
c5:8a:eb:b9:f2:51:6f:74:ac:0b:ac:30:41:cd:b4:
2f:80:33:c2:67:57:78:71:8b:a9:eb:67:51:ce:09:
a2:55:d1:1b:ba:17:79:26:03:08:43:18:b9:9e:da:
33:a1:8d:e8:08:1f:15:bf:3f:b9:b8:73:62:b3:8a:
49:30:f9:f8:d7:93:49:bf:83:56:d1:3d:55:70:02:
df:15:e6:eb:45:0a:d3:00:dc:53:41:ca:73:5d:5e:
9a:5b:9e:be:e0:9f:17:73:7e:f8:c3:8d:48:81:b6:
2a:1b:26:3e:a4:a5:f3:dd:7c:d4:e6:55:53:c1:45:
01:ca:1c:5e:e5:aa:6c:c3:ea:12:75:8b:70:fe:4c:
cb:81:37:1b:3d:b5:aa:c0:59:6e:10:b3:47:c4:fc:
ad:a1:0f:0a:04:1b:fe:b6:6a:ed:08:3e:09:a3:f9:
fe:6f:5a:d7:7a:0b:b5:19:18:7c:de:21:b6:eb:50:
be:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:96:FC:FE:1A:E3:AD:86:9A:02:4D:26:BE:3F:BC:86:1D:C0:EE:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E315750CF2011EFA6D37B42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.108.0/22
Signature Algorithm: sha256WithRSAEncryption
59:67:a7:0e:dc:9b:91:91:6f:78:f4:1a:d0:56:b8:bb:6d:2b:
81:f6:25:83:2d:fd:31:52:f4:75:f7:13:39:cd:27:17:4d:70:
53:81:2f:13:7e:c5:ec:da:d2:c4:45:f7:70:6a:fe:3f:52:6d:
c9:0b:c2:50:65:be:d8:e2:09:68:20:97:0d:41:0e:f5:04:a8:
d8:04:bc:c8:59:eb:0a:36:65:1c:fe:d3:2f:70:c9:e5:f0:a6:
0c:b5:ab:c8:17:cd:61:e1:1c:0c:83:4b:41:f8:1a:1f:a4:46:
77:5d:0b:c6:64:ce:8e:ea:fd:e4:98:c0:42:32:a0:b4:05:88:
ba:7e:d8:d5:ff:fe:13:02:64:63:66:7f:dc:90:8f:14:1e:e3:
f9:da:bb:79:c3:00:8e:e8:e7:05:f5:df:b1:93:7d:c2:7e:4d:
b3:36:01:fa:8c:59:1f:bd:be:9e:e8:fd:c7:6b:b6:a9:69:a2:
8c:cd:ec:ef:e4:05:fa:e7:cf:b8:5a:71:84:10:32:6d:b6:ef:
84:6f:b8:58:22:70:fb:59:2f:cd:31:5f:cd:d2:da:06:42:29:
9f:0d:96:ee:34:b3:49:3e:bc:a7:15:e9:c1:cc:50:0f:a2:8c:
ed:98:ba:06:6b:0a:ce:62:d6:5f:ff:c1:ab:fd:02:7e:dd:0c:
69:56:e3:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATmTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEwMDY1NzA5WhcNMjUwMjExMDY1NzA5WjAYMRYw
FAYDVQQDEw02NzgwYzRjOC1kNDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxSc1fd9928tQx7arbDBtmfpz6VeFU0onmRV6GxD96fWT3HTeX5UUT1g6
DrTvHh44HeJ62TuWu6hijbU/sOgOpnq57dyc9ijVlqvFiuu58lFvdKwLrDBBzbQv
gDPCZ1d4cYup62dRzgmiVdEbuhd5JgMIQxi5ntozoY3oCB8Vvz+5uHNis4pJMPn4
15NJv4NW0T1VcALfFebrRQrTANxTQcpzXV6aW56+4J8Xc374w41IgbYqGyY+pKXz
3XzU5lVTwUUByhxe5apsw+oSdYtw/kzLgTcbPbWqwFluELNHxPytoQ8KBBv+tmrt
CD4Jo/n+b1rXegu1GRh83iG261C+FwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEOW
/P4a462GmgJNJr4/vIYdwO5kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRTMxNTc1MENGMjAxMUVGQTZEMzdCNDI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmspsMA0GCSqGSIb3DQEB
CwUAA4IBAQBZZ6cO3JuRkW949BrQVri7bSuB9iWDLf0xUvR19xM5zScXTXBTgS8T
fsXs2tLERfdwav4/Um3JC8JQZb7Y4gloIJcNQQ71BKjYBLzIWesKNmUc/tMvcMnl
8KYMtavIF81h4RwMg0tB+BofpEZ3XQvGZM6O6v3kmMBCMqC0BYi6ftjV//4TAmRj
Zn/ckI8UHuP52rt5wwCO6OcF9d+xk33Cfk2zNgH6jFkfvb6e6P3Ha7apaaKMzezv
5AX658+4WnGEEDJttu+Eb7hYInD7WS/NMV/N0toGQimfDZbuNLNJPrynFenBzFAP
ooztmLoGawrOYtZf/8Gr/QJ+3QxpVuMb
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:49:51 2025 by rpki-client