Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/37968D3EC8A711EF9349D47E762E951A.roa
File: 37968D3EC8A711EF9349D47E762E951A.roa (raw, json)
Hash identifier: qjjDm1o9ZCbOzhFJPQjrYkJgsKxS6b12kPM5PMc9Gkc=
Subject key identifier: FF:A5:32:F6:34:8D:13:4C:82:6C:E8:64:7F:EE:89:E4:EB:B5:9F:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013154
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/37968D3EC8A711EF9349D47E762E951A.roa
Signing time: Thu 02 Jan 2025 01:16:39 +0000
ROA not before: Thu 02 Jan 2025 01:16:35 +0000
ROA not after: Sun 12 Dec 2027 01:16:35 +0000
asID: 17561
IP address blocks: 154.220.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78164 (0x13154)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 01:16:35 2025 GMT
Not After : Dec 12 01:16:35 2027 GMT
Subject: CN=6775e8f7-cea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4f:64:81:f7:69:82:dd:b8:7b:d0:e9:5e:17:
c0:fb:1a:dd:bf:36:9e:db:38:5d:a8:a1:d3:24:80:
c8:77:14:32:65:00:a6:14:03:94:46:5c:7e:f6:f4:
7f:57:fa:e6:a7:98:b9:07:27:d4:e8:50:eb:8a:a6:
f0:af:b5:07:cc:b2:7a:78:84:98:c6:2e:73:80:78:
80:c7:fb:f5:31:9c:37:c5:79:7d:fe:b8:32:0e:dc:
63:0a:81:3c:91:92:f3:6f:7e:b5:c3:00:16:d2:c2:
b1:19:db:67:ac:ee:63:25:91:c5:5c:c6:17:ff:ff:
8c:b2:4e:3d:38:2c:45:4b:55:55:53:02:aa:d4:11:
18:15:12:f9:8e:b2:c6:b4:1f:16:ba:b8:45:28:fe:
76:3a:12:f8:fc:d1:8a:b0:38:83:5e:ce:b8:de:d3:
a1:5a:49:0d:fe:4a:3e:03:e2:71:b2:64:2d:27:31:
02:1f:0f:dd:cb:a5:db:35:fd:ee:1a:84:e0:81:96:
6d:b3:8e:15:af:ce:19:a0:83:0b:72:bb:7f:3f:7c:
92:d7:6d:31:6a:76:ce:52:86:3e:ed:e7:31:51:6b:
24:2a:9a:71:5a:8d:50:fc:70:81:8b:bc:2c:59:17:
d1:2e:49:70:b4:9a:9f:f9:18:29:f4:49:99:50:a5:
6d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A5:32:F6:34:8D:13:4C:82:6C:E8:64:7F:EE:89:E4:EB:B5:9F:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/37968D3EC8A711EF9349D47E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.133.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:df:c2:91:d3:f3:ec:f1:32:09:95:9d:ca:66:de:2f:ab:3b:
48:f3:d2:a3:ab:de:2e:96:d0:1d:3f:dc:47:cc:73:29:dc:8e:
82:a5:9f:2f:84:d4:14:56:02:9d:04:1b:87:82:72:37:f1:0b:
0d:20:2f:e9:aa:62:b2:54:da:44:73:a0:e7:d6:15:a7:e0:29:
27:d5:62:a6:02:c2:83:0a:72:ff:01:97:a6:3a:8e:8b:4c:3a:
7a:22:77:fa:8b:3c:cb:ef:fc:f2:e0:e0:a9:cd:7b:84:90:8d:
2a:3c:97:da:a5:c3:1b:3d:64:12:40:8e:b6:d8:d9:bd:38:3b:
fb:bc:a9:94:03:81:c1:b9:1a:67:78:34:63:bb:fb:1a:4f:48:
46:a2:07:08:78:21:2f:92:cf:2e:b7:81:ba:cd:55:2c:d8:9f:
19:7c:22:de:dc:20:ea:00:4d:bf:c0:e9:a0:00:26:0f:e7:a4:
c7:b4:91:55:b9:cb:e2:dd:ec:fc:0c:fc:86:97:23:fe:49:34:
52:8a:6e:a3:65:0f:1f:f2:79:b8:51:b5:1c:b2:41:68:f7:ac:
83:d1:72:82:9c:ca:99:6c:1a:c2:49:9a:f2:95:3c:13:1f:ff:
61:c4:63:fa:96:b8:0b:0c:ff:e1:99:7f:66:b4:a0:8e:58:39:
b3:48:15:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATFUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDExNjM1WhcNMjcxMjEyMDExNjM1WjAYMRYw
FAYDVQQDEw02Nzc1ZThmNy1jZWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp09kgfdpgt24e9DpXhfA+xrdvzae2zhdqKHTJIDIdxQyZQCmFAOURlx+
9vR/V/rmp5i5ByfU6FDriqbwr7UHzLJ6eISYxi5zgHiAx/v1MZw3xXl9/rgyDtxj
CoE8kZLzb361wwAW0sKxGdtnrO5jJZHFXMYX//+Msk49OCxFS1VVUwKq1BEYFRL5
jrLGtB8WurhFKP52OhL4/NGKsDiDXs643tOhWkkN/ko+A+JxsmQtJzECHw/dy6Xb
Nf3uGoTggZZts44Vr84ZoIMLcrt/P3yS120xanbOUoY+7ecxUWskKppxWo1Q/HCB
i7wsWRfRLklwtJqf+Rgp9EmZUKVtXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP+l
MvY0jRNMgmzoZH/uieTrtZ9IMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNzk2OEQzRUM4QTcxMUVGOTM0OUQ0N0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtyFMA0GCSqGSIb3DQEB
CwUAA4IBAQDK38KR0/Ps8TIJlZ3KZt4vqztI89Kjq94ultAdP9xHzHMp3I6CpZ8v
hNQUVgKdBBuHgnI38QsNIC/pqmKyVNpEc6Dn1hWn4Ckn1WKmAsKDCnL/AZemOo6L
TDp6Inf6izzL7/zy4OCpzXuEkI0qPJfapcMbPWQSQI622Nm9ODv7vKmUA4HBuRpn
eDRju/saT0hGogcIeCEvks8ut4G6zVUs2J8ZfCLe3CDqAE2/wOmgACYP56THtJFV
ucvi3ez8DPyGlyP+STRSim6jZQ8f8nm4UbUcskFo96yD0XKCnMqZbBrCSZrylTwT
H/9hxGP6lrgLDP/hmX9mtKCOWDmzSBUu
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:08 2025 by rpki-client