Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A4A470AC41511EF9F0C9987762E951A.roa
File: 3A4A470AC41511EF9F0C9987762E951A.roa (raw, json)
Hash identifier: Aq8jYihD09PXwWdkdghvTSWgT4ULWbN3BRygrH1q3BQ=
Subject key identifier: 00:4B:CF:0A:1C:2D:26:50:F9:4A:87:43:45:EA:D7:8B:05:05:D1:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012953
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A4A470AC41511EF9F0C9987762E951A.roa
Signing time: Fri 27 Dec 2024 05:41:32 +0000
ROA not before: Fri 27 Dec 2024 05:41:29 +0000
ROA not after: Fri 12 Dec 2025 05:41:29 +0000
asID: 984
IP address blocks: 154.196.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76115 (0x12953)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 05:41:29 2024 GMT
Not After : Dec 12 05:41:29 2025 GMT
Subject: CN=676e3e0c-d1e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3e:35:00:c4:63:ce:43:c2:7b:04:7d:27:2a:
9a:43:5a:10:6e:60:1f:52:4b:de:ac:84:46:f6:16:
e3:ca:f8:78:79:f3:64:33:96:ce:8b:5f:fe:a0:89:
df:1b:73:1e:e3:77:ad:d9:66:15:90:e7:67:26:a8:
2f:06:16:43:42:71:0c:5f:e2:2b:93:b6:3c:dd:ce:
c5:0d:43:13:dd:23:f8:b2:ce:12:f7:70:5e:fb:30:
6b:46:a0:1c:2d:01:be:55:27:9f:f2:83:32:99:88:
0f:5d:6e:5b:42:7e:2d:1e:68:a5:c3:d8:6a:99:d8:
6d:19:00:68:36:07:42:87:d6:8e:60:f9:35:67:68:
46:85:6c:97:83:d9:26:45:ac:70:17:d6:1a:06:a5:
46:3a:42:dd:5a:17:f4:2d:ae:a2:ec:ed:a2:e8:e3:
1b:15:10:53:e4:2e:80:b7:d0:24:e8:a9:b3:aa:12:
fd:4a:11:42:6d:c6:5a:0e:8d:18:70:a5:dc:90:5d:
e5:82:40:ee:ec:ef:aa:de:43:f0:2a:f2:f9:67:d4:
c3:1c:42:fd:62:ca:20:31:6a:f5:a2:de:bc:1f:e9:
94:f7:8d:41:87:56:ce:ef:fb:22:31:2b:6e:71:61:
0d:1f:68:87:af:9d:f3:43:69:30:70:c4:90:1f:6d:
99:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4B:CF:0A:1C:2D:26:50:F9:4A:87:43:45:EA:D7:8B:05:05:D1:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A4A470AC41511EF9F0C9987762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.243.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:33:9f:83:e1:41:f5:93:d7:c9:90:7f:69:37:bf:38:48:a5:
bd:d3:ad:76:3d:5c:10:76:87:b2:87:5f:2c:2f:aa:98:4f:a5:
87:be:66:65:2e:8b:b3:5e:8e:79:e7:7a:80:16:c8:ef:93:94:
07:ea:43:96:0e:2c:9f:de:9b:0b:eb:9a:d1:bd:57:78:f5:c9:
0e:c8:66:6d:34:da:b2:62:96:78:1e:a2:7c:1a:4e:6d:a5:f1:
35:19:88:73:3f:6b:d6:3e:e3:31:5d:27:8f:58:e4:f6:b1:26:
90:3e:b3:0f:c8:a0:26:55:c8:3b:01:4c:46:b9:a6:69:93:02:
db:9e:85:b2:d2:6f:60:1f:5d:27:41:45:f5:b0:ac:7e:cd:ce:
47:06:5c:22:94:e4:fa:df:02:dc:72:92:96:ca:20:1e:77:47:
e9:5f:c2:1a:fb:66:f2:19:46:be:ba:7b:8c:35:e0:73:79:33:
19:d2:5f:e3:80:21:05:66:1b:49:e4:65:08:d9:8c:6a:6c:0c:
c3:f2:19:03:05:ca:03:c5:aa:ba:64:1a:ea:3a:7a:52:fd:1c:
56:0c:f9:a4:2b:64:6c:96:ca:92:5c:ed:e3:fe:b2:e9:68:10:
57:31:61:b9:28:50:3f:a0:5a:93:92:a7:b8:80:6e:02:6c:77:
be:c3:69:7d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASlTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDU0MTI5WhcNMjUxMjEyMDU0MTI5WjAYMRYw
FAYDVQQDEw02NzZlM2UwYy1kMWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5T41AMRjzkPCewR9JyqaQ1oQbmAfUkverIRG9hbjyvh4efNkM5bOi1/+
oInfG3Me43et2WYVkOdnJqgvBhZDQnEMX+Irk7Y83c7FDUMT3SP4ss4S93Be+zBr
RqAcLQG+VSef8oMymYgPXW5bQn4tHmilw9hqmdhtGQBoNgdCh9aOYPk1Z2hGhWyX
g9kmRaxwF9YaBqVGOkLdWhf0La6i7O2i6OMbFRBT5C6At9Ak6KmzqhL9ShFCbcZa
Do0YcKXckF3lgkDu7O+q3kPwKvL5Z9TDHEL9YsogMWr1ot68H+mU941Bh1bO7/si
MStucWENH2iHr53zQ2kwcMSQH22ZJQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFABL
zwocLSZQ+UqHQ0Xq14sFBdFjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTRBNDcwQUM0MTUxMUVGOUYwQzk5ODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsTzMA0GCSqGSIb3DQEB
CwUAA4IBAQCqM5+D4UH1k9fJkH9pN784SKW90612PVwQdoeyh18sL6qYT6WHvmZl
LouzXo5553qAFsjvk5QH6kOWDiyf3psL65rRvVd49ckOyGZtNNqyYpZ4HqJ8Gk5t
pfE1GYhzP2vWPuMxXSePWOT2sSaQPrMPyKAmVcg7AUxGuaZpkwLbnoWy0m9gH10n
QUX1sKx+zc5HBlwilOT63wLccpKWyiAed0fpX8Ia+2byGUa+unuMNeBzeTMZ0l/j
gCEFZhtJ5GUI2YxqbAzD8hkDBcoDxaq6ZBrqOnpS/RxWDPmkK2RslsqSXO3j/rLp
aBBXMWG5KFA/oFqTkqe4gG4CbHe+w2l9
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:36:52 2025 by rpki-client