Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C4D1534C90F11EF95DFCC9B762E951A.roa
File: 2C4D1534C90F11EF95DFCC9B762E951A.roa (raw, json)
Hash identifier: jkFYMKrwGR/0Cn2BqU4JaAf/deaJPV0oyag+D83zxU4=
Subject key identifier: C4:F1:1C:EF:2A:3C:40:99:DF:86:3C:BB:AB:F3:2E:3F:48:50:E0:12
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013299
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C4D1534C90F11EF95DFCC9B762E951A.roa
Signing time: Thu 02 Jan 2025 13:40:48 +0000
ROA not before: Thu 02 Jan 2025 13:40:44 +0000
ROA not after: Mon 13 Dec 2027 13:40:44 +0000
asID: 17561
IP address blocks: 154.221.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78489 (0x13299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 13:40:44 2025 GMT
Not After : Dec 13 13:40:44 2027 GMT
Subject: CN=67769760-871d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3d:a0:92:85:7a:85:c1:86:e0:f4:05:6d:31:
16:33:bd:ee:8f:85:80:18:4a:4e:cf:a5:24:b5:57:
fd:4a:44:94:1f:d4:76:82:13:11:15:57:00:bb:be:
f2:7b:0b:ee:da:a2:d6:92:28:07:cf:67:1f:ac:f2:
98:0a:18:38:84:bf:4e:e9:c1:50:d2:5d:ff:78:bf:
6f:24:16:fc:a1:7e:4b:a2:8f:35:5f:df:f6:90:98:
da:35:bd:fc:ab:ab:c0:88:2c:7c:c2:e1:58:ce:d7:
ec:29:fd:80:53:b4:e6:b0:87:be:ba:f1:3c:18:a9:
e7:ac:fc:cc:d1:4f:88:63:15:fc:b9:7e:8b:11:9b:
7c:27:02:21:c0:64:33:0b:79:4e:5e:08:c2:89:99:
55:07:4e:2c:df:47:67:03:d0:2f:0d:79:dd:c7:84:
db:c6:1e:15:85:88:19:b3:5a:db:18:e3:53:15:88:
df:75:36:07:22:18:b8:3d:dd:ce:ab:ee:ba:21:a6:
83:8a:fe:b3:5c:31:ac:52:c5:99:7f:82:5a:b4:47:
59:1d:a4:25:a8:9e:03:01:6c:81:5b:43:73:a1:93:
79:69:97:0e:52:9a:0c:19:7a:d5:97:f1:63:93:ba:
d7:2a:f7:06:4d:4c:2e:68:37:76:bc:af:a8:22:1b:
3d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F1:1C:EF:2A:3C:40:99:DF:86:3C:BB:AB:F3:2E:3F:48:50:E0:12
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C4D1534C90F11EF95DFCC9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.217.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:bf:e0:c3:89:65:fe:c6:ae:20:33:bb:03:65:a4:ec:a3:43:
1c:c3:99:80:7f:32:7a:e0:7d:aa:19:0a:35:31:86:76:c4:c6:
d3:e3:01:16:ba:0f:19:2a:cd:54:8f:9f:41:11:5b:92:eb:f2:
eb:55:77:1c:fb:f8:a9:fc:d7:41:b4:73:f9:b8:01:53:7c:bf:
34:70:55:7f:c8:ca:a6:97:96:c8:5a:2a:65:37:87:d9:f2:a1:
ac:e1:54:29:d4:c4:28:18:d8:7d:dc:2f:8a:12:00:8d:34:0b:
6d:e6:9e:cc:22:31:36:90:76:21:ba:fa:50:5c:95:68:a6:90:
ce:00:3f:d1:6a:b0:08:fc:c5:88:ab:bc:63:3f:71:c0:13:50:
fc:5c:19:9a:47:72:38:69:31:6b:89:ac:35:41:38:f0:a6:f0:
f2:53:e4:94:c5:ca:30:cc:50:96:66:8c:d8:66:f1:08:b5:83:
96:ee:bf:5c:3b:27:22:dd:60:85:2a:1e:7b:ea:93:42:7e:94:
44:42:d8:58:e8:46:dc:10:6f:38:35:e3:6b:8a:43:2a:8f:86:
60:8e:3a:4e:ea:0c:46:8c:e9:55:a0:40:37:0e:cf:70:aa:04:
58:8d:f4:f4:0f:ac:8d:ea:3d:9c:4e:30:6d:19:d8:a0:fd:75:
b1:70:44:17
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATKZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTM0MDQ0WhcNMjcxMjEzMTM0MDQ0WjAYMRYw
FAYDVQQDEw02Nzc2OTc2MC04NzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArj2gkoV6hcGG4PQFbTEWM73uj4WAGEpOz6UktVf9SkSUH9R2ghMRFVcA
u77yewvu2qLWkigHz2cfrPKYChg4hL9O6cFQ0l3/eL9vJBb8oX5Loo81X9/2kJja
Nb38q6vAiCx8wuFYztfsKf2AU7TmsIe+uvE8GKnnrPzM0U+IYxX8uX6LEZt8JwIh
wGQzC3lOXgjCiZlVB04s30dnA9AvDXndx4Tbxh4VhYgZs1rbGONTFYjfdTYHIhi4
Pd3Oq+66IaaDiv6zXDGsUsWZf4JatEdZHaQlqJ4DAWyBW0NzoZN5aZcOUpoMGXrV
l/Fjk7rXKvcGTUwuaDd2vK+oIhs9iwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMTx
HO8qPECZ34Y8u6vzLj9IUOASMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQzREMTUzNEM5MEYxMUVGOTVERkNDOUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3ZMA0GCSqGSIb3DQEB
CwUAA4IBAQCdv+DDiWX+xq4gM7sDZaTso0Mcw5mAfzJ64H2qGQo1MYZ2xMbT4wEW
ug8ZKs1Uj59BEVuS6/LrVXcc+/ip/NdBtHP5uAFTfL80cFV/yMqml5bIWiplN4fZ
8qGs4VQp1MQoGNh93C+KEgCNNAtt5p7MIjE2kHYhuvpQXJVoppDOAD/RarAI/MWI
q7xjP3HAE1D8XBmaR3I4aTFriaw1QTjwpvDyU+SUxcowzFCWZozYZvEItYOW7r9c
Oyci3WCFKh576pNCfpREQthY6EbcEG84NeNrikMqj4ZgjjpO6gxGjOlVoEA3Ds9w
qgRYjfT0D6yN6j2cTjBtGdig/XWxcEQX
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:08:58 2025 by rpki-client