Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/22D9E132B07B11EFA3428061762E951A.roa
File: 22D9E132B07B11EFA3428061762E951A.roa (raw, json)
Hash identifier: aIxTqwR6gJLmOnwqq6wpF4z/2ILEHRukOnSMQCPdD1k=
Subject key identifier: 78:83:6C:62:19:BB:D0:30:FF:A4:C3:E4:C3:AA:7A:D5:F4:56:5E:A3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01160B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/22D9E132B07B11EFA3428061762E951A.roa
Signing time: Mon 02 Dec 2024 07:00:38 +0000
ROA not before: Mon 02 Dec 2024 07:00:35 +0000
ROA not after: Tue 25 Nov 2025 07:00:35 +0000
asID: 133847
IP address blocks: 154.92.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71179 (0x1160b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 2 07:00:35 2024 GMT
Not After : Nov 25 07:00:35 2025 GMT
Subject: CN=674d5b16-40e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1f:a4:88:fe:b7:3d:09:ea:14:e4:db:d9:33:
36:0e:1b:79:32:aa:50:5c:e8:5d:bf:98:e2:5c:3f:
57:ee:a3:23:72:30:58:8b:a7:8e:52:ee:76:24:b4:
b8:89:a2:23:e8:33:ad:1d:16:96:8e:5c:6e:7e:2b:
1c:0b:c4:f6:5d:a9:2d:e9:29:d3:51:e7:7f:92:26:
b3:47:c0:49:a6:2a:88:61:86:71:46:27:0a:e4:f0:
9b:bd:ca:da:71:09:fc:83:86:23:e1:25:ce:60:27:
72:e9:6b:de:c0:ed:95:d5:6c:7a:b0:8d:3c:c7:f3:
03:93:29:19:70:a2:e0:f0:77:3c:36:ed:95:f9:9a:
8c:55:c2:0b:ae:99:fa:dd:2d:f8:e9:a5:32:50:5b:
51:df:e0:e8:a9:f4:df:d2:4d:af:a2:29:ae:5c:c5:
ba:d2:d0:39:93:9c:cc:52:52:a4:5e:96:80:a9:9f:
c1:94:e8:f0:d3:1d:b8:3a:77:23:02:dd:a6:d2:fa:
8c:dd:04:6b:2a:ec:1c:79:37:98:2d:09:c3:c7:16:
3b:8d:8c:3f:cb:98:fa:fa:ce:d1:3f:78:f6:2e:27:
a0:11:20:95:8f:12:1b:8d:ab:ec:4d:3b:23:7c:45:
e2:36:f4:e0:23:5b:45:f8:74:3f:ab:b6:3c:f6:7d:
b8:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:83:6C:62:19:BB:D0:30:FF:A4:C3:E4:C3:AA:7A:D5:F4:56:5E:A3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/22D9E132B07B11EFA3428061762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.160.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:a0:9e:fe:60:96:58:4c:56:46:ce:7c:bf:1f:97:15:19:da:
f5:71:ac:9f:39:b3:21:96:96:16:78:2b:cc:a3:c4:73:0f:06:
ab:3d:97:6a:9c:2e:e9:85:56:02:b1:c9:1d:a8:86:e8:01:a9:
d5:f0:32:c8:9e:13:cc:01:63:8d:d9:34:03:0a:90:80:b1:e7:
75:2f:f4:4f:5b:a6:4b:21:ee:fe:0d:32:27:44:ca:1c:16:fb:
95:db:ef:87:27:15:26:f2:ba:6a:a6:03:91:4d:fc:5a:bb:de:
40:e3:63:1b:cb:86:1d:0b:8d:5d:c1:1d:0d:45:19:dd:aa:84:
59:4b:66:8f:57:f1:16:e3:76:ea:4d:28:89:af:fc:a0:69:ed:
4a:51:25:44:c6:81:b7:28:8d:49:82:84:69:d4:21:8b:d3:87:
08:b5:b0:05:ce:ed:25:1f:dc:19:be:94:68:be:c9:30:82:8a:
ef:aa:cf:72:7f:3c:23:5d:da:ac:fe:e1:e9:9c:6f:8c:a5:b3:
85:b0:d2:b6:6b:c6:1f:60:34:ab:34:75:18:c4:01:bf:ef:10:
8a:ea:ef:fc:60:cc:a1:ee:58:46:3c:f5:ad:f8:c9:ff:fe:6c:
63:65:c0:a6:d9:2f:b4:bc:9d:b8:77:56:2f:e9:c2:b5:e2:bd:
eb:6a:9f:fd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARYLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjAyMDcwMDM1WhcNMjUxMTI1MDcwMDM1WjAYMRYw
FAYDVQQDEw02NzRkNWIxNi00MGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtB+kiP63PQnqFOTb2TM2Dht5MqpQXOhdv5jiXD9X7qMjcjBYi6eOUu52
JLS4iaIj6DOtHRaWjlxufiscC8T2Xakt6SnTUed/kiazR8BJpiqIYYZxRicK5PCb
vcracQn8g4Yj4SXOYCdy6WvewO2V1Wx6sI08x/MDkykZcKLg8Hc8Nu2V+ZqMVcIL
rpn63S346aUyUFtR3+DoqfTf0k2voimuXMW60tA5k5zMUlKkXpaAqZ/BlOjw0x24
OncjAt2m0vqM3QRrKuwceTeYLQnDxxY7jYw/y5j6+s7RP3j2LiegESCVjxIbjavs
TTsjfEXiNvTgI1tF+HQ/q7Y89n24SQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHiD
bGIZu9Aw/6TD5MOqetX0Vl6jMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMkQ5RTEzMkIwN0IxMUVGQTM0MjgwNjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlygMA0GCSqGSIb3DQEB
CwUAA4IBAQCPoJ7+YJZYTFZGzny/H5cVGdr1cayfObMhlpYWeCvMo8RzDwarPZdq
nC7phVYCsckdqIboAanV8DLInhPMAWON2TQDCpCAsed1L/RPW6ZLIe7+DTInRMoc
FvuV2++HJxUm8rpqpgORTfxau95A42Mby4YdC41dwR0NRRndqoRZS2aPV/EW43bq
TSiJr/ygae1KUSVExoG3KI1JgoRp1CGL04cItbAFzu0lH9wZvpRovskwgorvqs9y
fzwjXdqs/uHpnG+MpbOFsNK2a8YfYDSrNHUYxAG/7xCK6u/8YMyh7lhGPPWt+Mn/
/mxjZcCm2S+0vJ24d1Yv6cK14r3rap/9
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:12 2025 by rpki-client