Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/434BC0E6C26111EFAC3DA8A2762E951A.roa
File: 434BC0E6C26111EFAC3DA8A2762E951A.roa (raw, json)
Hash identifier: 1hBuP/VG10rkc4vTU+mLLrbomN2V9AWcmuQNxpgkDWY=
Subject key identifier: 54:00:03:FD:E3:83:60:06:D5:CA:DA:C3:BC:39:83:E2:CF:C6:25:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0123B4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/434BC0E6C26111EFAC3DA8A2762E951A.roa
Signing time: Wed 25 Dec 2024 01:40:47 +0000
ROA not before: Wed 25 Dec 2024 01:40:43 +0000
ROA not after: Wed 10 Dec 2025 01:40:43 +0000
asID: 984
IP address blocks: 154.199.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74676 (0x123b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 01:40:43 2024 GMT
Not After : Dec 10 01:40:43 2025 GMT
Subject: CN=676b629f-c563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ee:b2:98:f4:11:1c:0e:d7:3a:1d:5e:53:1f:
8a:05:50:84:bd:1a:8f:9f:23:51:c9:30:1a:9b:7e:
8b:ac:85:93:2e:2c:42:b2:32:d0:5b:41:74:83:95:
f6:11:15:76:88:5f:fc:8c:23:9f:21:30:29:0c:a2:
1c:e4:1a:54:4f:95:5c:77:f7:dc:1a:d5:5c:6f:ba:
19:9b:d9:fc:bd:27:c1:25:a5:b0:3e:86:2d:2e:8e:
31:0b:25:23:86:d7:85:0d:52:41:00:af:a3:eb:de:
3c:b6:c1:c2:87:e7:08:ac:d5:a4:72:2e:07:d9:15:
ae:d8:b9:fe:9c:6a:69:84:67:a9:39:05:d8:a5:87:
3e:27:0d:d2:f1:30:ff:b0:57:0a:e9:5d:c1:ba:e5:
8d:c1:b0:d4:7c:5a:5a:56:a9:f6:45:4e:b3:1d:0f:
79:b4:25:cc:a1:f9:9f:68:69:7f:cf:9c:26:dd:f2:
09:3c:db:03:b0:d5:9a:2d:01:f5:1c:e0:c8:4d:75:
5d:a2:20:a6:05:4e:93:7a:41:12:cf:0e:db:3b:b2:
88:58:62:33:d9:0e:06:4e:4c:5b:aa:68:3d:18:5f:
03:98:71:d1:55:cd:98:b5:1f:4f:d4:d7:89:64:ec:
0f:54:f0:f1:13:35:9b:01:26:55:4a:b2:d4:93:23:
f2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:00:03:FD:E3:83:60:06:D5:CA:DA:C3:BC:39:83:E2:CF:C6:25:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/434BC0E6C26111EFAC3DA8A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.103.0/24
Signature Algorithm: sha256WithRSAEncryption
36:40:f7:76:d7:a9:33:a5:d8:b8:54:f9:fe:ba:c8:13:0c:4a:
e0:6a:e0:b5:9d:59:2a:1c:ba:08:28:76:db:ad:e4:3d:a7:08:
eb:9c:1e:ba:b2:72:c6:1e:16:b2:d9:76:07:0c:39:f0:5f:90:
43:f4:d2:35:40:94:c1:f9:67:87:c7:40:02:1d:ba:8f:4a:4e:
ed:15:40:ce:18:f4:36:74:6a:c1:a7:d5:b2:00:1d:41:4c:aa:
34:b9:db:d9:ab:a4:41:85:26:f9:e4:70:50:a8:94:9d:36:f8:
88:9e:e5:21:ea:2c:72:b0:e3:44:bd:04:4f:b8:21:0d:bf:0e:
99:f5:da:22:da:23:27:7b:83:14:f2:52:ea:a6:78:7f:65:f7:
56:84:75:18:72:4a:44:2f:ca:5d:e1:a6:1f:cf:21:0c:47:0c:
72:46:f9:c5:2b:aa:6f:79:54:e0:95:f8:0c:ff:13:a2:98:9a:
ea:af:1d:1e:25:27:c4:2f:0d:f2:cf:e8:97:b6:fa:f4:53:83:
e7:97:58:45:66:54:87:87:d4:5e:d0:9a:8b:e0:1b:8f:27:0c:
d7:5c:02:60:c2:bb:64:38:55:2c:ff:d4:fa:54:6c:04:f6:e8:
c9:83:40:5b:e1:29:c2:f0:22:11:e7:f4:a2:68:88:f5:d0:50:
6a:11:c0:4e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASO0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDE0MDQzWhcNMjUxMjEwMDE0MDQzWjAYMRYw
FAYDVQQDEw02NzZiNjI5Zi1jNTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt+6ymPQRHA7XOh1eUx+KBVCEvRqPnyNRyTAam36LrIWTLixCsjLQW0F0
g5X2ERV2iF/8jCOfITApDKIc5BpUT5Vcd/fcGtVcb7oZm9n8vSfBJaWwPoYtLo4x
CyUjhteFDVJBAK+j6948tsHCh+cIrNWkci4H2RWu2Ln+nGpphGepOQXYpYc+Jw3S
8TD/sFcK6V3BuuWNwbDUfFpaVqn2RU6zHQ95tCXMofmfaGl/z5wm3fIJPNsDsNWa
LQH1HODITXVdoiCmBU6TekESzw7bO7KIWGIz2Q4GTkxbqmg9GF8DmHHRVc2YtR9P
1NeJZOwPVPDxEzWbASZVSrLUkyPyhQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFQA
A/3jg2AG1craw7w5g+LPxiWyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MzRCQzBFNkMyNjExMUVGQUMzREE4QTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsdnMA0GCSqGSIb3DQEB
CwUAA4IBAQA2QPd216kzpdi4VPn+usgTDErgauC1nVkqHLoIKHbbreQ9pwjrnB66
snLGHhay2XYHDDnwX5BD9NI1QJTB+WeHx0ACHbqPSk7tFUDOGPQ2dGrBp9WyAB1B
TKo0udvZq6RBhSb55HBQqJSdNviInuUh6ixysONEvQRPuCENvw6Z9doi2iMne4MU
8lLqpnh/ZfdWhHUYckpEL8pd4aYfzyEMRwxyRvnFK6pveVTglfgM/xOimJrqrx0e
JSfELw3yz+iXtvr0U4Pnl1hFZlSHh9Re0JqL4BuPJwzXXAJgwrtkOFUs/9T6VGwE
9ujJg0Bb4SnC8CIR5/SiaIj10FBqEcBO
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:56 2025 by rpki-client