Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33AEA670C5F011EFAB792043762E951A.roa
File: 33AEA670C5F011EFAB792043762E951A.roa (raw, json)
Hash identifier: 9GcOn2itlNkPn9FG6c5b+MyiQ2Op1W8nGMc6VedWajY=
Subject key identifier: 3B:FB:F9:8F:12:0E:DB:3E:D0:E6:C3:31:C1:3A:E5:41:50:6F:11:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012DD0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33AEA670C5F011EFAB792043762E951A.roa
Signing time: Sun 29 Dec 2024 14:21:32 +0000
ROA not before: Sun 29 Dec 2024 14:21:28 +0000
ROA not after: Sun 12 Dec 2027 14:21:28 +0000
asID: 17561
IP address blocks: 154.211.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77264 (0x12dd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 14:21:28 2024 GMT
Not After : Dec 12 14:21:28 2027 GMT
Subject: CN=67715aec-35e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8f:39:c8:7e:b6:e6:df:26:0f:8c:72:d0:03:
18:60:53:2c:b7:d1:7f:36:ee:b1:18:d8:a3:56:4e:
d5:02:9f:ac:f8:37:5b:e1:f6:31:d4:a9:01:55:a7:
f9:8d:49:f1:7f:3e:25:2d:ff:ce:5a:f3:7c:04:6f:
aa:34:83:15:45:e3:28:cf:73:73:c2:5a:dc:42:f8:
05:8f:a0:19:ad:e3:d9:a3:c4:f9:e9:7a:d5:06:28:
f2:79:62:55:61:ea:85:02:4a:05:58:f1:03:fb:f4:
01:8e:95:c8:32:3b:e3:7f:28:13:aa:fb:11:d7:99:
e6:8c:1d:42:21:ef:24:7a:c8:91:83:86:bd:29:b7:
ec:52:16:c7:7e:6f:50:0f:e2:6a:eb:f3:86:d7:ea:
e1:7c:87:16:32:12:28:81:ea:ca:b8:fe:1e:52:84:
26:d2:2a:8c:9b:04:f4:40:ab:95:d1:19:3f:61:e0:
a7:55:4b:8e:9b:94:17:da:f9:83:32:35:21:32:17:
45:d7:0f:d2:e7:e3:be:f9:8d:0a:1e:6b:0c:96:46:
ea:ce:68:98:d4:25:3e:e9:b7:cf:c5:1b:b2:e5:de:
e0:9c:ac:6f:de:5e:2c:48:95:ba:35:5f:f1:03:f4:
6f:19:2f:11:db:d7:b7:d2:70:d7:e3:0b:54:ad:bd:
51:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FB:F9:8F:12:0E:DB:3E:D0:E6:C3:31:C1:3A:E5:41:50:6F:11:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33AEA670C5F011EFAB792043762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.50.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:58:0c:b2:37:e7:54:6a:cd:63:86:4b:7d:10:a8:ec:64:1a:
e6:ff:62:66:65:6f:69:22:68:fa:99:c6:87:0f:c4:e4:f2:71:
de:61:0c:75:dd:8a:9e:d7:86:55:9f:b4:32:b2:48:9e:c6:94:
55:c0:e7:3b:a1:9d:c7:70:fd:4e:81:35:42:19:12:d3:6d:6b:
ee:dd:d4:a9:18:fd:f1:aa:27:00:2e:24:9a:90:b6:13:07:cf:
fa:d6:f5:09:ab:a2:01:96:73:42:9b:d6:a1:44:d4:52:e8:33:
30:c5:fb:5f:c4:f6:25:7b:02:dd:b0:c5:77:c0:fe:32:72:ac:
be:6a:25:c6:ce:1b:e2:16:2e:81:cd:c2:56:16:9d:b3:36:e6:
5c:20:6d:b2:85:8a:e3:f5:76:f1:f6:37:d6:95:58:7b:e4:21:
f7:32:61:59:38:74:08:a8:98:aa:00:d8:9c:3c:57:f1:85:d3:
54:c8:0f:8d:9e:50:61:93:b2:a5:86:db:35:b4:4c:a9:4a:c4:
6f:02:f3:df:69:0f:79:a8:7e:37:33:87:2f:16:59:28:3c:7d:
5c:18:8c:bf:77:29:72:fe:7d:6e:76:a0:b0:33:cd:ed:82:dd:
a3:71:5d:12:15:d6:be:1c:80:41:a1:10:ba:a3:e7:c4:66:8f:
0d:73:cf:7e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS3QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTQyMTI4WhcNMjcxMjEyMTQyMTI4WjAYMRYw
FAYDVQQDEw02NzcxNWFlYy0zNWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuY85yH625t8mD4xy0AMYYFMst9F/Nu6xGNijVk7VAp+s+Ddb4fYx1KkB
Vaf5jUnxfz4lLf/OWvN8BG+qNIMVReMoz3NzwlrcQvgFj6AZrePZo8T56XrVBijy
eWJVYeqFAkoFWPED+/QBjpXIMjvjfygTqvsR15nmjB1CIe8kesiRg4a9KbfsUhbH
fm9QD+Jq6/OG1+rhfIcWMhIogerKuP4eUoQm0iqMmwT0QKuV0Rk/YeCnVUuOm5QX
2vmDMjUhMhdF1w/S5+O++Y0KHmsMlkbqzmiY1CU+6bfPxRuy5d7gnKxv3l4sSJW6
NV/xA/RvGS8R29e30nDX4wtUrb1RVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDv7
+Y8SDts+0ObDMcE65UFQbxFCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zM0FFQTY3MEM1RjAxMUVGQUI3OTIwNDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtMyMA0GCSqGSIb3DQEB
CwUAA4IBAQBaWAyyN+dUas1jhkt9EKjsZBrm/2JmZW9pImj6mcaHD8Tk8nHeYQx1
3Yqe14ZVn7QyskiexpRVwOc7oZ3HcP1OgTVCGRLTbWvu3dSpGP3xqicALiSakLYT
B8/61vUJq6IBlnNCm9ahRNRS6DMwxftfxPYlewLdsMV3wP4ycqy+aiXGzhviFi6B
zcJWFp2zNuZcIG2yhYrj9Xbx9jfWlVh75CH3MmFZOHQIqJiqANicPFfxhdNUyA+N
nlBhk7Klhts1tEypSsRvAvPfaQ95qH43M4cvFlkoPH1cGIy/dyly/n1udqCwM83t
gt2jcV0SFda+HIBBoRC6o+fEZo8Nc89+
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:24 2025 by rpki-client