Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36E22E7EC27711EF83A656BB762E951A.roa
File: 36E22E7EC27711EF83A656BB762E951A.roa (raw, json)
Hash identifier: BvzIoO6vyzVuzVJsgpyQs0lU+tOFqazM4AchcR3ni5w=
Subject key identifier: 0B:5E:9D:BF:F6:6F:13:ED:0D:B1:BD:7F:25:6D:F4:69:44:D9:20:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0124A8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36E22E7EC27711EF83A656BB762E951A.roa
Signing time: Wed 25 Dec 2024 04:17:55 +0000
ROA not before: Wed 25 Dec 2024 04:17:51 +0000
ROA not after: Wed 10 Dec 2025 04:17:51 +0000
asID: 984
IP address blocks: 154.211.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74920 (0x124a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 04:17:51 2024 GMT
Not After : Dec 10 04:17:51 2025 GMT
Subject: CN=676b8773-7011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0d:63:03:2d:f0:bc:43:c7:2f:98:29:da:b9:
ef:63:dd:65:38:88:bb:8b:c9:9a:d4:74:54:cb:10:
ff:00:48:07:a1:da:1f:bc:18:42:0b:2f:c1:21:f4:
44:00:54:e9:b7:cc:c7:30:45:8b:3e:79:6c:72:d3:
c3:d0:9e:86:1c:fa:bb:ff:59:a0:51:c7:52:67:fc:
31:89:55:89:38:2c:ad:0c:97:f0:d0:31:7f:49:40:
32:95:0f:37:d7:ed:fb:e5:62:85:f7:d6:1a:dd:33:
b5:45:59:aa:8a:f0:55:b5:49:06:40:c0:23:e3:66:
81:88:8b:e7:9b:02:3a:a2:49:ec:e0:8c:b5:07:53:
6b:20:e0:46:d8:fe:4e:4b:fc:d7:56:11:6c:40:af:
11:b3:51:57:5f:81:c0:9f:4e:0d:da:ca:37:9e:46:
66:55:15:8d:2a:28:ff:e2:b8:5d:e9:32:4b:7a:3b:
28:73:8f:54:6e:1b:92:0f:f4:9d:8d:7d:a6:1a:45:
19:59:af:ed:48:03:10:37:44:a9:7b:e8:ac:47:e0:
73:44:11:b8:ca:86:bf:2c:09:25:6f:e0:41:87:c2:
12:3b:33:05:96:2f:80:6d:96:b4:a2:fc:eb:12:68:
49:33:6a:bb:4a:4e:81:62:b8:7f:68:a4:37:1c:9b:
f5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:5E:9D:BF:F6:6F:13:ED:0D:B1:BD:7F:25:6D:F4:69:44:D9:20:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36E22E7EC27711EF83A656BB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.241.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:8f:1c:74:e9:d8:57:f4:f8:84:1e:f5:d5:37:51:1f:2b:a5:
91:44:f8:7b:68:9b:10:0e:65:1a:ee:64:c6:46:6d:9b:f2:13:
18:15:4b:37:6c:07:87:d2:1e:d4:09:76:27:93:91:05:e6:34:
41:d2:08:17:4b:f7:13:a0:96:e8:17:55:fa:bc:6f:e4:ac:0b:
02:a2:1f:f5:a8:9c:4e:9d:ef:b8:e4:4f:ee:17:65:7c:74:c2:
38:b5:ae:00:07:8a:6b:ec:9d:16:2a:0f:b7:6f:39:bc:33:c4:
f7:dc:0d:ca:12:15:cf:7f:b7:7f:b0:4c:ac:a7:54:f6:96:53:
7f:67:53:76:3f:c2:09:dc:50:dd:43:8a:e0:b2:75:c7:e6:5c:
79:43:b6:ef:8d:0e:8e:f2:f7:8d:a9:a0:fc:c4:36:1e:22:45:
3a:ce:80:9e:a0:15:a7:30:fc:d1:74:94:7d:c3:41:00:93:d9:
19:61:f7:91:16:3c:0f:81:1c:1c:24:11:2d:fb:b8:37:42:58:
16:95:37:cd:47:52:a4:6a:83:05:0a:ec:28:7e:e1:17:30:bf:
0e:5c:e5:75:20:f4:18:cd:37:e1:44:13:36:75:ee:ec:86:ee:
44:99:e7:c6:9c:ef:c8:b4:df:ab:c6:23:de:7b:7b:25:14:89:
e4:6a:bb:ed
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASSoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDQxNzUxWhcNMjUxMjEwMDQxNzUxWjAYMRYw
FAYDVQQDEw02NzZiODc3My03MDExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqw1jAy3wvEPHL5gp2rnvY91lOIi7i8ma1HRUyxD/AEgHodofvBhCCy/B
IfREAFTpt8zHMEWLPnlsctPD0J6GHPq7/1mgUcdSZ/wxiVWJOCytDJfw0DF/SUAy
lQ831+375WKF99Ya3TO1RVmqivBVtUkGQMAj42aBiIvnmwI6okns4Iy1B1NrIOBG
2P5OS/zXVhFsQK8Rs1FXX4HAn04N2so3nkZmVRWNKij/4rhd6TJLejsoc49UbhuS
D/SdjX2mGkUZWa/tSAMQN0Spe+isR+BzRBG4yoa/LAklb+BBh8ISOzMFli+AbZa0
ovzrEmhJM2q7Sk6BYrh/aKQ3HJv1owIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAte
nb/2bxPtDbG9fyVt9GlE2SCOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkUyMkU3RUMyNzcxMUVGODNBNjU2QkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtPxMA0GCSqGSIb3DQEB
CwUAA4IBAQCljxx06dhX9PiEHvXVN1EfK6WRRPh7aJsQDmUa7mTGRm2b8hMYFUs3
bAeH0h7UCXYnk5EF5jRB0ggXS/cToJboF1X6vG/krAsCoh/1qJxOne+45E/uF2V8
dMI4ta4AB4pr7J0WKg+3bzm8M8T33A3KEhXPf7d/sEysp1T2llN/Z1N2P8IJ3FDd
Q4rgsnXH5lx5Q7bvjQ6O8veNqaD8xDYeIkU6zoCeoBWnMPzRdJR9w0EAk9kZYfeR
FjwPgRwcJBEt+7g3QlgWlTfNR1KkaoMFCuwofuEXML8OXOV1IPQYzTfhRBM2de7s
hu5EmefGnO/ItN+rxiPee3slFInkarvt
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:43 2025 by rpki-client