Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/37F08E5CC3D311EF92982353762E951A.roa
File: 37F08E5CC3D311EF92982353762E951A.roa (raw, json)
Hash identifier: fIX3s/gHcta+QTV14Mwyau3kzuzzcE6iSMHolmwnYWo=
Subject key identifier: FD:04:72:0D:6E:46:7D:9D:A4:BA:76:F4:43:01:8D:E2:E9:83:B8:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012856
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/37F08E5CC3D311EF92982353762E951A.roa
Signing time: Thu 26 Dec 2024 21:49:02 +0000
ROA not before: Thu 26 Dec 2024 21:48:58 +0000
ROA not after: Sun 12 Dec 2027 21:48:58 +0000
asID: 17561
IP address blocks: 154.83.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75862 (0x12856)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 21:48:58 2024 GMT
Not After : Dec 12 21:48:58 2027 GMT
Subject: CN=676dcf4d-75ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6a:4b:f4:1d:57:54:73:d5:c2:20:b7:50:5d:
a3:e3:75:fc:7e:e1:a6:74:c4:2b:c0:7f:32:3e:d7:
e5:4c:93:3b:b6:b8:95:a2:bc:4a:14:17:2d:f7:9d:
9b:20:e0:bf:a0:fe:78:e9:b4:82:c5:b7:76:2b:a3:
b0:cc:b2:37:a9:6e:f8:cc:fd:d2:2e:8f:20:b0:12:
b8:7b:99:18:2a:b8:e8:76:7b:df:29:63:ec:74:3b:
ed:67:c4:dd:81:20:6b:91:ad:42:1a:41:cb:0d:18:
08:ce:cb:a6:1b:72:1a:0b:3a:ed:13:a7:c8:5f:2c:
3f:97:13:f6:67:82:07:b5:15:cf:d0:b7:94:82:52:
e1:a2:22:6a:fa:a0:2a:e4:de:f5:1e:c4:92:ca:49:
4e:a1:b3:1a:38:e8:d1:19:7b:43:f5:0c:05:75:cf:
60:a9:97:38:7c:14:5a:99:2e:f3:29:bd:2a:e3:4c:
4a:9b:45:6b:f1:1f:eb:d4:17:9c:fe:b8:31:51:76:
71:c7:a5:0f:3a:fa:36:ab:33:30:b4:52:62:ae:01:
42:f7:d0:0a:05:b9:01:eb:e2:82:c3:61:27:74:fc:
84:29:56:5e:f8:24:20:84:ee:6a:2f:86:69:76:cd:
00:73:63:76:fc:18:43:1e:e4:a3:31:23:8b:98:c8:
f2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:04:72:0D:6E:46:7D:9D:A4:BA:76:F4:43:01:8D:E2:E9:83:B8:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/37F08E5CC3D311EF92982353762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.210.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:66:24:4d:29:c7:f4:e4:42:a6:51:51:57:a0:21:2b:c5:04:
3f:4c:2e:49:6b:9e:0d:ae:6d:9a:3a:ba:fe:54:c0:76:8e:3b:
e0:e0:c7:eb:90:b4:5a:31:f3:36:4d:62:52:84:01:40:39:16:
26:55:32:4b:c7:1e:24:af:27:42:cf:07:83:99:85:e8:bf:a5:
5f:03:c7:2b:32:b7:79:cd:89:1b:26:15:e9:e0:e9:f5:03:02:
b2:31:90:3b:5e:94:b0:f9:66:f2:9f:6e:f6:08:b1:39:3d:79:
59:06:99:bb:f3:11:a6:48:32:f2:46:7d:d1:45:53:05:5e:be:
f7:08:3d:67:1d:bb:59:97:c4:a8:d6:dc:7a:0d:18:9f:3f:26:
2d:10:bf:6f:2e:95:aa:c8:90:10:3e:89:47:1d:2a:05:60:06:
6d:44:f7:5b:28:d8:e9:ad:d4:20:0a:5a:57:3a:58:69:23:cb:
8a:dc:23:4e:c4:54:79:c0:e1:25:53:a3:07:42:74:85:59:ca:
7f:48:52:52:dc:09:2f:a6:21:45:97:57:c8:34:16:c9:c1:0a:
a1:b3:89:10:e8:50:13:b1:df:74:54:77:81:46:2a:1e:67:6a:
2c:3b:34:ca:19:2f:af:95:99:36:fb:34:9d:f1:d2:4e:8e:bb:
a4:6a:a3:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAShWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjE0ODU4WhcNMjcxMjEyMjE0ODU4WjAYMRYw
FAYDVQQDEw02NzZkY2Y0ZC03NWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2GpL9B1XVHPVwiC3UF2j43X8fuGmdMQrwH8yPtflTJM7triVorxKFBct
952bIOC/oP546bSCxbd2K6OwzLI3qW74zP3SLo8gsBK4e5kYKrjodnvfKWPsdDvt
Z8TdgSBrka1CGkHLDRgIzsumG3IaCzrtE6fIXyw/lxP2Z4IHtRXP0LeUglLhoiJq
+qAq5N71HsSSyklOobMaOOjRGXtD9QwFdc9gqZc4fBRamS7zKb0q40xKm0Vr8R/r
1Bec/rgxUXZxx6UPOvo2qzMwtFJirgFC99AKBbkB6+KCw2EndPyEKVZe+CQghO5q
L4Zpds0Ac2N2/BhDHuSjMSOLmMjyvQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP0E
cg1uRn2dpLp29EMBjeLpg7hqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zN0YwOEU1Q0MzRDMxMUVGOTI5ODIzNTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlPSMA0GCSqGSIb3DQEB
CwUAA4IBAQDDZiRNKcf05EKmUVFXoCErxQQ/TC5Ja54Nrm2aOrr+VMB2jjvg4Mfr
kLRaMfM2TWJShAFAORYmVTJLxx4krydCzweDmYXov6VfA8crMrd5zYkbJhXp4On1
AwKyMZA7XpSw+Wbyn272CLE5PXlZBpm78xGmSDLyRn3RRVMFXr73CD1nHbtZl8So
1tx6DRifPyYtEL9vLpWqyJAQPolHHSoFYAZtRPdbKNjprdQgClpXOlhpI8uK3CNO
xFR5wOElU6MHQnSFWcp/SFJS3AkvpiFFl1fINBbJwQqhs4kQ6FATsd90VHeBRioe
Z2osOzTKGS+vlZk2+zSd8dJOjrukaqNB
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:43 2025 by rpki-client