Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43B12048CF6411EFAA3B236E762E951A.roa
File: 43B12048CF6411EFAA3B236E762E951A.roa (raw, json)
Hash identifier: wqODKj2NaoEux/QpinVNecSZD6SYC43k8tiQ2lAB8bA=
Subject key identifier: D2:84:1A:D3:BB:0F:71:45:E1:4B:09:70:D2:C8:8C:FB:83:48:6A:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013A2E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43B12048CF6411EFAA3B236E762E951A.roa
Signing time: Fri 10 Jan 2025 15:05:01 +0000
ROA not before: Fri 10 Jan 2025 15:04:57 +0000
ROA not after: Sun 12 Dec 2027 15:04:57 +0000
asID: 17561
IP address blocks: 154.81.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80430 (0x13a2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 10 15:04:57 2025 GMT
Not After : Dec 12 15:04:57 2027 GMT
Subject: CN=6781371d-61c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:77:51:ad:89:74:5b:f0:68:f7:5c:e4:6b:a6:
57:73:47:a6:5b:b5:fc:1d:1f:d5:e0:d8:c5:52:4c:
55:86:99:db:fb:0e:65:27:37:9d:22:48:bd:4d:ef:
f9:91:69:03:07:11:f7:c0:a4:f9:30:9d:51:93:7b:
4d:9f:8a:31:c0:e3:61:b5:ac:66:0e:ca:f8:83:7f:
82:11:68:a9:55:88:b5:21:85:7d:91:46:25:8a:9f:
85:4f:e9:de:56:62:ba:e4:5f:b2:eb:7b:b9:5e:0f:
27:7c:10:9f:e4:23:a7:58:44:a6:e0:d4:36:0d:8a:
4f:e9:3b:74:03:57:80:b8:15:51:c1:c4:aa:fb:fb:
ad:56:14:d5:a6:5a:d4:3e:2b:99:e2:aa:98:a7:c1:
15:59:f9:31:7e:ee:4f:b0:9d:72:cc:5b:a8:3c:13:
55:b0:24:42:81:72:d3:6b:ba:a0:dd:41:43:21:9e:
26:46:2d:03:29:60:4a:52:41:9a:ca:09:a7:f7:88:
1d:0a:be:1a:1b:6d:0b:a4:ba:86:0f:a7:27:68:50:
bf:53:6e:5e:6b:89:e7:a6:d3:d8:7b:2e:6c:66:82:
1d:4e:88:34:80:0c:7c:cb:f3:82:50:5c:54:44:e1:
1b:aa:70:b8:32:76:1f:61:9e:6e:b7:14:db:70:f5:
c6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:84:1A:D3:BB:0F:71:45:E1:4B:09:70:D2:C8:8C:FB:83:48:6A:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43B12048CF6411EFAA3B236E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.152.0/24
Signature Algorithm: sha256WithRSAEncryption
51:41:f7:11:72:95:3a:f5:c2:ec:1d:eb:92:bd:1f:5e:3a:aa:
31:e0:81:0c:92:cb:87:0c:5c:5a:ee:ce:1d:9e:d7:ab:8d:14:
9e:24:72:ab:6a:9f:d4:f2:94:91:dc:2e:8d:21:41:de:f6:e7:
ba:1d:7a:b8:45:28:4f:35:11:36:3b:61:fd:fc:73:b7:6c:2f:
82:64:ae:a3:71:a3:af:3f:1f:e6:b6:fa:ca:fd:fb:c2:48:70:
d8:24:92:ba:47:de:8e:f0:e3:5b:a9:73:7b:63:0c:2b:a5:9f:
76:f0:d3:dd:33:70:e6:a7:ae:4c:6b:65:10:1d:13:6b:9c:68:
e0:44:82:ca:4b:3b:e9:d1:1c:4b:df:98:2e:b2:51:c0:30:bc:
90:0a:a3:b3:e6:21:42:32:bb:b5:f7:1a:3e:87:9e:cc:77:2d:
f4:b9:37:35:eb:7a:4e:63:41:ef:60:f1:4d:08:30:e9:32:39:
4c:6a:24:53:9e:12:58:22:6e:f9:b0:33:99:0c:6c:65:0f:ee:
18:3e:1a:22:58:cf:34:ba:da:61:72:8d:11:ce:ca:55:33:c6:
4a:17:bb:50:4b:d5:f5:b7:91:7f:f0:4f:11:18:dd:73:fe:c3:
69:74:8c:81:9d:81:20:4a:b8:d3:3e:85:cb:46:d3:fc:39:20:
49:8d:c7:ac
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATouMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEwMTUwNDU3WhcNMjcxMjEyMTUwNDU3WjAYMRYw
FAYDVQQDEw02NzgxMzcxZC02MWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy3dRrYl0W/Bo91zka6ZXc0emW7X8HR/V4NjFUkxVhpnb+w5lJzedIki9
Te/5kWkDBxH3wKT5MJ1Rk3tNn4oxwONhtaxmDsr4g3+CEWipVYi1IYV9kUYlip+F
T+neVmK65F+y63u5Xg8nfBCf5COnWESm4NQ2DYpP6Tt0A1eAuBVRwcSq+/utVhTV
plrUPiuZ4qqYp8EVWfkxfu5PsJ1yzFuoPBNVsCRCgXLTa7qg3UFDIZ4mRi0DKWBK
UkGaygmn94gdCr4aG20LpLqGD6cnaFC/U25ea4nnptPYey5sZoIdTog0gAx8y/OC
UFxUROEbqnC4MnYfYZ5utxTbcPXGkwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNKE
GtO7D3FF4UsJcNLIjPuDSGqmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0IxMjA0OENGNjQxMUVGQUEzQjIzNkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlGYMA0GCSqGSIb3DQEB
CwUAA4IBAQBRQfcRcpU69cLsHeuSvR9eOqox4IEMksuHDFxa7s4dnterjRSeJHKr
ap/U8pSR3C6NIUHe9ue6HXq4RShPNRE2O2H9/HO3bC+CZK6jcaOvPx/mtvrK/fvC
SHDYJJK6R96O8ONbqXN7YwwrpZ928NPdM3Dmp65Ma2UQHRNrnGjgRILKSzvp0RxL
35guslHAMLyQCqOz5iFCMru19xo+h57Mdy30uTc163pOY0HvYPFNCDDpMjlMaiRT
nhJYIm75sDOZDGxlD+4YPhoiWM80utphco0RzspVM8ZKF7tQS9X1t5F/8E8RGN1z
/sNpdIyBnYEgSrjTPoXLRtP8OSBJjces
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:21 2025 by rpki-client