Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CCEB448C5FB11EFACFE9387762E951A.roa
File: 2CCEB448C5FB11EFACFE9387762E951A.roa (raw, json)
Hash identifier: tmMY8x7Sg4r0eLSQkS0fQ437nT/HV2yXdK04aSJFbsg=
Subject key identifier: 13:66:70:AE:7A:54:46:82:5A:3A:6B:06:20:BE:EC:D9:22:FF:3B:99
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E2C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CCEB448C5FB11EFACFE9387762E951A.roa
Signing time: Sun 29 Dec 2024 15:40:05 +0000
ROA not before: Sun 29 Dec 2024 15:40:01 +0000
ROA not after: Sun 12 Dec 2027 15:40:01 +0000
asID: 17561
IP address blocks: 154.216.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77356 (0x12e2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 15:40:01 2024 GMT
Not After : Dec 12 15:40:01 2027 GMT
Subject: CN=67716d55-a7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:e0:61:02:c4:60:9a:fc:72:a0:9c:13:71:
23:1d:ff:0f:77:6b:9f:9a:a3:e5:b6:84:ad:df:76:
18:8e:82:32:2d:4a:d2:ce:5f:3f:1c:3c:c7:ad:ca:
88:c7:8c:c3:a7:20:59:f7:7d:8b:d6:17:18:80:2e:
75:16:a9:69:ea:dd:43:28:cd:85:54:76:70:2b:11:
10:98:70:42:68:ae:7b:3a:6f:29:f5:e1:eb:f9:b3:
cf:5b:6e:fb:f0:53:5d:62:44:94:a7:cc:19:38:17:
7b:f5:98:38:d1:be:d2:db:9d:7d:c8:34:96:ba:17:
b4:be:34:06:9d:d9:16:a6:58:5a:70:e7:fd:dd:bf:
26:dd:86:b2:b2:47:e8:db:b0:a9:1c:28:30:9a:d8:
5c:fe:69:df:a0:69:29:be:ba:8a:08:82:16:f3:19:
3e:37:67:3c:1e:08:53:ff:c0:67:9d:40:ba:f5:e9:
70:7e:17:e3:41:34:53:20:5a:50:41:50:86:de:8d:
e0:48:50:4b:9a:1e:b6:ec:fb:74:63:6b:c5:43:74:
0a:dd:82:78:90:14:09:e6:4b:4a:94:2e:66:3d:a8:
72:a4:56:3f:33:a8:4b:bd:0f:47:20:72:de:60:ba:
b5:49:09:d2:8c:f9:41:9a:f6:ca:bc:00:dc:4a:d6:
ef:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:66:70:AE:7A:54:46:82:5A:3A:6B:06:20:BE:EC:D9:22:FF:3B:99
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CCEB448C5FB11EFACFE9387762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.25.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:2b:8f:9f:5c:df:f3:5c:35:56:ea:ce:c0:ae:89:d4:df:9a:
75:fc:d5:96:88:b2:8b:e5:67:11:35:ef:15:0e:30:25:73:f3:
11:76:5e:c3:48:28:86:10:ee:31:13:2e:48:4b:76:77:c8:39:
66:93:b7:d7:14:4c:bd:46:55:34:2e:72:af:a3:d6:66:8b:28:
32:31:7e:35:af:0e:50:9e:88:c8:d5:41:9a:d7:a7:87:0b:64:
92:65:d7:97:12:32:b5:b2:08:e5:55:11:b9:21:92:e4:2a:d2:
03:ef:7c:7a:55:75:54:9a:82:24:16:88:25:01:ad:08:ab:d4:
b1:e0:fb:27:f0:74:87:93:fb:42:5f:1d:4e:9a:90:38:2e:f3:
0c:94:c6:6f:c0:cd:1b:15:5c:13:38:5f:bc:54:fb:d3:77:5c:
fe:fe:af:9d:9b:6d:b0:ec:c9:7f:58:04:8a:2f:d5:d7:28:ee:
95:71:a4:12:25:4e:ee:d9:ef:a0:3e:d6:e0:90:f0:af:5a:57:
14:5b:98:9f:18:78:6d:63:e3:23:26:42:61:43:c8:86:9d:c6:
f2:81:b9:9e:c9:0f:44:e9:a4:91:d8:f0:e1:fc:2d:79:b4:00:
89:99:0e:a7:5e:2c:b2:c8:a6:7a:84:b8:7e:b1:37:36:80:89:
06:61:de:4a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS4sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTU0MDAxWhcNMjcxMjEyMTU0MDAxWjAYMRYw
FAYDVQQDEw02NzcxNmQ1NS1hN2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsFXgYQLEYJr8cqCcE3EjHf8Pd2ufmqPltoSt33YYjoIyLUrSzl8/HDzH
rcqIx4zDpyBZ932L1hcYgC51Fqlp6t1DKM2FVHZwKxEQmHBCaK57Om8p9eHr+bPP
W2778FNdYkSUp8wZOBd79Zg40b7S2519yDSWuhe0vjQGndkWplhacOf93b8m3Yay
skfo27CpHCgwmthc/mnfoGkpvrqKCIIW8xk+N2c8HghT/8BnnUC69elwfhfjQTRT
IFpQQVCG3o3gSFBLmh627Pt0Y2vFQ3QK3YJ4kBQJ5ktKlC5mPahypFY/M6hLvQ9H
IHLeYLq1SQnSjPlBmvbKvADcStbvGwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBNm
cK56VEaCWjprBiC+7Nki/zuZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0NFQjQ0OEM1RkIxMUVGQUNGRTkzODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtgZMA0GCSqGSIb3DQEB
CwUAA4IBAQC8K4+fXN/zXDVW6s7AronU35p1/NWWiLKL5WcRNe8VDjAlc/MRdl7D
SCiGEO4xEy5IS3Z3yDlmk7fXFEy9RlU0LnKvo9ZmiygyMX41rw5QnojI1UGa16eH
C2SSZdeXEjK1sgjlVRG5IZLkKtID73x6VXVUmoIkFoglAa0Iq9Sx4Psn8HSHk/tC
Xx1OmpA4LvMMlMZvwM0bFVwTOF+8VPvTd1z+/q+dm22w7Ml/WASKL9XXKO6VcaQS
JU7u2e+gPtbgkPCvWlcUW5ifGHhtY+MjJkJhQ8iGncbygbmeyQ9E6aSR2PDh/C15
tACJmQ6nXiyyyKZ6hLh+sTc2gIkGYd5K
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:45:47 2025 by rpki-client