Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/26707EB6B6CD11EFBF5E79B9762E951A.roa
File: 26707EB6B6CD11EFBF5E79B9762E951A.roa (raw, json)
Hash identifier: 6qqwYoj/f40HsqjXYjfE7M9K8zaTVuHF0bj3wjvVvvE=
Subject key identifier: B9:ED:0E:1F:C2:12:89:EA:AB:CC:7A:28:F7:75:65:77:5E:43:19:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011A30
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/26707EB6B6CD11EFBF5E79B9762E951A.roa
Signing time: Tue 10 Dec 2024 08:02:50 +0000
ROA not before: Tue 10 Dec 2024 08:02:46 +0000
ROA not after: Mon 15 Dec 2025 08:02:46 +0000
asID: 8796
IP address blocks: 154.205.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72240 (0x11a30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 10 08:02:46 2024 GMT
Not After : Dec 15 08:02:46 2025 GMT
Subject: CN=6757f5aa-16c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:15:ac:f5:8d:70:bd:9c:bf:7b:89:1f:58:
61:a6:47:43:5d:98:e2:5c:e8:04:61:80:aa:cf:f4:
de:6b:0c:19:63:00:f8:bb:09:54:aa:38:ec:87:b5:
05:92:56:11:73:80:8b:08:64:15:02:4c:89:11:8c:
26:00:87:79:d8:d9:79:a0:a6:84:1f:b0:24:1a:fa:
72:8f:c6:bc:c9:e1:23:70:e8:1f:79:e8:2f:1d:5a:
a3:44:dd:50:35:d8:32:7a:cf:8b:8a:57:09:ca:a5:
16:09:e8:a0:73:16:e7:c4:4d:89:70:2b:b4:cb:cb:
bc:4d:c3:18:5b:33:59:47:34:c9:be:af:50:07:de:
3d:99:7e:f5:70:13:92:82:70:a8:8d:01:f4:24:14:
2e:e8:ba:c3:56:7b:2a:95:85:23:a7:c3:b3:24:47:
b7:4f:a6:ff:98:96:5f:4a:d4:59:7e:34:b3:6e:6e:
a0:0f:4d:63:61:29:2f:c5:71:3a:75:a0:75:e1:3e:
96:bf:59:6d:69:4e:ba:4c:43:41:48:da:17:41:73:
41:1e:50:e8:f4:be:73:fd:4c:b8:9b:bb:71:69:0e:
73:19:47:f1:06:97:93:1b:70:0c:ba:a6:16:84:06:
f8:83:ab:5f:c1:ac:a6:b7:9b:c0:d3:16:12:21:cf:
2e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:ED:0E:1F:C2:12:89:EA:AB:CC:7A:28:F7:75:65:77:5E:43:19:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/26707EB6B6CD11EFBF5E79B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.192.0/19
Signature Algorithm: sha256WithRSAEncryption
16:63:92:36:80:05:fe:cb:63:d6:4f:9e:e2:15:f4:b2:52:bf:
51:d1:e8:0f:1e:dc:1e:80:f7:69:bc:e3:39:29:81:24:0a:2d:
c6:7d:96:3b:7f:3e:05:0f:de:2c:6b:d8:fe:f9:f3:29:1b:29:
92:27:94:5e:ad:cf:2a:d2:d3:7d:bf:45:3b:97:79:38:95:52:
11:58:f3:b5:17:2a:ba:00:7b:0a:2b:c9:a0:00:1d:f6:a4:d3:
90:2a:59:09:5f:f3:e0:15:8f:30:bb:be:f6:8c:33:d5:ef:7a:
bd:dd:df:d0:d1:e4:10:d1:b4:c1:3f:5f:f9:64:2b:76:b7:e9:
e5:dd:7d:03:76:be:fb:b6:7e:7e:17:c5:88:a9:2d:90:90:ee:
20:ee:a1:f5:d0:8d:dd:1c:9d:32:43:c0:58:44:b4:64:48:5e:
51:aa:34:7f:3b:f1:69:77:8c:46:1d:d9:8b:44:02:18:1a:7f:
19:04:4f:35:30:96:7d:d4:ff:85:aa:7f:d5:1c:a7:5f:8b:84:
a4:8f:83:0c:11:47:2d:79:59:6b:2f:f5:b9:ef:35:94:46:2f:
f4:d2:2f:a5:7d:d8:d0:77:46:0b:4a:b3:97:54:0a:a3:5a:4d:
e8:83:bd:f3:1d:4f:be:a1:92:61:cc:75:84:63:60:c4:bd:b1:
f1:ee:fb:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARowMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjEwMDgwMjQ2WhcNMjUxMjE1MDgwMjQ2WjAYMRYw
FAYDVQQDEw02NzU3ZjVhYS0xNmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtlQVrPWNcL2cv3uJH1hhpkdDXZjiXOgEYYCqz/TeawwZYwD4uwlUqjjs
h7UFklYRc4CLCGQVAkyJEYwmAId52Nl5oKaEH7AkGvpyj8a8yeEjcOgfeegvHVqj
RN1QNdgyes+LilcJyqUWCeigcxbnxE2JcCu0y8u8TcMYWzNZRzTJvq9QB949mX71
cBOSgnCojQH0JBQu6LrDVnsqlYUjp8OzJEe3T6b/mJZfStRZfjSzbm6gD01jYSkv
xXE6daB14T6Wv1ltaU66TENBSNoXQXNBHlDo9L5z/Uy4m7txaQ5zGUfxBpeTG3AM
uqYWhAb4g6tfwaymt5vA0xYSIc8urwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLnt
Dh/CEonqq8x6KPd1ZXdeQxlXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNjcwN0VCNkI2Q0QxMUVGQkY1RTc5Qjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFms3AMA0GCSqGSIb3DQEB
CwUAA4IBAQAWY5I2gAX+y2PWT57iFfSyUr9R0egPHtwegPdpvOM5KYEkCi3GfZY7
fz4FD94sa9j++fMpGymSJ5Rerc8q0tN9v0U7l3k4lVIRWPO1Fyq6AHsKK8mgAB32
pNOQKlkJX/PgFY8wu772jDPV73q93d/Q0eQQ0bTBP1/5ZCt2t+nl3X0Ddr77tn5+
F8WIqS2QkO4g7qH10I3dHJ0yQ8BYRLRkSF5RqjR/O/Fpd4xGHdmLRAIYGn8ZBE81
MJZ91P+Fqn/VHKdfi4Skj4MMEUcteVlrL/W57zWURi/00i+lfdjQd0YLSrOXVAqj
Wk3og73zHU++oZJhzHWEY2DEvbHx7vu9
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:27:35 2025 by rpki-client