Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/344F28F2C5FF11EFAD623AA0762E951A.roa
File: 344F28F2C5FF11EFAD623AA0762E951A.roa (raw, json)
Hash identifier: BIquXK1lc0OjYy4csp4BJfhqV8GWCg7o4qmYSHm/2Zg=
Subject key identifier: C4:AF:CE:5C:20:8D:AD:E8:6B:1D:E3:B5:3D:78:1C:96:78:D6:D3:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E4E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/344F28F2C5FF11EFAD623AA0762E951A.roa
Signing time: Sun 29 Dec 2024 16:08:56 +0000
ROA not before: Sun 29 Dec 2024 16:08:52 +0000
ROA not after: Sun 12 Dec 2027 16:08:52 +0000
asID: 17561
IP address blocks: 154.217.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77390 (0x12e4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 16:08:52 2024 GMT
Not After : Dec 12 16:08:52 2027 GMT
Subject: CN=67717418-e24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e2:6b:48:20:3c:f8:f9:85:4d:c6:84:3f:a1:
92:b8:f9:69:5c:64:0f:90:ea:b4:a4:f4:69:e9:0c:
96:cd:4d:f5:70:ff:16:79:00:ef:67:80:8a:01:30:
fd:d6:17:32:ca:a0:6d:61:33:02:0d:05:c1:fd:01:
f9:fe:4a:25:2b:8e:1a:0e:56:c8:14:31:a3:3c:db:
91:ee:24:ca:14:82:e4:67:19:3e:b0:9e:c1:d2:84:
95:a3:83:3f:d4:5b:09:86:78:a3:bd:c3:92:73:b1:
6a:3c:ee:bb:d3:55:45:e7:af:13:2d:a5:20:e2:ee:
e2:d7:5c:c5:11:00:da:0d:90:4e:82:e5:d2:6e:3d:
8b:85:79:78:be:ff:94:71:06:18:29:51:2a:8e:64:
75:5c:de:73:14:b2:a0:38:e8:bf:dd:7a:45:e7:43:
04:6d:97:c8:bb:73:6b:4c:0e:27:ca:45:fd:25:2c:
3e:6c:c8:d1:61:1e:c7:ae:ba:00:19:10:b4:73:f7:
1b:b2:92:d9:23:7f:2e:f8:10:fd:e8:2c:59:98:e0:
8b:ba:3c:4d:16:ad:e8:7f:20:bd:38:c9:26:b4:28:
38:94:0e:87:6d:b7:8a:ff:31:e1:c3:ee:4e:97:24:
6a:19:d0:e1:06:48:ec:51:be:46:01:5b:0a:40:c1:
2f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AF:CE:5C:20:8D:AD:E8:6B:1D:E3:B5:3D:78:1C:96:78:D6:D3:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/344F28F2C5FF11EFAD623AA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.10.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:29:57:cd:f2:72:2a:2a:98:f4:dc:ed:f2:b7:6c:c2:6d:18:
1e:65:34:d6:62:b0:5d:91:b6:e1:50:ac:e6:72:30:2d:6d:c8:
7b:ad:ee:8d:a5:e3:5a:45:88:de:ee:b7:4f:30:a2:1f:e2:e1:
36:ed:ce:a7:33:49:e7:6a:13:8d:c1:f2:4b:89:ce:d2:22:c9:
b9:aa:77:f7:92:89:1d:9f:39:c3:ca:96:4b:4b:90:5a:cb:ef:
ed:f2:56:7e:d0:23:d2:19:f6:76:d5:86:ee:8b:51:07:ce:01:
9b:71:86:73:2a:3e:33:b2:7e:22:15:74:92:7b:09:47:ab:89:
cb:1c:24:e9:35:cb:fc:a9:66:30:1b:74:57:bb:c3:8a:2a:97:
fc:0b:08:6f:75:aa:80:aa:2d:ec:4a:37:c8:06:83:85:73:34:
c4:10:dd:89:2f:98:0d:39:c5:ae:6e:0a:c3:af:ac:17:48:86:
2f:79:e5:2d:bd:33:1d:d5:bc:8f:e5:e8:e7:40:af:5b:4f:76:
87:dd:a2:ec:63:e9:86:cd:f2:a9:fd:bc:d4:2d:89:ec:fa:65:
bd:b2:1c:4a:ca:79:b1:e2:e2:79:f8:2a:fb:17:8e:4c:ae:59:
13:d8:b4:61:98:3e:64:fc:58:75:a9:65:f5:e2:81:55:05:d0:
ef:6c:77:a7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS5OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTYwODUyWhcNMjcxMjEyMTYwODUyWjAYMRYw
FAYDVQQDEw02NzcxNzQxOC1lMjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv+JrSCA8+PmFTcaEP6GSuPlpXGQPkOq0pPRp6QyWzU31cP8WeQDvZ4CK
ATD91hcyyqBtYTMCDQXB/QH5/kolK44aDlbIFDGjPNuR7iTKFILkZxk+sJ7B0oSV
o4M/1FsJhnijvcOSc7FqPO6701VF568TLaUg4u7i11zFEQDaDZBOguXSbj2LhXl4
vv+UcQYYKVEqjmR1XN5zFLKgOOi/3XpF50MEbZfIu3NrTA4nykX9JSw+bMjRYR7H
rroAGRC0c/cbspLZI38u+BD96CxZmOCLujxNFq3ofyC9OMkmtCg4lA6HbbeK/zHh
w+5OlyRqGdDhBkjsUb5GAVsKQMEvKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMSv
zlwgja3oax3jtT14HJZ41tNSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNDRGMjhGMkM1RkYxMUVGQUQ2MjNBQTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtkKMA0GCSqGSIb3DQEB
CwUAA4IBAQBNKVfN8nIqKpj03O3yt2zCbRgeZTTWYrBdkbbhUKzmcjAtbch7re6N
peNaRYje7rdPMKIf4uE27c6nM0nnahONwfJLic7SIsm5qnf3kokdnznDypZLS5Ba
y+/t8lZ+0CPSGfZ21Ybui1EHzgGbcYZzKj4zsn4iFXSSewlHq4nLHCTpNcv8qWYw
G3RXu8OKKpf8CwhvdaqAqi3sSjfIBoOFczTEEN2JL5gNOcWubgrDr6wXSIYveeUt
vTMd1byP5ejnQK9bT3aH3aLsY+mGzfKp/bzULYns+mW9shxKynmx4uJ5+Cr7F45M
rlkT2LRhmD5k/Fh1qWX14oFVBdDvbHen
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:06:09 2025 by rpki-client