Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/249C087CC42D11EFBEF3E49C762E951A.roa
File: 249C087CC42D11EFBEF3E49C762E951A.roa (raw, json)
Hash identifier: XOhhLzid4txo41HK4MXDV5X8/hzcBhS4OUv1AczM0DM=
Subject key identifier: 49:DF:F1:58:E1:39:DA:B1:48:BA:C1:B5:77:15:54:F0:55:CF:8F:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012A37
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/249C087CC42D11EFBEF3E49C762E951A.roa
Signing time: Fri 27 Dec 2024 08:32:44 +0000
ROA not before: Fri 27 Dec 2024 08:32:40 +0000
ROA not after: Fri 12 Dec 2025 08:32:40 +0000
asID: 984
IP address blocks: 154.203.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76343 (0x12a37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 08:32:40 2024 GMT
Not After : Dec 12 08:32:40 2025 GMT
Subject: CN=676e662c-6955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:85:d5:14:11:34:b4:75:51:d7:6f:17:e7:2c:
7e:dc:0f:6c:c6:61:36:08:dc:3f:85:3e:03:61:19:
9b:09:ef:bb:76:36:db:63:c4:4c:07:b1:6d:54:44:
2a:d2:6c:87:95:37:b9:8d:e4:e2:a8:a2:c8:c3:ab:
92:8f:61:7f:46:03:37:94:0c:bc:e3:e4:f6:1f:a5:
06:a4:c6:3f:d1:7a:1a:8e:b4:ad:57:89:1b:bc:65:
29:1b:e7:f2:25:26:71:da:05:06:b2:0e:4c:21:b2:
33:a6:35:a0:8f:2e:59:07:42:8c:67:6e:f9:6f:07:
ba:62:d1:c5:5d:c1:5e:9b:46:63:e4:f1:ea:4d:fb:
4e:db:f6:a1:81:55:0b:28:a0:da:d9:e7:a6:27:f4:
0c:40:7e:69:09:72:24:14:fc:74:0d:e6:37:58:69:
52:9e:d1:0d:99:69:5b:e5:5d:ff:ff:30:40:3a:dd:
8b:9c:a5:f4:68:21:62:40:4e:4b:cf:df:59:47:71:
b1:43:22:7d:43:a9:84:50:6f:98:ae:31:db:3d:6b:
69:63:38:f2:65:3e:2f:4a:ad:d1:b3:3a:0f:29:77:
75:70:23:c9:4e:48:b8:91:d5:69:42:15:3b:7c:7f:
2b:c2:85:ad:0d:08:07:a7:98:67:05:ed:59:9f:db:
bd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DF:F1:58:E1:39:DA:B1:48:BA:C1:B5:77:15:54:F0:55:CF:8F:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/249C087CC42D11EFBEF3E49C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.4.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:6c:21:2c:15:2c:5c:e6:a2:25:a5:65:8b:ae:93:b6:27:18:
ea:d4:5d:ed:0c:b8:45:d2:5c:1c:e6:bf:7c:28:db:44:57:41:
30:a7:e3:d6:ad:e6:f0:62:80:a7:71:f0:46:5c:30:ac:66:7e:
07:33:80:fa:7a:88:33:2a:b3:cf:4e:7e:07:29:cd:5c:03:e1:
1b:b4:43:d9:38:45:be:f3:8e:c2:a9:60:73:55:c8:05:f3:6f:
6e:ce:d6:69:2a:e6:6a:a4:37:72:10:01:4e:37:99:ed:3e:33:
44:3a:6b:cd:bc:bf:a2:3c:78:1f:25:c9:53:c8:ab:01:65:37:
a0:1f:f7:b0:0e:cc:7d:5a:25:1b:92:27:51:7f:db:2a:4c:95:
c6:31:33:7e:15:58:14:93:c7:78:a5:de:c0:da:0f:4d:56:19:
5a:06:56:5d:97:15:5c:49:1b:c2:36:2a:3f:8b:ed:4f:6b:2f:
0f:ff:fe:5f:7d:fc:7a:28:5c:6a:15:35:f5:00:c2:82:2f:f0:
af:d0:f2:6c:13:8c:aa:aa:54:63:7c:f2:c2:6c:51:ad:84:58:
30:91:56:9c:bb:58:08:7b:3e:5a:81:c5:83:59:ab:4b:28:42:
87:06:70:ee:77:47:da:54:47:24:54:77:2a:9a:9f:8a:2d:ba:
78:ec:f2:f3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASo3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDgzMjQwWhcNMjUxMjEyMDgzMjQwWjAYMRYw
FAYDVQQDEw02NzZlNjYyYy02OTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA34XVFBE0tHVR128X5yx+3A9sxmE2CNw/hT4DYRmbCe+7djbbY8RMB7Ft
VEQq0myHlTe5jeTiqKLIw6uSj2F/RgM3lAy84+T2H6UGpMY/0XoajrStV4kbvGUp
G+fyJSZx2gUGsg5MIbIzpjWgjy5ZB0KMZ275bwe6YtHFXcFem0Zj5PHqTftO2/ah
gVULKKDa2eemJ/QMQH5pCXIkFPx0DeY3WGlSntENmWlb5V3//zBAOt2LnKX0aCFi
QE5Lz99ZR3GxQyJ9Q6mEUG+YrjHbPWtpYzjyZT4vSq3RszoPKXd1cCPJTki4kdVp
QhU7fH8rwoWtDQgHp5hnBe1Zn9u9DQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEnf
8VjhOdqxSLrBtXcVVPBVz49lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNDlDMDg3Q0M0MkQxMUVGQkVGM0U0OUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmssEMA0GCSqGSIb3DQEB
CwUAA4IBAQA9bCEsFSxc5qIlpWWLrpO2Jxjq1F3tDLhF0lwc5r98KNtEV0Ewp+PW
rebwYoCncfBGXDCsZn4HM4D6eogzKrPPTn4HKc1cA+EbtEPZOEW+847CqWBzVcgF
829uztZpKuZqpDdyEAFON5ntPjNEOmvNvL+iPHgfJclTyKsBZTegH/ewDsx9WiUb
kidRf9sqTJXGMTN+FVgUk8d4pd7A2g9NVhlaBlZdlxVcSRvCNio/i+1Pay8P//5f
ffx6KFxqFTX1AMKCL/Cv0PJsE4yqqlRjfPLCbFGthFgwkVacu1gIez5agcWDWatL
KEKHBnDud0faVEckVHcqmp+KLbp47PLz
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:16:03 2025 by rpki-client