Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2398D782C37B11EFAE0F68A8762E951A.roa
File: 2398D782C37B11EFAE0F68A8762E951A.roa (raw, json)
Hash identifier: ZartdNVDt4u+EbBJUhdZyzJYiM02XMciD4o7p+EozPU=
Subject key identifier: E5:4F:2E:DA:FD:0E:FF:F9:64:0D:EC:35:F0:F8:5D:29:7B:E7:98:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012722
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2398D782C37B11EFAE0F68A8762E951A.roa
Signing time: Thu 26 Dec 2024 11:18:32 +0000
ROA not before: Thu 26 Dec 2024 11:18:28 +0000
ROA not after: Fri 12 Dec 2025 11:18:28 +0000
asID: 984
IP address blocks: 154.94.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75554 (0x12722)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 11:18:28 2024 GMT
Not After : Dec 12 11:18:28 2025 GMT
Subject: CN=676d3b88-51a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:52:4a:20:25:5d:37:b1:61:b1:b0:93:84:26:
38:7c:64:35:b2:8d:a6:27:4d:6f:c0:c4:9b:bf:46:
b5:e5:de:08:ba:d6:f5:9f:f5:c7:da:03:89:5e:6c:
1d:1f:3a:c5:2b:2d:aa:89:84:01:3c:6d:8f:b8:60:
39:55:30:dd:0c:0f:d9:e7:f7:63:01:9c:4b:13:a4:
84:d9:98:79:50:a0:30:11:dd:9b:ce:5f:e3:02:bc:
80:be:75:12:dd:cb:f8:39:22:14:33:9a:d0:d8:5e:
2d:1e:4d:16:14:46:a9:1c:dd:19:9d:00:7a:1e:3a:
0e:a2:4b:03:31:a7:9a:44:60:c9:e2:ee:e2:63:f6:
e9:f1:06:e5:f0:fd:d2:d7:cd:83:70:9b:39:fb:77:
d5:b0:65:5c:16:57:74:35:a9:af:69:3f:f2:ca:c0:
1e:ed:62:6e:9c:58:9b:e4:5d:3c:ae:e2:ec:d4:10:
25:cd:46:7e:5a:b9:79:e2:f1:b0:22:6c:8f:97:86:
a3:1e:49:e6:af:96:74:76:59:94:d1:34:00:ba:14:
f2:62:d9:a7:08:fa:7c:6b:bd:71:e7:ef:80:f1:70:
e6:34:7b:9e:33:98:3d:90:64:99:0f:c3:58:d8:13:
6a:47:51:48:16:e7:e6:86:4f:80:c4:eb:1e:75:9e:
bb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:4F:2E:DA:FD:0E:FF:F9:64:0D:EC:35:F0:F8:5D:29:7B:E7:98:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2398D782C37B11EFAE0F68A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.168.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:7b:c4:ac:08:12:be:51:70:ff:2b:a3:f2:12:3d:d9:f0:5d:
be:69:11:38:96:ed:b1:dc:7c:24:1b:1b:ed:cb:16:93:cb:06:
9f:c2:02:71:2e:9a:5d:30:61:03:f3:17:64:9a:f6:3c:ab:88:
e6:f8:78:0b:f8:74:52:c7:25:3a:7d:d2:1c:8c:42:a2:b8:c1:
57:28:00:03:d8:c1:88:69:0c:d2:df:93:0f:05:24:8b:9a:fd:
8a:24:96:2c:e2:f7:fa:48:cf:bb:70:7a:18:3e:c7:cf:40:5a:
65:af:2d:96:de:e0:e2:fc:0e:90:a1:b3:d6:29:10:67:b3:1a:
72:f8:94:96:c2:bb:9b:c5:3b:74:0f:43:99:db:66:00:8d:4b:
a9:cb:63:8d:0b:c9:de:47:23:7a:08:fd:5f:8a:ce:46:85:1b:
75:06:80:97:1f:33:3e:ee:d0:ce:5e:f4:fe:16:b7:33:10:2e:
34:ec:83:09:0b:4d:8a:97:2e:c1:74:b7:ad:8c:d2:20:76:ae:
77:e8:f9:6e:5d:59:8b:64:f0:8f:df:90:d6:a2:6a:be:69:79:
a7:4d:80:02:c8:31:75:52:b2:6c:5c:52:6e:8d:78:37:0a:12:
ac:1e:14:01:5c:ad:37:db:17:f6:60:f1:d1:a8:90:92:bc:cd:
7d:2e:9f:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASciMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTExODI4WhcNMjUxMjEyMTExODI4WjAYMRYw
FAYDVQQDEw02NzZkM2I4OC01MWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA01JKICVdN7FhsbCThCY4fGQ1so2mJ01vwMSbv0a15d4Iutb1n/XH2gOJ
XmwdHzrFKy2qiYQBPG2PuGA5VTDdDA/Z5/djAZxLE6SE2Zh5UKAwEd2bzl/jAryA
vnUS3cv4OSIUM5rQ2F4tHk0WFEapHN0ZnQB6HjoOoksDMaeaRGDJ4u7iY/bp8Qbl
8P3S182DcJs5+3fVsGVcFld0NamvaT/yysAe7WJunFib5F08ruLs1BAlzUZ+Wrl5
4vGwImyPl4ajHknmr5Z0dlmU0TQAuhTyYtmnCPp8a71x5++A8XDmNHueM5g9kGSZ
D8NY2BNqR1FIFufmhk+AxOsedZ67sQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOVP
Ltr9Dv/5ZA3sNfD4XSl755jXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMzk4RDc4MkMzN0IxMUVGQUUwRjY4QTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml6oMA0GCSqGSIb3DQEB
CwUAA4IBAQCoe8SsCBK+UXD/K6PyEj3Z8F2+aRE4lu2x3HwkGxvtyxaTywafwgJx
LppdMGED8xdkmvY8q4jm+HgL+HRSxyU6fdIcjEKiuMFXKAAD2MGIaQzS35MPBSSL
mv2KJJYs4vf6SM+7cHoYPsfPQFplry2W3uDi/A6QobPWKRBnsxpy+JSWwrubxTt0
D0OZ22YAjUupy2ONC8neRyN6CP1fis5GhRt1BoCXHzM+7tDOXvT+FrczEC407IMJ
C02Kly7BdLetjNIgdq536PluXVmLZPCP35DWomq+aXmnTYACyDF1UrJsXFJujXg3
ChKsHhQBXK032xf2YPHRqJCSvM19Lp+8
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:30 2025 by rpki-client