Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2168FA22C3DB11EF86684D84762E951A.roa
File: 2168FA22C3DB11EF86684D84762E951A.roa (raw, json)
Hash identifier: aijksLiuvBH39uCuiBZQ2mbIk4Fkq6BPLSXVQGm/nKo=
Subject key identifier: 18:13:AC:5F:69:69:44:5D:31:25:FB:85:34:54:AC:E4:E2:47:0C:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0128A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2168FA22C3DB11EF86684D84762E951A.roa
Signing time: Thu 26 Dec 2024 22:45:40 +0000
ROA not before: Thu 26 Dec 2024 22:45:36 +0000
ROA not after: Sun 12 Dec 2027 22:45:36 +0000
asID: 17561
IP address blocks: 154.85.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75942 (0x128a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 22:45:36 2024 GMT
Not After : Dec 12 22:45:36 2027 GMT
Subject: CN=676ddc94-4a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6b:66:1c:d5:19:cf:8f:83:4c:3b:bd:f2:1a:
ed:d8:e6:af:7d:08:40:43:23:50:d8:5d:d3:2d:a7:
67:0b:f0:10:d8:7a:e0:cf:e2:fe:c9:f1:af:bc:51:
2d:c8:ca:dd:bb:e4:83:d7:51:51:a9:a9:9d:2e:47:
c6:ad:a0:03:64:63:28:1d:3d:5b:ac:ef:be:e7:2d:
fb:cf:b2:02:67:ca:ee:42:73:53:c5:07:a4:08:87:
9b:b4:b6:c7:4c:e2:7f:8e:6b:65:d3:c1:1f:4a:97:
31:3a:16:ef:9f:8e:b9:cb:0f:30:44:d9:26:3a:3b:
02:1c:36:53:eb:8a:93:b7:00:78:7f:94:18:9d:13:
d6:5e:3e:2f:1c:62:14:3b:46:d8:a0:f9:ab:25:a5:
6b:75:9c:e8:2f:d2:f6:2e:bb:2a:29:b8:49:f5:ef:
b8:c5:b8:ca:70:48:38:aa:7c:20:09:63:2e:2e:c8:
1f:bd:b9:d2:3c:c8:7c:45:86:85:05:e6:60:4e:7a:
77:00:c6:4a:16:77:8f:66:d8:53:34:fb:ea:03:67:
71:8c:b1:c9:71:dd:b3:37:18:35:32:07:7f:50:f5:
07:bf:a1:05:dc:1f:01:33:80:47:8e:7d:b2:78:44:
39:ef:07:51:80:aa:54:da:6b:05:7f:83:90:81:20:
dc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:13:AC:5F:69:69:44:5D:31:25:FB:85:34:54:AC:E4:E2:47:0C:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2168FA22C3DB11EF86684D84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.29.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:22:79:6e:92:13:ec:4d:4f:24:39:ba:22:c5:a6:3a:f2:13:
7d:da:a7:f5:cf:1a:cf:5e:78:c4:16:6c:b0:b7:ac:06:02:4c:
6d:be:91:9f:c2:cc:dc:23:82:c7:1e:8b:27:5a:89:e7:bd:e0:
ed:28:7a:df:34:20:66:5e:e4:b8:b9:bc:c0:5d:f6:b4:02:5b:
d3:5c:07:a1:80:8c:ae:3e:b2:97:0d:d9:71:4f:af:a4:ad:5a:
b9:35:ba:f2:e2:80:73:0f:d0:ec:f7:de:ff:69:94:c0:3a:4b:
11:d3:24:7d:b7:2f:fc:70:17:31:61:8b:80:0a:96:38:a8:16:
3d:0a:f3:df:8d:15:87:e4:b2:b1:4c:f2:33:36:bf:0a:5f:1d:
2f:62:f8:e5:6a:d2:d4:60:0d:bb:e3:62:1f:e9:1a:d4:1c:5a:
34:ba:f1:20:ea:0a:e2:17:c9:36:a3:01:29:ab:c2:1e:59:20:
78:da:6d:21:fd:12:df:d5:00:b4:f9:05:db:a4:7c:21:80:65:
f6:05:65:47:13:a5:6a:10:98:3c:72:bd:2a:15:a9:98:9c:20:
cc:f8:b8:4e:31:d4:17:bb:dc:7d:b0:23:d0:55:93:cd:e0:cf:
54:32:25:c4:e0:bb:ce:55:36:67:57:6d:02:91:9f:ba:ae:6f:
41:ef:c0:72
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASimMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjI0NTM2WhcNMjcxMjEyMjI0NTM2WjAYMRYw
FAYDVQQDEw02NzZkZGM5NC00YTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz2tmHNUZz4+DTDu98hrt2OavfQhAQyNQ2F3TLadnC/AQ2Hrgz+L+yfGv
vFEtyMrdu+SD11FRqamdLkfGraADZGMoHT1brO++5y37z7ICZ8ruQnNTxQekCIeb
tLbHTOJ/jmtl08EfSpcxOhbvn465yw8wRNkmOjsCHDZT64qTtwB4f5QYnRPWXj4v
HGIUO0bYoPmrJaVrdZzoL9L2LrsqKbhJ9e+4xbjKcEg4qnwgCWMuLsgfvbnSPMh8
RYaFBeZgTnp3AMZKFnePZthTNPvqA2dxjLHJcd2zNxg1Mgd/UPUHv6EF3B8BM4BH
jn2yeEQ57wdRgKpU2msFf4OQgSDciQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBgT
rF9paURdMSX7hTRUrOTiRwxAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTY4RkEyMkMzREIxMUVGODY2ODREODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlUdMA0GCSqGSIb3DQEB
CwUAA4IBAQC2InlukhPsTU8kOboixaY68hN92qf1zxrPXnjEFmywt6wGAkxtvpGf
wszcI4LHHosnWonnveDtKHrfNCBmXuS4ubzAXfa0AlvTXAehgIyuPrKXDdlxT6+k
rVq5Nbry4oBzD9Ds997/aZTAOksR0yR9ty/8cBcxYYuACpY4qBY9CvPfjRWH5LKx
TPIzNr8KXx0vYvjlatLUYA2742If6RrUHFo0uvEg6griF8k2owEpq8IeWSB42m0h
/RLf1QC0+QXbpHwhgGX2BWVHE6VqEJg8cr0qFamYnCDM+LhOMdQXu9x9sCPQVZPN
4M9UMiXE4LvOVTZnV20CkZ+6rm9B78By
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:48:52 2025 by rpki-client