Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F130C9EC1DC11EFA7196F50762E951A.roa
File: 3F130C9EC1DC11EFA7196F50762E951A.roa (raw, json)
Hash identifier: +x3DuHTZZfcu897iJVNyjqmiRvxlH+rHYqAevkxlJUg=
Subject key identifier: 8F:48:7F:32:08:B8:09:E8:D0:59:8A:28:B9:30:20:55:3D:EF:19:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01230F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F130C9EC1DC11EFA7196F50762E951A.roa
Signing time: Tue 24 Dec 2024 09:48:37 +0000
ROA not before: Tue 24 Dec 2024 09:48:33 +0000
ROA not after: Wed 10 Dec 2025 09:48:33 +0000
asID: 984
IP address blocks: 154.194.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 10:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74511 (0x1230f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 09:48:33 2024 GMT
Not After : Dec 10 09:48:33 2025 GMT
Subject: CN=676a8375-3441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f7:d6:38:f3:30:73:2c:9d:86:53:15:ad:2f:
21:b8:1c:6d:30:84:41:9b:41:30:9d:98:c1:e0:5f:
40:1c:cd:ae:e1:fc:13:ea:e2:5e:56:81:f5:69:01:
7b:2d:48:b0:9e:3d:80:a0:61:ce:e2:3f:34:28:09:
e8:80:f4:4e:60:e7:6c:02:1b:a9:9e:35:43:c1:52:
d2:e0:6a:64:e8:8b:30:c5:93:a1:6c:05:2e:c2:41:
7d:a5:d3:6a:8e:e7:42:91:90:99:de:9e:06:2e:94:
77:3a:3e:be:59:d5:96:d0:98:2d:a2:21:62:1e:5e:
d2:d5:39:30:d4:f1:56:22:da:99:67:13:a4:47:a4:
c4:28:50:fe:07:52:34:9e:3a:23:ee:32:eb:44:bb:
98:1a:6f:e3:7f:5a:be:fd:5b:b0:29:f4:ae:53:0e:
78:4a:99:e5:b9:2d:9a:6d:b2:4b:00:80:5d:59:7e:
84:6d:4e:d0:80:ff:28:8f:0d:48:cf:3a:1c:a0:e2:
3a:10:fd:14:99:3a:0d:41:b0:c0:81:e8:3e:34:29:
03:f6:88:4e:33:67:89:fd:f8:d9:43:57:83:76:95:
2e:97:b7:93:7c:8e:85:59:e3:a4:a8:ef:3e:76:51:
9e:83:31:b6:af:42:6d:cf:e6:bf:76:00:e7:fe:87:
7e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:48:7F:32:08:B8:09:E8:D0:59:8A:28:B9:30:20:55:3D:EF:19:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F130C9EC1DC11EFA7196F50762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.252.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ac:9b:a3:f2:f2:9b:2b:e3:04:18:c7:d3:8b:37:db:b5:4f:
95:28:45:ad:fc:dd:c2:66:ca:16:5c:ca:ee:7e:ca:d0:70:a9:
24:97:9c:99:12:9e:1f:af:62:69:aa:e7:00:da:79:f8:35:4d:
a2:04:fe:fe:07:83:93:3b:b3:75:a5:ab:c9:a6:5e:28:a7:5d:
46:3a:bd:e1:d7:81:78:93:06:90:b8:5d:73:c5:87:43:9f:f9:
70:a1:0e:34:a2:5e:c4:7d:77:3c:dc:09:5e:9a:5a:06:9b:66:
e8:21:44:b5:6d:3f:76:98:49:1e:ba:08:ea:ad:82:4b:c0:8c:
72:0e:e1:bc:58:e3:41:84:0e:bf:f0:3c:88:37:f7:15:bf:89:
f4:18:d4:69:b9:2e:d9:cf:f9:3a:eb:06:1a:36:1c:8e:76:ec:
f3:4b:bd:7e:04:a6:e2:e7:97:3a:2b:1c:61:39:24:8e:af:b9:
a2:2c:d7:7c:08:33:0a:bb:60:44:2b:53:8b:d8:e7:c1:8a:95:
5d:e8:81:38:8b:7c:49:d9:43:38:2f:e8:53:f5:1e:80:c3:5a:
05:8f:8e:7c:df:d1:e5:92:1f:4d:6a:91:00:85:f1:f3:18:e6:
d2:52:5b:52:5c:56:69:b2:9d:e8:7d:d9:a0:ce:55:2c:ac:13:
7c:91:07:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASMPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDk0ODMzWhcNMjUxMjEwMDk0ODMzWjAYMRYw
FAYDVQQDEw02NzZhODM3NS0zNDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqvfWOPMwcyydhlMVrS8huBxtMIRBm0EwnZjB4F9AHM2u4fwT6uJeVoH1
aQF7LUiwnj2AoGHO4j80KAnogPROYOdsAhupnjVDwVLS4Gpk6IswxZOhbAUuwkF9
pdNqjudCkZCZ3p4GLpR3Oj6+WdWW0JgtoiFiHl7S1Tkw1PFWItqZZxOkR6TEKFD+
B1I0njoj7jLrRLuYGm/jf1q+/VuwKfSuUw54SpnluS2abbJLAIBdWX6EbU7QgP8o
jw1IzzocoOI6EP0UmToNQbDAgeg+NCkD9ohOM2eJ/fjZQ1eDdpUul7eTfI6FWeOk
qO8+dlGegzG2r0Jtz+a/dgDn/od+9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI9I
fzIIuAno0FmKKLkwIFU97xkoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRjEzMEM5RUMxREMxMUVGQTcxOTZGNTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsL8MA0GCSqGSIb3DQEB
CwUAA4IBAQB5rJuj8vKbK+MEGMfTizfbtU+VKEWt/N3CZsoWXMrufsrQcKkkl5yZ
Ep4fr2JpqucA2nn4NU2iBP7+B4OTO7N1pavJpl4op11GOr3h14F4kwaQuF1zxYdD
n/lwoQ40ol7EfXc83AlemloGm2boIUS1bT92mEkeugjqrYJLwIxyDuG8WONBhA6/
8DyIN/cVv4n0GNRpuS7Zz/k66wYaNhyOduzzS71+BKbi55c6KxxhOSSOr7miLNd8
CDMKu2BEK1OL2OfBipVd6IE4i3xJ2UM4L+hT9R6Aw1oFj45839Hlkh9NapEAhfHz
GObSUltSXFZpsp3ofdmgzlUsrBN8kQeg
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:50:16 2025 by rpki-client