Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25C9EEE4C54A11EFBE3042A2762E951A.roa
File: 25C9EEE4C54A11EFBE3042A2762E951A.roa (raw, json)
Hash identifier: S4UkYaqu05JX8EhOEC3ZzYrMkCayoTbzAgr2pyGZHXI=
Subject key identifier: 4B:F6:95:82:4A:5A:3F:89:53:D8:58:E9:92:D0:4D:1B:5C:B2:A5:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012CD1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25C9EEE4C54A11EFBE3042A2762E951A.roa
Signing time: Sat 28 Dec 2024 18:32:52 +0000
ROA not before: Sat 28 Dec 2024 18:32:49 +0000
ROA not after: Sun 12 Dec 2027 18:32:49 +0000
asID: 17561
IP address blocks: 154.209.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77009 (0x12cd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 18:32:49 2024 GMT
Not After : Dec 12 18:32:49 2027 GMT
Subject: CN=67704454-e457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cb:fa:d7:9e:39:08:6b:d3:ed:69:fa:57:ed:
0b:07:d3:cc:20:2d:c6:ce:27:83:f8:2e:96:4f:f0:
5c:66:23:63:27:10:42:00:03:48:32:8a:bd:61:43:
a3:68:81:be:f4:ba:e5:0e:ae:f2:3f:17:e3:73:97:
e9:70:cc:8d:6e:77:1a:ba:34:d6:f7:d9:49:85:70:
9c:01:a4:dc:2c:3f:47:da:a6:79:24:23:f3:4f:13:
da:b0:96:dc:2c:bc:08:6f:d9:82:a9:37:02:0a:73:
53:d5:28:f5:74:b6:9a:a4:3d:4d:4a:cf:02:da:35:
36:60:53:af:a4:2b:e3:81:b6:24:90:77:77:b9:6e:
3a:de:c6:f5:88:9d:24:0f:25:c1:17:0a:ea:de:d2:
da:9c:2b:0f:d0:31:b1:d3:91:f0:4e:19:88:52:8e:
23:ef:47:ce:1d:fa:7d:e8:c8:32:b2:2f:e2:ed:fe:
66:13:f4:33:3b:86:1c:73:8f:94:9c:8c:85:b2:8c:
20:fc:2a:96:20:86:eb:be:65:19:39:f4:41:5f:d4:
34:c7:a9:44:33:a3:df:07:77:62:ee:00:fb:d5:f6:
db:d0:db:e6:da:f0:3e:36:f3:01:da:f4:ed:ab:25:
41:d7:9e:5e:57:2f:ef:2c:f7:4e:bf:10:eb:fb:16:
d4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F6:95:82:4A:5A:3F:89:53:D8:58:E9:92:D0:4D:1B:5C:B2:A5:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25C9EEE4C54A11EFBE3042A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.68.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:d7:e4:57:b3:a9:62:68:99:19:a7:5a:36:05:95:f1:4d:2d:
66:02:3c:a1:31:fc:26:a2:f5:0f:ee:6f:2f:61:da:0a:34:ef:
79:82:06:56:eb:73:e3:3b:ee:c4:f9:00:d3:9e:14:e5:b7:27:
5b:fc:9a:53:27:e3:dd:d0:9f:64:08:4b:f0:56:cf:19:fa:7e:
50:32:a0:c2:fa:59:06:cc:3d:3d:48:07:3b:50:e2:26:2f:99:
05:1b:ae:10:9e:fd:7d:ce:06:c5:45:eb:74:41:b7:4d:df:7d:
81:a0:ca:e6:4d:4d:cc:a8:68:e8:bb:57:42:f3:ce:8b:05:74:
22:10:58:75:ef:7f:23:d2:39:8a:b7:43:ba:4a:64:79:0f:e3:
e7:75:3c:5c:6e:41:5f:e8:87:df:c1:c7:89:cd:51:85:47:e6:
95:39:72:7c:b1:53:53:ed:02:b5:05:73:26:d3:f1:81:a6:00:
5c:bc:97:57:b2:8c:5c:27:51:d3:ea:f4:e9:60:f1:77:58:60:
89:a7:20:f4:1e:7a:90:6b:d5:ac:6d:3b:28:10:50:cc:ba:08:
b6:1a:5c:c3:b7:49:e8:78:98:4c:ed:5c:af:27:8a:36:46:24:
7a:92:0d:b8:4e:3f:cd:88:a8:0f:a4:bc:5d:46:a6:4f:41:9b:
94:3f:c7:96
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASzRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTgzMjQ5WhcNMjcxMjEyMTgzMjQ5WjAYMRYw
FAYDVQQDEw02NzcwNDQ1NC1lNDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs8v61545CGvT7Wn6V+0LB9PMIC3GzieD+C6WT/BcZiNjJxBCAANIMoq9
YUOjaIG+9LrlDq7yPxfjc5fpcMyNbncaujTW99lJhXCcAaTcLD9H2qZ5JCPzTxPa
sJbcLLwIb9mCqTcCCnNT1Sj1dLaapD1NSs8C2jU2YFOvpCvjgbYkkHd3uW463sb1
iJ0kDyXBFwrq3tLanCsP0DGx05HwThmIUo4j70fOHfp96Mgysi/i7f5mE/QzO4Yc
c4+UnIyFsowg/CqWIIbrvmUZOfRBX9Q0x6lEM6PfB3di7gD71fbb0Nvm2vA+NvMB
2vTtqyVB155eVy/vLPdOvxDr+xbU/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEv2
lYJKWj+JU9hY6ZLQTRtcsqVRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNUM5RUVFNEM1NEExMUVGQkUzMDQyQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtFEMA0GCSqGSIb3DQEB
CwUAA4IBAQCh1+RXs6liaJkZp1o2BZXxTS1mAjyhMfwmovUP7m8vYdoKNO95ggZW
63PjO+7E+QDTnhTltydb/JpTJ+Pd0J9kCEvwVs8Z+n5QMqDC+lkGzD09SAc7UOIm
L5kFG64Qnv19zgbFRet0QbdN332BoMrmTU3MqGjou1dC886LBXQiEFh1738j0jmK
t0O6SmR5D+PndTxcbkFf6IffwceJzVGFR+aVOXJ8sVNT7QK1BXMm0/GBpgBcvJdX
soxcJ1HT6vTpYPF3WGCJpyD0HnqQa9WsbTsoEFDMugi2GlzDt0noeJhM7VyvJ4o2
RiR6kg24Tj/NiKgPpLxdRqZPQZuUP8eW
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:26:38 2025 by rpki-client