Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/217423F6C3CD11EF90CFC9AC762E951A.roa
File: 217423F6C3CD11EF90CFC9AC762E951A.roa (raw, json)
Hash identifier: c8qfbcki0zv3WZvPdVoqTqzd+ijH5dEMQ9OQ6XmWJhs=
Subject key identifier: 88:AB:68:EB:0F:C6:60:9C:D2:1B:AE:9E:D5:8E:77:06:EE:0D:35:9C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012818
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/217423F6C3CD11EF90CFC9AC762E951A.roa
Signing time: Thu 26 Dec 2024 21:05:27 +0000
ROA not before: Thu 26 Dec 2024 21:05:23 +0000
ROA not after: Sun 12 Dec 2027 21:05:23 +0000
asID: 17561
IP address blocks: 154.83.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75800 (0x12818)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 21:05:23 2024 GMT
Not After : Dec 12 21:05:23 2027 GMT
Subject: CN=676dc517-932e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:04:b0:fb:04:38:de:30:bc:d7:65:96:0f:9c:
ea:8f:d5:b6:44:b2:3b:42:19:76:f2:06:32:79:b5:
f4:1d:95:54:60:7c:82:da:10:7f:c3:67:5a:76:04:
92:c5:3a:86:84:81:6b:05:d3:f8:a1:e4:94:aa:64:
f7:c8:ea:98:fd:a9:9f:10:c4:51:b4:0f:7e:d2:58:
9c:7f:13:64:ee:3c:54:e5:48:fa:eb:07:16:3e:0d:
b8:0a:e3:94:bf:96:98:de:6b:9d:b5:9d:4f:9d:08:
1a:a1:b8:41:25:c5:bd:bb:61:67:02:f1:26:d7:93:
0b:a9:81:cc:2f:9c:be:0f:f5:19:9d:f5:53:56:86:
ff:45:ca:2e:69:d4:10:ac:0e:4d:16:ff:16:16:4e:
8b:93:ff:2e:46:57:86:6f:4b:97:c6:f1:8b:d2:59:
f0:48:63:e9:70:2d:4e:10:bf:5b:03:16:75:3c:d6:
92:01:a5:eb:ba:ec:22:c2:37:dd:65:b0:08:12:be:
e5:07:43:1d:a4:2a:f7:d0:3b:45:d5:c7:a3:17:82:
5e:69:83:d3:d4:1a:ff:8e:ee:f5:1d:32:40:a3:01:
b5:b6:a2:c3:49:c6:98:7e:68:ad:cd:21:86:94:3a:
b1:b6:3d:86:65:8a:b5:66:0d:d5:3c:ff:1d:de:a4:
e0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:AB:68:EB:0F:C6:60:9C:D2:1B:AE:9E:D5:8E:77:06:EE:0D:35:9C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/217423F6C3CD11EF90CFC9AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.162.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:49:1a:80:95:ed:ca:7d:cb:5d:90:72:04:b2:a6:ac:16:03:
59:a5:f7:05:38:a0:03:62:7a:88:08:48:2c:07:68:6b:b3:9f:
82:82:70:6f:87:64:1e:6c:6e:a3:e5:0a:44:8a:71:5e:dd:2c:
fc:1f:2d:74:66:1d:d3:ae:0a:5a:85:66:d3:72:7b:b4:be:a3:
12:63:27:80:50:2e:a9:5f:27:55:62:ac:14:d9:e6:6f:67:cc:
85:6f:fd:9a:af:67:fc:ad:bd:ac:aa:af:c6:87:97:38:66:54:
69:05:0f:66:e0:03:b0:d1:f1:f4:65:66:80:eb:30:16:34:dc:
73:34:d8:32:65:44:9b:d8:00:9c:d3:73:db:75:d6:c0:fc:5e:
81:2c:e0:31:ee:f4:ed:e9:55:81:24:af:e9:cd:8c:9a:9c:e3:
5a:ee:54:55:cb:2c:78:c5:44:f3:f5:68:0d:5a:58:01:4c:2f:
51:f4:f8:1e:f6:b5:fd:d7:f1:0a:93:97:4c:92:08:7b:10:ad:
71:87:7e:5d:02:d4:8b:fc:9d:21:69:85:64:35:ed:14:fe:e3:
36:45:c1:e4:05:a2:e8:24:ce:8b:70:b6:b6:0b:29:85:ca:c0:
35:08:3f:af:38:2e:92:56:f0:18:da:16:6f:c5:45:07:24:5b:
68:49:79:e4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASgYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjEwNTIzWhcNMjcxMjEyMjEwNTIzWjAYMRYw
FAYDVQQDEw02NzZkYzUxNy05MzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxQSw+wQ43jC812WWD5zqj9W2RLI7Qhl28gYyebX0HZVUYHyC2hB/w2da
dgSSxTqGhIFrBdP4oeSUqmT3yOqY/amfEMRRtA9+0licfxNk7jxU5Uj66wcWPg24
CuOUv5aY3mudtZ1PnQgaobhBJcW9u2FnAvEm15MLqYHML5y+D/UZnfVTVob/Rcou
adQQrA5NFv8WFk6Lk/8uRleGb0uXxvGL0lnwSGPpcC1OEL9bAxZ1PNaSAaXruuwi
wjfdZbAIEr7lB0MdpCr30DtF1cejF4JeaYPT1Br/ju71HTJAowG1tqLDScaYfmit
zSGGlDqxtj2GZYq1Zg3VPP8d3qTgVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIir
aOsPxmCc0huuntWOdwbuDTWcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTc0MjNGNkMzQ0QxMUVGOTBDRkM5QUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOiMA0GCSqGSIb3DQEB
CwUAA4IBAQCaSRqAle3KfctdkHIEsqasFgNZpfcFOKADYnqICEgsB2hrs5+CgnBv
h2QebG6j5QpEinFe3Sz8Hy10Zh3TrgpahWbTcnu0vqMSYyeAUC6pXydVYqwU2eZv
Z8yFb/2ar2f8rb2sqq/Gh5c4ZlRpBQ9m4AOw0fH0ZWaA6zAWNNxzNNgyZUSb2ACc
03PbddbA/F6BLOAx7vTt6VWBJK/pzYyanONa7lRVyyx4xUTz9WgNWlgBTC9R9Pge
9rX91/EKk5dMkgh7EK1xh35dAtSL/J0haYVkNe0U/uM2RcHkBaLoJM6LcLa2CymF
ysA1CD+vOC6SVvAY2hZvxUUHJFtoSXnk
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:00:59 2025 by rpki-client