Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31E404E4C05911EFB8C220BF762E951A.roa
File: 31E404E4C05911EFB8C220BF762E951A.roa (raw, json)
Hash identifier: HxiyCIdxBMN/+La3hlxABmnaqUW+lE4dP1uZ7rM3/dk=
Subject key identifier: 41:C1:23:07:38:64:47:B7:76:A4:ED:D3:D6:14:E7:55:06:24:D2:34
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011DAC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31E404E4C05911EFB8C220BF762E951A.roa
Signing time: Sun 22 Dec 2024 11:37:59 +0000
ROA not before: Sun 22 Dec 2024 11:37:56 +0000
ROA not after: Mon 22 Dec 2025 11:37:56 +0000
asID: 137443
IP address blocks: 154.211.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73132 (0x11dac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 22 11:37:56 2024 GMT
Not After : Dec 22 11:37:56 2025 GMT
Subject: CN=6767fa17-99a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9b:13:28:ac:cc:e8:19:19:54:fc:7f:0b:1d:
7e:5a:64:63:73:5f:ee:d4:cb:6c:34:01:e8:81:d1:
53:74:e0:cc:48:46:0f:a0:56:81:dd:32:4d:de:ad:
33:e3:67:c9:bc:47:8f:ef:51:e6:a1:4f:72:5a:9c:
a1:56:2e:01:19:8f:56:ae:0d:be:fb:31:86:50:a6:
28:91:64:60:25:21:24:8a:13:11:54:72:70:3f:0c:
76:65:b4:46:a1:7a:3f:1f:a2:6f:79:98:49:f3:2d:
d0:af:20:df:0e:1f:8f:2d:7d:01:96:19:a4:43:3d:
e2:8f:ec:71:fd:0e:ed:e2:26:06:ba:bc:b2:5b:8d:
31:ff:26:c9:42:c1:0f:e7:7c:9a:38:4b:12:17:3c:
6f:fc:5d:22:f1:3d:2a:0b:72:54:4f:87:c2:48:f1:
ad:8e:3d:08:eb:14:33:e0:8a:6c:9a:9e:d6:18:fe:
1a:c4:28:b7:14:bc:21:a9:5d:c5:74:7c:4c:74:21:
3a:0d:3e:88:1b:7e:33:74:9c:6f:bf:0a:1b:99:7e:
12:b3:de:b1:2c:b3:2d:9e:b8:02:b7:3f:9c:61:9f:
07:4d:ea:ff:6c:12:56:dd:56:10:6e:67:5d:8b:fb:
3f:6c:43:60:b6:ae:09:2d:be:7a:7c:be:5d:9b:31:
e2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C1:23:07:38:64:47:B7:76:A4:ED:D3:D6:14:E7:55:06:24:D2:34
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31E404E4C05911EFB8C220BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.20.0/22
Signature Algorithm: sha256WithRSAEncryption
24:6b:ba:72:d5:aa:03:24:e4:e9:27:7b:49:a8:20:5c:69:05:
80:e2:07:6e:62:1b:04:ac:c3:4b:5c:ff:18:77:e0:0d:c7:da:
91:e3:61:72:6d:00:67:35:66:d5:f4:cf:7f:79:99:e9:84:51:
ba:a5:34:24:84:dd:87:cc:0d:53:ee:bf:66:f9:67:27:fa:f9:
9b:db:3b:53:a3:a7:07:fb:8e:d0:e8:f4:b7:64:0c:b4:c5:97:
97:97:6d:82:e7:46:92:62:ff:da:3f:1e:cd:83:0d:8c:24:dc:
b7:96:e9:51:3e:bb:4f:a5:3c:91:98:d7:49:a1:f0:ab:38:52:
21:8f:d6:24:0c:ed:67:55:ad:20:82:81:05:b7:78:8a:6e:23:
a7:6e:38:7d:fe:27:f8:29:97:85:df:29:3d:c6:c1:aa:db:ce:
94:ed:94:a9:34:c6:4f:8b:9f:9c:4f:a3:f4:89:84:75:eb:02:
bc:6f:94:5f:0f:7b:24:cf:4f:a7:22:de:b7:d2:ae:26:c7:ab:
4e:fe:fb:ac:15:6f:f3:fa:58:f8:8b:3d:ea:5a:eb:ef:fd:cc:
94:5e:4b:2b:53:9b:5f:6e:a8:2a:3d:1e:a9:8c:cf:99:65:08:
17:1d:29:31:77:f5:7c:74:4c:ca:16:2e:d7:3b:e2:c8:0f:70:
e4:3e:ad:7b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR2sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIyMTEzNzU2WhcNMjUxMjIyMTEzNzU2WjAYMRYw
FAYDVQQDEw02NzY3ZmExNy05OWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7JsTKKzM6BkZVPx/Cx1+WmRjc1/u1MtsNAHogdFTdODMSEYPoFaB3TJN
3q0z42fJvEeP71HmoU9yWpyhVi4BGY9Wrg2++zGGUKYokWRgJSEkihMRVHJwPwx2
ZbRGoXo/H6JveZhJ8y3QryDfDh+PLX0BlhmkQz3ij+xx/Q7t4iYGuryyW40x/ybJ
QsEP53yaOEsSFzxv/F0i8T0qC3JUT4fCSPGtjj0I6xQz4Ipsmp7WGP4axCi3FLwh
qV3FdHxMdCE6DT6IG34zdJxvvwobmX4Ss96xLLMtnrgCtz+cYZ8HTer/bBJW3VYQ
bmddi/s/bENgtq4JLb56fL5dmzHiEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEHB
Iwc4ZEe3dqTt09YU51UGJNI0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMUU0MDRFNEMwNTkxMUVGQjhDMjIwQkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtMUMA0GCSqGSIb3DQEB
CwUAA4IBAQAka7py1aoDJOTpJ3tJqCBcaQWA4gduYhsErMNLXP8Yd+ANx9qR42Fy
bQBnNWbV9M9/eZnphFG6pTQkhN2HzA1T7r9m+Wcn+vmb2ztTo6cH+47Q6PS3ZAy0
xZeXl22C50aSYv/aPx7Ngw2MJNy3lulRPrtPpTyRmNdJofCrOFIhj9YkDO1nVa0g
goEFt3iKbiOnbjh9/if4KZeF3yk9xsGq286U7ZSpNMZPi5+cT6P0iYR16wK8b5Rf
D3skz0+nIt630q4mx6tO/vusFW/z+lj4iz3qWuvv/cyUXksrU5tfbqgqPR6pjM+Z
ZQgXHSkxd/V8dEzKFi7XO+LID3DkPq17
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:36:33 2025 by rpki-client