Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/399DDFE6C63211EF97803460762E951A.roa
File: 399DDFE6C63211EF97803460762E951A.roa (raw, json)
Hash identifier: ZjLgqVz4YbRfef+e/xTOAy5IThJho5wIwd1XHvjfxNA=
Subject key identifier: A0:89:0D:6D:46:FA:4D:BA:0F:B9:4E:C3:61:A9:FA:C1:3F:CD:23:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012FFC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/399DDFE6C63211EF97803460762E951A.roa
Signing time: Sun 29 Dec 2024 22:14:09 +0000
ROA not before: Sun 29 Dec 2024 22:14:05 +0000
ROA not after: Sun 12 Dec 2027 22:14:05 +0000
asID: 17561
IP address blocks: 154.217.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77820 (0x12ffc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 22:14:05 2024 GMT
Not After : Dec 12 22:14:05 2027 GMT
Subject: CN=6771c9b1-cbf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:83:9d:48:9b:f2:7d:e8:11:24:db:00:bc:f0:
b9:c8:60:c1:36:23:bf:60:73:36:74:fb:c8:4b:46:
fb:d5:94:59:24:2f:12:1e:8c:a8:15:90:79:d7:c1:
65:19:3b:cb:3f:03:4a:c3:86:92:1d:d9:81:4e:99:
84:a7:2e:86:03:56:6c:ef:63:7e:d5:87:05:25:4e:
73:ed:98:15:40:8d:9a:d3:f4:0f:01:ab:e2:37:b8:
3c:4b:6c:b9:20:67:41:f7:cc:4b:d8:15:35:90:c8:
5c:31:11:ea:2d:d6:58:53:88:c3:ef:b4:e5:29:ab:
43:91:94:23:7a:66:b7:31:19:94:7b:44:b8:a3:d0:
cd:13:b3:ea:ba:84:df:85:f3:17:43:c1:55:2b:1d:
9f:c8:28:05:2b:60:7f:c9:84:9a:ac:34:9a:a8:be:
7d:64:0b:10:73:d8:92:5e:82:d7:1a:5a:5f:1f:6b:
08:34:85:bf:11:77:32:52:95:39:88:7b:68:1f:cc:
a9:18:e2:5c:ee:7a:af:21:ca:77:d3:6c:ed:21:a4:
5c:b0:d9:f2:40:14:81:61:02:e9:77:ab:12:95:c6:
e2:a2:12:d1:74:ce:05:ae:29:c9:b6:02:ab:fe:38:
45:d1:81:d8:07:70:af:8f:bf:64:23:b5:68:8f:33:
c5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:89:0D:6D:46:FA:4D:BA:0F:B9:4E:C3:61:A9:FA:C1:3F:CD:23:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/399DDFE6C63211EF97803460762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.225.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:39:02:e2:fc:13:a0:32:b1:e6:db:e9:88:f0:1a:91:b2:82:
24:12:9f:68:d0:a9:30:a8:e1:10:89:96:59:20:96:49:48:0b:
db:b0:7b:86:7b:16:6e:1f:4a:9f:88:af:6a:a3:44:44:44:5c:
70:21:57:96:36:98:1c:10:b2:aa:45:c2:65:24:3a:e3:bb:1a:
ca:21:8c:42:81:7a:cc:93:78:43:b7:f8:c6:7e:76:35:a9:aa:
a5:33:b5:e6:45:ba:c5:c4:bf:31:91:f8:28:2a:72:e9:c5:7b:
fc:b3:e9:fd:f8:39:0d:dd:be:e8:1a:29:61:29:66:5b:77:c0:
08:ff:44:c7:b6:bf:69:ce:ba:7a:22:b7:cf:5a:44:91:01:6f:
01:14:d3:cf:ea:de:dc:f2:52:8d:c9:36:3d:e9:f0:73:7c:43:
88:93:83:5a:fe:23:01:37:93:7d:ce:46:80:6a:2b:25:97:d3:
7c:86:f0:0d:99:09:7d:7a:e8:6f:b0:de:45:b9:6d:5d:78:a5:
df:7e:d9:98:3a:52:11:4f:5c:86:e0:46:7c:05:a0:26:0e:c0:
3b:bd:db:de:e4:c2:41:1a:98:1d:db:8c:7f:31:21:15:98:31:
2b:64:19:66:7c:9c:a0:6c:bd:96:0b:33:8f:91:7f:5b:6e:a8:
70:1a:7d:c9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS/8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjIxNDA1WhcNMjcxMjEyMjIxNDA1WjAYMRYw
FAYDVQQDEw02NzcxYzliMS1jYmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2oOdSJvyfegRJNsAvPC5yGDBNiO/YHM2dPvIS0b71ZRZJC8SHoyoFZB5
18FlGTvLPwNKw4aSHdmBTpmEpy6GA1Zs72N+1YcFJU5z7ZgVQI2a0/QPAaviN7g8
S2y5IGdB98xL2BU1kMhcMRHqLdZYU4jD77TlKatDkZQjema3MRmUe0S4o9DNE7Pq
uoTfhfMXQ8FVKx2fyCgFK2B/yYSarDSaqL59ZAsQc9iSXoLXGlpfH2sINIW/EXcy
UpU5iHtoH8ypGOJc7nqvIcp302ztIaRcsNnyQBSBYQLpd6sSlcbiohLRdM4FrinJ
tgKr/jhF0YHYB3Cvj79kI7VojzPF1wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKCJ
DW1G+k26D7lOw2Gp+sE/zSMeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOTlEREZFNkM2MzIxMUVGOTc4MDM0NjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtnhMA0GCSqGSIb3DQEB
CwUAA4IBAQDOOQLi/BOgMrHm2+mI8BqRsoIkEp9o0KkwqOEQiZZZIJZJSAvbsHuG
exZuH0qfiK9qo0RERFxwIVeWNpgcELKqRcJlJDrjuxrKIYxCgXrMk3hDt/jGfnY1
qaqlM7XmRbrFxL8xkfgoKnLpxXv8s+n9+DkN3b7oGilhKWZbd8AI/0THtr9pzrp6
IrfPWkSRAW8BFNPP6t7c8lKNyTY96fBzfEOIk4Na/iMBN5N9zkaAaisll9N8hvAN
mQl9euhvsN5FuW1deKXfftmYOlIRT1yG4EZ8BaAmDsA7vdve5MJBGpgd24x/MSEV
mDErZBlmfJygbL2WCzOPkX9bbqhwGn3J
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:20:36 2025 by rpki-client