Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28EB4A06C25611EFB4666C55762E951A.roa
File: 28EB4A06C25611EFB4666C55762E951A.roa (raw, json)
Hash identifier: RRI9RefBmKG0pygQpNZ2FLRTBghtpPb/rzE45P+AC7Q=
Subject key identifier: 15:36:6F:9D:FF:CD:B0:AC:60:9E:C3:E0:29:8C:5E:75:3E:36:AD:B4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012333
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28EB4A06C25611EFB4666C55762E951A.roa
Signing time: Wed 25 Dec 2024 00:21:18 +0000
ROA not before: Wed 25 Dec 2024 00:00:14 +0000
ROA not after: Wed 10 Dec 2025 00:00:14 +0000
asID: 984
IP address blocks: 154.199.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74547 (0x12333)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 00:00:14 2024 GMT
Not After : Dec 10 00:00:14 2025 GMT
Subject: CN=676b4ffe-10c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:83:e6:1a:c6:e1:05:b9:54:29:ca:63:9a:60:
ec:9a:02:16:4b:65:a4:a6:10:14:af:e0:90:52:3b:
db:d0:f5:43:6c:2c:bb:73:7e:9e:2d:48:f9:e1:1f:
07:60:db:3f:ee:9a:6d:a5:95:6b:c6:c0:28:67:e9:
4b:a3:1c:14:e1:12:1c:08:b4:9d:7a:c7:67:6b:67:
63:e1:b3:b7:3b:47:47:d8:26:dc:0a:03:6b:41:28:
9f:59:8b:e5:54:d2:4b:fe:76:43:55:b4:1e:89:f1:
ad:0e:92:a1:24:50:fd:42:65:f4:4d:9b:21:77:ec:
aa:0b:89:f7:d4:77:72:a6:a6:16:84:9b:7d:5e:d0:
ca:10:03:39:cd:bc:a2:23:6e:53:b8:0d:88:ee:4a:
b7:1a:cd:5a:2f:2b:2b:25:2c:ce:00:0f:ee:3a:9a:
b9:a7:43:98:c5:47:fa:1a:0d:35:a1:b4:7f:95:ca:
93:7b:1f:40:ed:02:70:79:02:a1:b8:18:06:fb:a4:
98:bb:15:9f:9c:14:fd:15:f7:44:95:95:2e:43:71:
67:ab:51:36:fc:a6:a8:e5:39:22:cf:20:4f:23:98:
a9:95:41:bf:33:6f:57:70:08:05:38:1b:ac:d5:89:
7d:b4:98:96:ae:78:f9:6e:62:48:9f:e3:9c:ef:49:
6f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:36:6F:9D:FF:CD:B0:AC:60:9E:C3:E0:29:8C:5E:75:3E:36:AD:B4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28EB4A06C25611EFB4666C55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.39.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:f2:7d:ed:f4:fa:f2:95:f4:ad:29:40:6d:6c:d5:41:e8:1b:
6f:db:96:4c:cb:30:21:b4:e4:45:0b:e6:a9:06:70:17:11:80:
23:99:33:c5:b5:a0:96:01:3d:8b:4f:42:01:ef:86:c4:e2:81:
c3:d9:58:0f:26:aa:1f:fb:83:ff:50:fa:f0:20:d6:f7:93:9e:
fe:de:49:46:32:a6:1f:ce:db:6b:0d:24:60:ce:3b:62:a7:3a:
6b:b7:c1:f4:b8:6e:3d:4e:2c:f2:4f:b4:4a:61:c7:f0:3f:43:
b3:d1:9c:0b:a1:8b:fe:16:70:a8:4c:fe:06:e1:42:be:69:a2:
6c:b3:50:ce:9e:6e:d6:ef:2c:fc:79:b3:85:78:89:e9:8d:a5:
aa:f8:c2:4e:d9:c7:be:7c:96:df:0d:a2:db:bc:62:6b:7e:b5:
85:d5:d5:3a:10:a0:b3:1b:b6:79:bf:be:7b:04:c2:60:01:ea:
58:b0:8f:ca:e6:29:aa:c1:9e:70:d6:c9:d9:50:d7:3d:c4:4f:
73:19:29:92:f2:fd:a9:a9:a9:de:e0:b7:40:ad:33:aa:13:ff:
69:21:a3:51:89:10:89:d8:c3:c5:9e:78:b1:4d:dd:a5:1c:e2:
9e:0b:bf:dd:b8:1f:e6:b9:57:af:da:74:98:44:b7:e2:8e:11:
88:30:42:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASMzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDAwMDE0WhcNMjUxMjEwMDAwMDE0WjAYMRYw
FAYDVQQDEw02NzZiNGZmZS0xMGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyoPmGsbhBblUKcpjmmDsmgIWS2WkphAUr+CQUjvb0PVDbCy7c36eLUj5
4R8HYNs/7pptpZVrxsAoZ+lLoxwU4RIcCLSdesdna2dj4bO3O0dH2CbcCgNrQSif
WYvlVNJL/nZDVbQeifGtDpKhJFD9QmX0TZshd+yqC4n31HdypqYWhJt9XtDKEAM5
zbyiI25TuA2I7kq3Gs1aLysrJSzOAA/uOpq5p0OYxUf6Gg01obR/lcqTex9A7QJw
eQKhuBgG+6SYuxWfnBT9FfdElZUuQ3Fnq1E2/Kao5TkizyBPI5iplUG/M29XcAgF
OBus1Yl9tJiWrnj5bmJIn+Oc70lvFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBU2
b53/zbCsYJ7D4CmMXnU+Nq20MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOEVCNEEwNkMyNTYxMUVGQjQ2NjZDNTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscnMA0GCSqGSIb3DQEB
CwUAA4IBAQAu8n3t9PrylfStKUBtbNVB6Btv25ZMyzAhtORFC+apBnAXEYAjmTPF
taCWAT2LT0IB74bE4oHD2VgPJqof+4P/UPrwINb3k57+3klGMqYfzttrDSRgzjti
pzprt8H0uG49TizyT7RKYcfwP0Oz0ZwLoYv+FnCoTP4G4UK+aaJss1DOnm7W7yz8
ebOFeInpjaWq+MJO2ce+fJbfDaLbvGJrfrWF1dU6EKCzG7Z5v757BMJgAepYsI/K
5imqwZ5w1snZUNc9xE9zGSmS8v2pqane4LdArTOqE/9pIaNRiRCJ2MPFnnixTd2l
HOKeC7/duB/muVev2nSYRLfijhGIMELc
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:15:36 2025 by rpki-client