Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43873B30BC4411EFB33BEF98762E951A.roa
File: 43873B30BC4411EFB33BEF98762E951A.roa (raw, json)
Hash identifier: P0WlhOCI8YJJIfXNT0Nm7xVU3WNNxStn5Kq81IeFX2Y=
Subject key identifier: A4:1B:8C:4A:84:89:88:83:89:05:79:6C:FD:D7:9A:27:6F:5B:EF:35
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011BB5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43873B30BC4411EFB33BEF98762E951A.roa
Signing time: Tue 17 Dec 2024 06:58:05 +0000
ROA not before: Tue 17 Dec 2024 06:58:01 +0000
ROA not after: Sun 22 Jun 2025 06:58:01 +0000
asID: 4755
IP address blocks: 154.81.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72629 (0x11bb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 17 06:58:01 2024 GMT
Not After : Jun 22 06:58:01 2025 GMT
Subject: CN=676120fd-0a4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:97:a8:58:83:77:38:d1:6c:f6:ee:21:44:c6:
0e:c5:f1:20:70:00:c4:1d:26:6a:f8:0e:8f:34:ee:
a0:c8:d7:3e:58:61:ed:a7:3d:e6:32:39:7b:a7:48:
02:56:16:5e:4a:81:cb:64:2e:79:e5:d9:a4:20:3e:
ff:52:94:19:21:5f:53:79:3b:b2:2d:be:e9:7a:77:
7b:79:ab:51:3f:73:38:fb:b2:e3:15:47:eb:f3:64:
26:46:0b:c9:ba:6b:e0:f4:fe:0b:73:7e:df:ef:6b:
b5:54:de:ef:f9:82:a6:64:1b:df:c2:14:68:8a:8c:
0b:ba:1f:6d:31:14:73:23:16:4f:48:bc:99:ea:81:
79:52:94:97:4c:13:99:ff:ec:50:ab:06:18:70:44:
76:d1:0b:59:ac:af:a6:68:29:6a:2e:93:7b:83:7f:
db:ab:d3:34:e2:02:52:d3:01:52:f4:b8:48:ce:31:
8d:8a:45:fb:88:be:1b:53:e6:e6:75:be:a9:ca:eb:
ca:25:82:8b:dc:22:a1:00:56:84:f7:29:c2:af:21:
c5:35:e7:f4:de:36:67:64:b4:b6:fc:be:fd:4d:8d:
fb:96:9c:39:05:bf:6b:25:9e:d9:18:87:97:1b:85:
71:73:50:89:b3:fc:06:5d:5f:69:05:9b:12:76:74:
85:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:1B:8C:4A:84:89:88:83:89:05:79:6C:FD:D7:9A:27:6F:5B:EF:35
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43873B30BC4411EFB33BEF98762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.60.0/24
Signature Algorithm: sha256WithRSAEncryption
39:6b:ae:ca:1c:45:19:85:d0:54:3c:8d:cc:b6:75:e4:f9:dc:
b2:7d:d1:fb:d1:0a:40:c8:41:43:85:ad:59:13:1c:3c:13:06:
f7:e3:8b:56:dc:d1:55:ab:f2:19:b8:11:58:bd:02:88:7f:08:
d7:29:3f:78:01:f1:0f:5f:76:da:47:cf:75:fd:38:c7:15:c1:
29:13:8c:78:14:cb:75:b4:55:70:5f:e1:74:8d:f6:a9:d1:12:
a7:18:be:59:8f:62:e7:13:72:a9:7a:18:55:bc:e6:43:af:c9:
57:75:bb:9e:86:02:f7:bf:f3:52:83:37:31:ff:ca:16:dd:2d:
9e:09:b6:ab:e9:4f:aa:2e:cd:0b:bf:cc:bf:59:5a:ff:41:eb:
23:ec:05:40:99:61:82:28:b0:67:4b:82:1e:2c:ba:db:69:0f:
bf:5c:23:3d:a5:dc:ad:f2:57:8c:53:78:f0:ee:34:9b:0d:d4:
59:5c:d7:4d:af:e9:c2:1c:c4:89:13:c5:9b:c2:c8:2b:11:7b:
f4:02:e4:aa:5b:61:cc:3e:97:6b:ad:f6:5e:34:04:fd:c3:56:
cd:0d:1c:14:00:70:86:38:1d:2a:ed:a8:54:7c:85:ae:06:f9:
ab:83:89:20:c4:e0:fe:3f:ef:54:e1:03:62:0c:58:96:bb:6d:
25:f7:7e:ff
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARu1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjE3MDY1ODAxWhcNMjUwNjIyMDY1ODAxWjAYMRYw
FAYDVQQDEw02NzYxMjBmZC0wYTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0JeoWIN3ONFs9u4hRMYOxfEgcADEHSZq+A6PNO6gyNc+WGHtpz3mMjl7
p0gCVhZeSoHLZC555dmkID7/UpQZIV9TeTuyLb7pend7eatRP3M4+7LjFUfr82Qm
RgvJumvg9P4Lc37f72u1VN7v+YKmZBvfwhRoiowLuh9tMRRzIxZPSLyZ6oF5UpSX
TBOZ/+xQqwYYcER20QtZrK+maClqLpN7g3/bq9M04gJS0wFS9LhIzjGNikX7iL4b
U+bmdb6pyuvKJYKL3CKhAFaE9ynCryHFNef03jZnZLS2/L79TY37lpw5Bb9rJZ7Z
GIeXG4Vxc1CJs/wGXV9pBZsSdnSFIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKQb
jEqEiYiDiQV5bP3XmidvW+81MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Mzg3M0IzMEJDNDQxMUVGQjMzQkVGOTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlE8MA0GCSqGSIb3DQEB
CwUAA4IBAQA5a67KHEUZhdBUPI3MtnXk+dyyfdH70QpAyEFDha1ZExw8Ewb344tW
3NFVq/IZuBFYvQKIfwjXKT94AfEPX3baR891/TjHFcEpE4x4FMt1tFVwX+F0jfap
0RKnGL5Zj2LnE3KpehhVvOZDr8lXdbuehgL3v/NSgzcx/8oW3S2eCbar6U+qLs0L
v8y/WVr/Qesj7AVAmWGCKLBnS4IeLLrbaQ+/XCM9pdyt8leMU3jw7jSbDdRZXNdN
r+nCHMSJE8WbwsgrEXv0AuSqW2HMPpdrrfZeNAT9w1bNDRwUAHCGOB0q7ahUfIWu
Bvmrg4kgxOD+P+9U4QNiDFiWu20l937/
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:00 2025 by rpki-client