Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E973FA2C62711EF8C29D99A762E951A.roa
File: 3E973FA2C62711EF8C29D99A762E951A.roa (raw, json)
Hash identifier: tQzp8hyqEnNn/BFvQY8ovQAozjynPwvN/8wtORJYuto=
Subject key identifier: CC:47:12:77:A3:3F:5E:46:04:47:C4:EC:6C:A2:3C:B5:50:2D:CA:7A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012FA0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E973FA2C62711EF8C29D99A762E951A.roa
Signing time: Sun 29 Dec 2024 20:55:33 +0000
ROA not before: Sun 29 Dec 2024 20:55:29 +0000
ROA not after: Sun 12 Dec 2027 20:55:29 +0000
asID: 17561
IP address blocks: 154.217.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77728 (0x12fa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 20:55:29 2024 GMT
Not After : Dec 12 20:55:29 2027 GMT
Subject: CN=6771b745-1125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:e3:b6:a8:24:0d:29:99:c0:85:62:b5:3e:
1c:e8:f8:a1:35:0f:97:1a:39:18:34:c8:67:d6:d1:
ce:6a:11:df:ca:a3:7f:8a:e5:58:00:4e:e1:de:01:
bd:40:71:95:7f:df:7a:d8:34:d1:bb:69:9a:13:9d:
b3:af:df:62:21:4e:27:a5:6a:8b:ee:aa:05:2b:84:
ba:d9:52:20:12:60:df:a8:b1:f9:1c:9b:72:e7:52:
e2:0a:a7:01:bf:bd:87:f4:41:8c:98:32:a9:a3:69:
da:0c:48:9d:c3:bc:6a:7b:0a:92:8b:26:54:33:6a:
6e:07:c4:69:97:48:dd:a3:7b:9f:90:63:5c:cd:10:
15:1e:c1:cf:65:48:21:32:da:74:37:a1:97:b7:a3:
a2:bc:4e:9f:e8:c5:25:ee:9d:e6:c2:45:16:2d:71:
d4:8e:68:30:5d:f1:fc:9b:b0:fb:d6:2d:c1:2d:56:
ed:68:1b:59:b2:f1:5f:18:0d:71:e6:1d:6f:7b:63:
b8:a6:d4:a3:77:a4:30:9b:ef:13:3f:af:3c:fa:6f:
e0:3e:a2:db:c4:19:41:41:cf:33:ca:4c:15:38:2b:
9d:dd:f4:ab:79:76:3a:01:af:2f:06:19:4a:12:72:
af:c0:2d:56:2e:81:24:f2:5d:f0:af:0f:98:7c:a4:
7e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:47:12:77:A3:3F:5E:46:04:47:C4:EC:6C:A2:3C:B5:50:2D:CA:7A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E973FA2C62711EF8C29D99A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.179.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:2a:1f:52:79:68:ca:b8:ed:7a:38:bb:b6:dc:ae:3c:86:12:
95:b8:31:92:40:13:d9:c2:c2:e2:0a:c2:e7:de:c4:c5:53:a6:
9d:ae:90:62:46:45:1c:d5:58:72:51:cb:8b:9f:52:c4:df:c2:
ad:89:02:98:a1:74:12:f3:c0:cd:55:11:2a:41:54:78:fd:7b:
df:e7:ee:ef:34:57:72:5c:a9:a4:14:c9:1e:05:63:23:47:b0:
01:fd:49:bf:08:9e:58:8a:7f:4a:7e:35:a6:06:9c:0e:74:b9:
d5:af:c5:d0:b2:c3:3c:ff:7b:84:67:33:a3:80:f1:3c:74:55:
61:d9:68:6d:16:bc:86:64:16:c3:8f:96:a0:7d:4d:c8:eb:70:
87:9c:04:2c:42:6e:38:f6:98:bb:85:d2:a5:d8:d2:7e:91:fb:
dd:ca:a0:b5:61:1b:d3:5d:3f:ec:a7:5a:f3:5c:a9:c7:56:96:
cf:31:1d:8c:48:17:35:fe:d9:db:18:d2:76:a3:68:d4:75:d0:
69:35:35:56:97:09:b2:29:59:74:35:10:52:ab:0c:5e:45:68:
fc:ee:af:71:fe:26:af:9c:ea:66:c7:24:dc:09:79:fb:71:2f:
82:c7:50:eb:6a:a9:04:4f:b9:6d:31:78:ba:50:61:57:a8:3d:
be:16:e3:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS+gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjA1NTI5WhcNMjcxMjEyMjA1NTI5WjAYMRYw
FAYDVQQDEw02NzcxYjc0NS0xMTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr8vjtqgkDSmZwIVitT4c6PihNQ+XGjkYNMhn1tHOahHfyqN/iuVYAE7h
3gG9QHGVf9962DTRu2maE52zr99iIU4npWqL7qoFK4S62VIgEmDfqLH5HJty51Li
CqcBv72H9EGMmDKpo2naDEidw7xqewqSiyZUM2puB8Rpl0jdo3ufkGNczRAVHsHP
ZUghMtp0N6GXt6OivE6f6MUl7p3mwkUWLXHUjmgwXfH8m7D71i3BLVbtaBtZsvFf
GA1x5h1ve2O4ptSjd6Qwm+8TP688+m/gPqLbxBlBQc8zykwVOCud3fSreXY6Aa8v
BhlKEnKvwC1WLoEk8l3wrw+YfKR+IwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMxH
EnejP15GBEfE7GyiPLVQLcp6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTk3M0ZBMkM2MjcxMUVGOEMyOUQ5OUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtmzMA0GCSqGSIb3DQEB
CwUAA4IBAQCpKh9SeWjKuO16OLu23K48hhKVuDGSQBPZwsLiCsLn3sTFU6adrpBi
RkUc1VhyUcuLn1LE38KtiQKYoXQS88DNVREqQVR4/Xvf5+7vNFdyXKmkFMkeBWMj
R7AB/Um/CJ5Yin9KfjWmBpwOdLnVr8XQssM8/3uEZzOjgPE8dFVh2WhtFryGZBbD
j5agfU3I63CHnAQsQm449pi7hdKl2NJ+kfvdyqC1YRvTXT/sp1rzXKnHVpbPMR2M
SBc1/tnbGNJ2o2jUddBpNTVWlwmyKVl0NRBSqwxeRWj87q9x/iavnOpmxyTcCXn7
cS+Cx1DraqkET7ltMXi6UGFXqD2+FuOo
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:57 2025 by rpki-client