Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/291D0A74C60611EFA0A2CF4C762E951A.roa
File: 291D0A74C60611EFA0A2CF4C762E951A.roa (raw, json)
Hash identifier: QNMCQNbEv1If2D6tsbooxETm6t24RiYtxWVL5SyimEA=
Subject key identifier: 34:E4:04:68:55:11:D4:8E:46:6A:18:EC:57:2A:34:4E:79:E1:1E:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E8A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/291D0A74C60611EFA0A2CF4C762E951A.roa
Signing time: Sun 29 Dec 2024 16:58:43 +0000
ROA not before: Sun 29 Dec 2024 16:58:39 +0000
ROA not after: Sun 12 Dec 2027 16:58:39 +0000
asID: 17561
IP address blocks: 154.217.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77450 (0x12e8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 16:58:39 2024 GMT
Not After : Dec 12 16:58:39 2027 GMT
Subject: CN=67717fc3-08b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cd:ce:95:ad:82:4b:06:0d:39:f9:af:03:35:
0a:c6:10:2a:04:ab:21:6d:a6:3c:be:a7:24:2e:53:
15:9c:a1:e6:53:0d:a8:3e:2c:10:45:57:03:d4:9e:
71:4c:22:73:e5:e1:ed:1f:75:73:4a:08:45:f0:ff:
3a:a0:3b:f6:fa:21:25:50:10:46:8d:bb:08:2d:35:
bf:95:e6:d2:38:a4:c0:b7:d5:ce:0d:24:ca:b1:10:
49:4e:ea:3c:6c:29:68:2c:dd:e9:31:bf:17:41:ab:
00:d1:fa:25:67:a4:1f:ef:52:6e:27:91:6b:04:72:
e2:f1:28:f2:be:d2:5a:a4:a3:fa:ee:bc:5b:d2:39:
3e:cf:4d:6c:47:2e:f3:b6:f9:d5:fd:d0:08:7f:94:
fa:ed:c8:29:0d:8c:38:22:ae:54:dc:c8:f9:59:fb:
8d:c8:0b:c2:eb:bb:23:2a:0e:f9:e9:8a:93:e4:72:
cb:00:e3:87:6b:dd:3a:20:11:7f:bd:c0:84:e8:7c:
a2:57:af:4d:74:f3:d5:88:44:57:8a:99:06:da:ee:
43:8c:1c:e3:b5:30:d3:9d:72:bf:c9:d5:6f:49:68:
ab:8e:fa:49:92:c2:fc:93:32:88:00:23:0f:6a:e6:
3b:5c:7f:8f:a0:be:2d:c9:4e:55:aa:c2:61:a1:85:
d8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E4:04:68:55:11:D4:8E:46:6A:18:EC:57:2A:34:4E:79:E1:1E:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/291D0A74C60611EFA0A2CF4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.40.0/24
Signature Algorithm: sha256WithRSAEncryption
82:5e:57:54:4c:ed:7e:6a:50:ba:de:66:a6:5a:67:22:45:f5:
55:c1:9d:c5:04:45:58:1c:99:fc:a1:c6:37:82:43:88:9b:eb:
0c:30:3b:d2:0e:5f:4d:23:5b:ac:d0:6e:aa:f7:27:a2:26:27:
c5:79:28:85:83:2e:77:3b:82:ab:8a:95:35:e0:66:22:a7:e4:
eb:fa:f7:d3:b3:b5:37:7c:8c:9b:73:83:1d:c1:ad:78:95:a2:
44:7f:7f:58:6b:39:da:bb:ad:a3:ee:da:01:05:ce:ec:5a:27:
d5:a0:a8:ee:cf:32:f5:59:26:46:f8:fa:a0:56:65:46:b9:e4:
f7:f4:bc:6f:06:ed:99:1a:ab:84:59:49:13:8a:aa:a7:4e:a2:
2e:40:68:17:7e:60:6f:32:9a:f3:b8:f1:96:b2:b3:09:7d:64:
54:57:9d:29:79:5f:a5:d5:16:23:f9:0e:69:cd:f9:d8:b1:cf:
7a:5b:0f:17:a2:44:67:ca:9b:5b:16:3c:66:a4:2e:ce:05:55:
63:9a:f1:bd:96:0c:96:06:49:62:b3:69:2c:a7:77:1a:37:9a:
88:1e:54:02:29:2e:2e:03:81:4d:a1:e2:ad:02:2b:3e:a8:cc:
97:5f:c3:96:f6:46:af:c5:5f:5c:36:35:fa:38:d8:96:fe:17:
48:62:5c:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS6KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTY1ODM5WhcNMjcxMjEyMTY1ODM5WjAYMRYw
FAYDVQQDEw02NzcxN2ZjMy0wOGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvc3Ola2CSwYNOfmvAzUKxhAqBKshbaY8vqckLlMVnKHmUw2oPiwQRVcD
1J5xTCJz5eHtH3VzSghF8P86oDv2+iElUBBGjbsILTW/lebSOKTAt9XODSTKsRBJ
Tuo8bCloLN3pMb8XQasA0folZ6Qf71JuJ5FrBHLi8SjyvtJapKP67rxb0jk+z01s
Ry7ztvnV/dAIf5T67cgpDYw4Iq5U3Mj5WfuNyAvC67sjKg756YqT5HLLAOOHa906
IBF/vcCE6HyiV69NdPPViERXipkG2u5DjBzjtTDTnXK/ydVvSWirjvpJksL8kzKI
ACMPauY7XH+PoL4tyU5VqsJhoYXY+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDTk
BGhVEdSORmoY7FcqNE554R7MMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTFEMEE3NEM2MDYxMUVGQTBBMkNGNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtkoMA0GCSqGSIb3DQEB
CwUAA4IBAQCCXldUTO1+alC63mamWmciRfVVwZ3FBEVYHJn8ocY3gkOIm+sMMDvS
Dl9NI1us0G6q9yeiJifFeSiFgy53O4KripU14GYip+Tr+vfTs7U3fIybc4Mdwa14
laJEf39Yaznau62j7toBBc7sWifVoKjuzzL1WSZG+PqgVmVGueT39LxvBu2ZGquE
WUkTiqqnTqIuQGgXfmBvMprzuPGWsrMJfWRUV50peV+l1RYj+Q5pzfnYsc96Ww8X
okRnyptbFjxmpC7OBVVjmvG9lgyWBklis2ksp3caN5qIHlQCKS4uA4FNoeKtAis+
qMyXX8OW9kavxV9cNjX6ONiW/hdIYlxj
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:12 2025 by rpki-client