Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E21F9E0BEDE11EFB464D570762E951A.roa
File: 3E21F9E0BEDE11EFB464D570762E951A.roa (raw, json)
Hash identifier: YP7sQ0vAMP4CEnYuGurpNDwR/at63es8rgIKwYKEXV8=
Subject key identifier: 27:F1:19:BA:CD:6F:8D:69:4F:62:F1:A3:33:54:8B:FC:EA:44:6E:98
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011D46
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E21F9E0BEDE11EFB464D570762E951A.roa
Signing time: Fri 20 Dec 2024 14:25:21 +0000
ROA not before: Fri 20 Dec 2024 14:25:17 +0000
ROA not after: Wed 25 Jun 2025 14:25:17 +0000
asID: 18013
IP address blocks: 154.84.32.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73030 (0x11d46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 20 14:25:17 2024 GMT
Not After : Jun 25 14:25:17 2025 GMT
Subject: CN=67657e51-1db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0d:c6:37:1f:6a:d4:43:90:1c:ef:f4:c9:78:
41:f6:8a:7b:2c:40:ce:70:1b:7f:de:5b:79:08:d5:
68:05:1d:9e:3c:e2:1e:67:34:32:bd:8a:b9:f0:3b:
a3:3c:99:29:05:d7:8d:29:c7:6b:e6:74:07:08:0c:
26:b7:e4:b8:e0:c2:26:fb:ab:48:91:69:61:5d:f5:
0d:be:da:e3:70:50:5c:8e:34:1b:a7:d7:07:be:a8:
ed:bb:70:1e:59:50:c8:ff:8b:cf:fa:97:56:4a:80:
7f:27:b2:22:98:6f:ad:2c:66:2f:8d:60:e2:38:5e:
af:c1:5e:94:79:20:a1:f5:22:f3:87:0a:fb:ea:da:
ac:d4:61:a7:76:20:d6:b0:83:5b:ce:38:96:15:aa:
8e:e2:73:1b:a8:c5:66:73:da:a8:01:03:51:fe:aa:
cc:de:0d:5b:53:4d:6d:99:d0:95:a2:19:bf:03:a6:
70:2f:ee:a5:ae:6f:c8:a5:cf:fa:ff:9c:52:24:f0:
27:45:18:3c:c3:02:8f:92:6a:d2:1b:16:b4:c0:54:
b5:53:6b:f7:c2:69:88:19:96:ae:63:e6:ae:97:8d:
c2:f5:49:e0:7e:7d:d7:97:17:87:16:96:e7:c5:0a:
92:f6:dc:ce:f2:17:b6:87:fd:f2:c8:73:0a:9a:e8:
41:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F1:19:BA:CD:6F:8D:69:4F:62:F1:A3:33:54:8B:FC:EA:44:6E:98
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E21F9E0BEDE11EFB464D570762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.32.0/21
Signature Algorithm: sha256WithRSAEncryption
56:c5:21:79:4c:bf:43:2c:ee:f9:e1:da:8d:2c:bc:51:23:43:
d2:4a:a3:37:3a:73:d9:05:52:5b:bc:35:94:a2:f2:c1:cf:b8:
93:48:c1:2a:81:02:e4:f4:0f:8f:62:c0:b5:fe:25:b3:9f:4d:
af:1c:fc:9d:3a:f5:4d:42:c7:0d:2c:35:65:dd:14:33:c0:e3:
20:62:1c:63:ff:48:6f:0c:5c:92:e9:c4:11:1a:d8:98:da:67:
fb:d6:32:df:dd:2c:cb:c3:03:f0:10:27:ef:62:fa:7b:1b:00:
74:a6:dc:dd:fb:8f:c9:e5:6b:c1:f6:b4:ef:ee:9d:17:8d:09:
40:eb:d0:ac:ee:2e:d0:fb:92:b6:57:14:2b:0e:71:11:d2:11:
a8:ac:79:18:8f:52:10:fd:ae:6e:e6:ee:2b:80:c4:13:22:83:
ad:47:b4:7f:c7:21:b0:8c:c5:91:69:9c:66:36:ba:3b:d9:51:
a1:2f:97:76:69:8b:47:fa:51:fc:2d:ef:23:c6:50:34:7e:cc:
84:00:86:f7:eb:33:e3:ec:f8:47:54:ef:a6:a8:99:c7:6b:46:
37:05:73:86:0b:16:a3:e5:1e:0c:db:a2:f0:7e:80:03:99:dc:
5e:b0:5f:46:42:3d:24:c1:5c:2f:84:8a:05:23:4d:74:98:ed:
55:51:4c:90
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR1GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMTQyNTE3WhcNMjUwNjI1MTQyNTE3WjAYMRYw
FAYDVQQDEw02NzY1N2U1MS0xZGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5g3GNx9q1EOQHO/0yXhB9op7LEDOcBt/3lt5CNVoBR2ePOIeZzQyvYq5
8DujPJkpBdeNKcdr5nQHCAwmt+S44MIm+6tIkWlhXfUNvtrjcFBcjjQbp9cHvqjt
u3AeWVDI/4vP+pdWSoB/J7IimG+tLGYvjWDiOF6vwV6UeSCh9SLzhwr76tqs1GGn
diDWsINbzjiWFaqO4nMbqMVmc9qoAQNR/qrM3g1bU01tmdCVohm/A6ZwL+6lrm/I
pc/6/5xSJPAnRRg8wwKPkmrSGxa0wFS1U2v3wmmIGZauY+aul43C9Ungfn3XlxeH
FpbnxQqS9tzO8he2h/3yyHMKmuhByQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCfx
GbrNb41pT2LxozNUi/zqRG6YMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTIxRjlFMEJFREUxMUVGQjQ2NEQ1NzA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlQgMA0GCSqGSIb3DQEB
CwUAA4IBAQBWxSF5TL9DLO754dqNLLxRI0PSSqM3OnPZBVJbvDWUovLBz7iTSMEq
gQLk9A+PYsC1/iWzn02vHPydOvVNQscNLDVl3RQzwOMgYhxj/0hvDFyS6cQRGtiY
2mf71jLf3SzLwwPwECfvYvp7GwB0ptzd+4/J5WvB9rTv7p0XjQlA69Cs7i7Q+5K2
VxQrDnER0hGorHkYj1IQ/a5u5u4rgMQTIoOtR7R/xyGwjMWRaZxmNro72VGhL5d2
aYtH+lH8Le8jxlA0fsyEAIb36zPj7PhHVO+mqJnHa0Y3BXOGCxaj5R4M26LwfoAD
mdxesF9GQj0kwVwvhIoFI010mO1VUUyQ
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:14 2025 by rpki-client