Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32E8C072D30B11EFBFBECE8F762E951A.roa
File: 32E8C072D30B11EFBFBECE8F762E951A.roa (raw, json)
Hash identifier: EfsRr/hMZRcJklwXNk2vZAMzBe7X0LiRjMSAL35icAw=
Subject key identifier: 95:DA:7C:13:56:ED:AF:B4:5D:01:8F:2B:AF:76:71:4B:39:E8:73:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013BA9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32E8C072D30B11EFBFBECE8F762E951A.roa
Signing time: Wed 15 Jan 2025 06:37:32 +0000
ROA not before: Wed 15 Jan 2025 06:37:29 +0000
ROA not after: Sat 19 Jul 2025 06:37:29 +0000
asID: 138995
IP address blocks: 154.198.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80809 (0x13ba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 06:37:29 2025 GMT
Not After : Jul 19 06:37:29 2025 GMT
Subject: CN=678757ac-466b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:08:59:07:c8:d9:84:85:8b:84:e3:b7:30:eb:
ef:89:57:6f:9e:c7:6a:77:25:3b:d7:9a:0e:ca:44:
a7:0f:9f:25:7c:25:6a:01:5e:03:cd:ee:c6:12:98:
0d:ce:bf:05:2c:02:b7:67:25:5a:b5:ad:e8:ed:bd:
4e:73:99:c4:76:ef:28:d0:6e:be:d1:b7:82:16:ac:
30:cb:af:c2:9f:76:af:ed:41:89:0f:35:10:fa:de:
ba:bd:ba:45:ff:f8:34:fc:1c:37:72:02:13:ad:c7:
1a:fb:da:51:56:f7:1d:23:cd:2b:28:24:5a:05:ab:
ae:5a:11:d3:a2:6a:a6:97:5d:f2:3f:9e:96:c8:71:
bb:3f:9b:a5:98:61:53:1d:92:f2:f9:53:5e:55:dc:
bc:19:d1:84:63:46:aa:74:24:f5:cc:be:e7:4a:8e:
b3:7b:b1:d9:b0:a1:b2:b6:e4:d8:14:37:1d:2d:5e:
bb:b5:a7:07:8e:c9:08:3a:eb:c7:d9:4f:01:13:93:
e3:94:3c:60:04:be:47:1c:f8:1a:22:90:8f:af:e4:
2e:80:b4:cc:cf:f3:2f:c2:21:21:ae:0f:a6:b4:4b:
83:61:49:e8:33:24:6a:f8:b0:1e:e1:3d:f1:51:ff:
00:7f:e2:1e:61:8e:f5:08:4f:33:61:fe:7a:e7:bf:
3a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DA:7C:13:56:ED:AF:B4:5D:01:8F:2B:AF:76:71:4B:39:E8:73:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32E8C072D30B11EFBFBECE8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.48.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:71:f2:11:8a:1b:a5:3b:75:bf:3a:99:47:d1:4b:0a:d1:38:
d5:1c:7b:e1:53:49:72:12:00:35:5d:a3:09:0c:d9:f9:5c:24:
19:41:e1:b9:d1:a2:b4:44:61:09:37:67:be:9a:c5:aa:e0:fb:
1e:49:20:1f:fa:31:f6:be:02:eb:78:7c:53:86:28:97:2e:8e:
6c:e2:f5:17:6c:31:42:0a:25:fe:ee:e6:62:11:aa:58:e6:2e:
8c:bc:82:5b:31:13:f8:28:97:6a:c7:90:f6:5a:89:60:e4:0b:
93:0a:2f:54:39:b5:9a:6d:61:4c:fa:07:3a:87:c0:f8:ce:da:
16:33:3a:cc:58:41:c6:72:c8:09:3f:26:16:bc:6a:85:bf:7e:
6e:89:cf:44:cc:e3:12:1f:0a:30:5a:67:e8:d1:06:bd:85:a7:
9d:8b:df:2b:73:47:41:67:41:b0:05:21:8d:91:be:31:5d:16:
43:4d:39:12:37:59:83:12:1a:07:93:b0:8c:e6:7c:37:6c:e4:
8c:d7:32:fc:13:60:c3:85:0a:8f:f9:de:af:85:33:96:07:cf:
cd:a0:2e:de:f9:e7:2b:66:27:50:8f:ca:05:0d:d7:7f:6d:43:
44:00:16:30:7a:b2:8b:39:f0:57:22:db:44:e7:22:82:1e:72:
ee:3b:d0:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATupMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDYzNzI5WhcNMjUwNzE5MDYzNzI5WjAYMRYw
FAYDVQQDEw02Nzg3NTdhYy00NjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQhZB8jZhIWLhOO3MOvviVdvnsdqdyU715oOykSnD58lfCVqAV4Dze7G
EpgNzr8FLAK3ZyVata3o7b1Oc5nEdu8o0G6+0beCFqwwy6/Cn3av7UGJDzUQ+t66
vbpF//g0/Bw3cgITrcca+9pRVvcdI80rKCRaBauuWhHTomqml13yP56WyHG7P5ul
mGFTHZLy+VNeVdy8GdGEY0aqdCT1zL7nSo6ze7HZsKGytuTYFDcdLV67tacHjskI
OuvH2U8BE5PjlDxgBL5HHPgaIpCPr+QugLTMz/MvwiEhrg+mtEuDYUnoMyRq+LAe
4T3xUf8Af+IeYY71CE8zYf565786LQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJXa
fBNW7a+0XQGPK692cUs56HNXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMkU4QzA3MkQzMEIxMUVGQkZCRUNFOEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsYwMA0GCSqGSIb3DQEB
CwUAA4IBAQCjcfIRihulO3W/OplH0UsK0TjVHHvhU0lyEgA1XaMJDNn5XCQZQeG5
0aK0RGEJN2e+msWq4PseSSAf+jH2vgLreHxThiiXLo5s4vUXbDFCCiX+7uZiEapY
5i6MvIJbMRP4KJdqx5D2Wolg5AuTCi9UObWabWFM+gc6h8D4ztoWMzrMWEHGcsgJ
PyYWvGqFv35uic9EzOMSHwowWmfo0Qa9haedi98rc0dBZ0GwBSGNkb4xXRZDTTkS
N1mDEhoHk7CM5nw3bOSM1zL8E2DDhQqP+d6vhTOWB8/NoC7e+ecrZidQj8oFDdd/
bUNEABYwerKLOfBXIttE5yKCHnLuO9Bk
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:41:18 2025 by rpki-client