Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32B8CB66C54011EFADD6EA65762E951A.roa
File: 32B8CB66C54011EFADD6EA65762E951A.roa (raw, json)
Hash identifier: Rt5yv1CYqLcZmGNuE3Zb65UrIIqzN9ILmxlwhMvuKc8=
Subject key identifier: 4C:96:5A:07:D0:B5:1B:A5:93:5C:E7:B1:3E:E9:F0:AE:B6:A3:80:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012C75
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32B8CB66C54011EFADD6EA65762E951A.roa
Signing time: Sat 28 Dec 2024 17:21:39 +0000
ROA not before: Sat 28 Dec 2024 17:21:36 +0000
ROA not after: Fri 12 Dec 2025 17:21:36 +0000
asID: 984
IP address blocks: 154.206.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76917 (0x12c75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 17:21:36 2024 GMT
Not After : Dec 12 17:21:36 2025 GMT
Subject: CN=677033a3-ff75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0a:41:b9:45:87:24:87:27:bd:ba:01:0f:92:
e5:42:4a:97:cb:5f:cc:66:ee:fb:d1:ef:a0:f0:4b:
2a:49:72:ae:2e:be:fc:98:20:15:ca:c5:d4:3c:f4:
3d:89:5b:ba:eb:4b:90:3a:46:cf:88:06:2f:ff:49:
99:89:39:48:09:79:cc:01:a0:13:d7:71:ce:d3:ec:
bd:68:2d:72:f2:4e:13:44:6a:6a:1b:aa:31:bc:41:
7e:44:3e:31:ea:de:c6:fc:77:42:09:b5:9c:57:71:
2a:1a:1c:48:e8:e5:ad:02:42:d2:3e:ca:5c:f6:b3:
94:33:9f:56:24:e0:9c:50:f6:4a:87:89:08:2f:37:
17:b8:95:00:27:8c:c7:a9:3b:07:47:7e:bd:08:b9:
55:fd:cd:ae:09:bf:d8:46:83:f9:85:db:d7:fd:63:
ee:44:97:7a:58:de:b2:43:8d:dd:a3:9b:b9:6c:b8:
3f:94:dd:cf:a0:8c:4f:3b:ad:90:da:b3:e8:71:d6:
2d:0d:64:34:df:51:bb:12:14:f0:f3:18:de:9a:3a:
54:ec:45:77:c0:88:10:61:d0:1c:72:ec:cf:eb:93:
66:4a:a6:b1:0d:4e:a8:f5:58:56:c6:d2:e0:76:b5:
f3:cd:00:7f:7f:45:b5:6d:b4:86:ec:25:e5:ca:47:
c0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:96:5A:07:D0:B5:1B:A5:93:5C:E7:B1:3E:E9:F0:AE:B6:A3:80:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32B8CB66C54011EFADD6EA65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.242.0/24
Signature Algorithm: sha256WithRSAEncryption
40:d7:32:b7:a7:60:19:e7:23:aa:4e:e4:60:4c:ab:cb:8c:cc:
59:e3:41:5d:54:66:b2:02:0b:ee:a1:87:d5:60:d6:3c:b9:87:
48:b9:7b:68:1b:fb:22:2b:9f:ba:05:88:c3:4f:27:c8:d2:24:
64:11:a0:19:8a:0e:e2:59:6f:20:8b:41:75:1f:31:bc:06:80:
3c:bb:a4:8c:36:ef:fb:da:0d:dc:3c:58:52:99:d5:de:95:53:
72:a3:7d:16:45:7c:39:a6:f0:40:c4:ab:63:bc:7a:14:6c:a7:
1f:34:87:35:d2:49:bd:f6:67:c6:93:fd:bf:77:a9:1b:b0:e5:
c6:41:62:99:1d:fe:ab:a6:07:b4:12:d3:4f:a5:30:a6:9f:c3:
6f:ce:79:b7:a6:76:bd:6c:e4:51:b7:6b:cf:2c:9e:10:65:4f:
c5:55:06:c9:fb:af:fa:95:97:50:18:e5:28:40:3d:94:89:28:
a3:e8:a1:e9:ea:c7:46:85:da:95:95:b1:1f:76:3e:20:c0:84:
5f:f0:ca:f0:df:b0:6a:08:12:d4:a7:39:b0:31:46:19:8b:31:
78:e3:34:87:c9:db:2e:ff:f5:2d:d8:a2:16:88:cb:99:ab:53:
87:53:6d:d5:06:46:9e:f4:5b:0e:a6:1c:fc:7c:d8:65:82:82:
fb:8a:4c:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASx1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTcyMTM2WhcNMjUxMjEyMTcyMTM2WjAYMRYw
FAYDVQQDEw02NzcwMzNhMy1mZjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQpBuUWHJIcnvboBD5LlQkqXy1/MZu770e+g8EsqSXKuLr78mCAVysXU
PPQ9iVu660uQOkbPiAYv/0mZiTlICXnMAaAT13HO0+y9aC1y8k4TRGpqG6oxvEF+
RD4x6t7G/HdCCbWcV3EqGhxI6OWtAkLSPspc9rOUM59WJOCcUPZKh4kILzcXuJUA
J4zHqTsHR369CLlV/c2uCb/YRoP5hdvX/WPuRJd6WN6yQ43do5u5bLg/lN3PoIxP
O62Q2rPocdYtDWQ031G7EhTw8xjemjpU7EV3wIgQYdAccuzP65NmSqaxDU6o9VhW
xtLgdrXzzQB/f0W1bbSG7CXlykfAOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEyW
WgfQtRulk1znsT7p8K62o4C/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMkI4Q0I2NkM1NDAxMUVGQURENkVBNjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7yMA0GCSqGSIb3DQEB
CwUAA4IBAQBA1zK3p2AZ5yOqTuRgTKvLjMxZ40FdVGayAgvuoYfVYNY8uYdIuXto
G/siK5+6BYjDTyfI0iRkEaAZig7iWW8gi0F1HzG8BoA8u6SMNu/72g3cPFhSmdXe
lVNyo30WRXw5pvBAxKtjvHoUbKcfNIc10km99mfGk/2/d6kbsOXGQWKZHf6rpge0
EtNPpTCmn8Nvznm3pna9bORRt2vPLJ4QZU/FVQbJ+6/6lZdQGOUoQD2UiSij6KHp
6sdGhdqVlbEfdj4gwIRf8Mrw37BqCBLUpzmwMUYZizF44zSHydsu//Ut2KIWiMuZ
q1OHU23VBkae9FsOphz8fNhlgoL7iky2
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:58:38 2025 by rpki-client