Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F9AE73EC27611EFBE54A6B6762E951A.roa
File: 1F9AE73EC27611EFBE54A6B6762E951A.roa (raw, json)
Hash identifier: HkZHSAWtwmhog49YTxUhF458IF9cjYmX4peevGWjYAM=
Subject key identifier: 5A:9E:DB:6B:6B:3C:99:23:03:3B:61:19:6B:10:55:CB:44:A6:02:53
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01249C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F9AE73EC27611EFBE54A6B6762E951A.roa
Signing time: Wed 25 Dec 2024 04:10:06 +0000
ROA not before: Wed 25 Dec 2024 04:10:03 +0000
ROA not after: Wed 10 Dec 2025 04:10:03 +0000
asID: 984
IP address blocks: 154.211.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74908 (0x1249c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 04:10:03 2024 GMT
Not After : Dec 10 04:10:03 2025 GMT
Subject: CN=676b859e-abd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b7:75:bf:2b:b1:18:ad:36:31:66:dc:60:27:
2c:09:2c:fd:5c:cd:08:9f:e6:a3:87:ff:8e:73:2f:
d3:2d:db:46:99:1d:b6:dc:e8:fc:ee:78:7a:ed:dc:
58:f3:ef:ca:2a:29:0c:96:1c:de:ad:77:73:82:d6:
e8:aa:6a:57:4e:d1:49:32:73:b8:ba:97:43:20:a5:
56:92:54:ab:3e:32:16:75:a4:70:e9:d8:9c:45:2e:
1e:65:90:ca:5f:13:b9:c5:23:5d:49:78:6d:ee:31:
4e:ed:11:b9:7f:8f:67:b2:37:2c:d9:ad:3f:08:f1:
18:8b:c6:34:76:ac:ce:e2:1c:e8:03:07:0e:2b:c8:
11:66:09:db:8e:f3:90:ff:d9:f1:c1:b7:22:9f:d5:
64:69:08:61:45:a8:37:d3:f1:0a:1f:76:79:88:a0:
a2:f7:6a:bd:8f:ce:03:03:df:41:7b:93:2c:e1:30:
41:1d:27:61:40:02:5f:ad:df:c4:ee:1c:21:a7:71:
72:f2:c4:7d:af:56:99:cb:06:8f:f0:af:bd:cc:28:
4a:c2:c7:ae:50:5c:e5:37:70:67:01:70:74:09:0a:
2e:51:13:c0:1e:4c:65:fc:fd:e0:1b:ef:b0:51:cc:
a0:3c:f8:69:89:e8:8a:6a:68:7b:e9:7b:9c:d1:c5:
bb:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9E:DB:6B:6B:3C:99:23:03:3B:61:19:6B:10:55:CB:44:A6:02:53
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F9AE73EC27611EFBE54A6B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.235.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:9b:66:6e:65:9f:64:64:2c:6d:39:e6:c9:a3:1c:c1:11:32:
5b:1a:78:a8:e0:5a:03:34:22:28:28:f2:78:db:cb:ac:48:01:
68:8d:14:48:cf:48:81:13:4d:4e:75:d8:87:ca:b7:6e:97:0c:
65:06:5c:89:f7:3a:69:cf:b7:83:6d:7e:e1:14:ea:29:47:4d:
dc:5b:98:bc:59:99:77:d8:21:35:09:3f:c0:ba:a8:4d:a2:9f:
c5:d3:c5:82:74:e8:93:92:27:76:2f:e6:ad:ba:56:ac:8d:75:
24:dd:57:60:e1:5d:7f:1c:08:8a:1d:27:59:58:6d:f9:f0:10:
ee:5a:a2:e2:56:98:85:7f:b4:79:83:23:68:d5:e5:17:92:f9:
45:bf:35:07:b0:b6:1b:33:f8:47:38:7d:ef:58:3f:1c:ad:f1:
6b:f3:5d:0d:30:b9:cc:95:cd:51:40:57:ba:a6:4c:45:99:1d:
8d:10:4e:18:ba:46:01:ae:95:24:71:04:a9:c1:40:65:d3:5e:
8e:7e:94:08:77:78:e0:cf:cd:35:7a:d1:67:e7:3f:15:2b:73:
c7:88:53:bd:ad:2e:fa:bc:6c:db:d3:07:eb:bf:1c:ac:26:6e:
27:1b:1a:06:e8:b7:f6:69:a0:35:8b:97:31:45:e8:fb:36:6a:
6a:22:c1:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASScMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDQxMDAzWhcNMjUxMjEwMDQxMDAzWjAYMRYw
FAYDVQQDEw02NzZiODU5ZS1hYmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArbd1vyuxGK02MWbcYCcsCSz9XM0In+ajh/+Ocy/TLdtGmR223Oj87nh6
7dxY8+/KKikMlhzerXdzgtboqmpXTtFJMnO4updDIKVWklSrPjIWdaRw6dicRS4e
ZZDKXxO5xSNdSXht7jFO7RG5f49nsjcs2a0/CPEYi8Y0dqzO4hzoAwcOK8gRZgnb
jvOQ/9nxwbcin9VkaQhhRag30/EKH3Z5iKCi92q9j84DA99Be5Ms4TBBHSdhQAJf
rd/E7hwhp3Fy8sR9r1aZywaP8K+9zChKwseuUFzlN3BnAXB0CQouURPAHkxl/P3g
G++wUcygPPhpieiKamh76Xuc0cW7mwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFqe
22trPJkjAzthGWsQVctEpgJTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRjlBRTczRUMyNzYxMUVGQkU1NEE2QjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtPrMA0GCSqGSIb3DQEB
CwUAA4IBAQDDm2ZuZZ9kZCxtOebJoxzBETJbGnio4FoDNCIoKPJ428usSAFojRRI
z0iBE01OddiHyrdulwxlBlyJ9zppz7eDbX7hFOopR03cW5i8WZl32CE1CT/AuqhN
op/F08WCdOiTkid2L+atulasjXUk3Vdg4V1/HAiKHSdZWG358BDuWqLiVpiFf7R5
gyNo1eUXkvlFvzUHsLYbM/hHOH3vWD8crfFr810NMLnMlc1RQFe6pkxFmR2NEE4Y
ukYBrpUkcQSpwUBl016OfpQId3jgz801etFn5z8VK3PHiFO9rS76vGzb0wfrvxys
Jm4nGxoG6Lf2aaA1i5cxRej7NmpqIsEU
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:39:04 2025 by rpki-client