Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D1D746D2E511EF8D362F94762E951A.roa
File: 43D1D746D2E511EF8D362F94762E951A.roa (raw, json)
Hash identifier: EWu30ELyQcQ7WzXeaP5RwHDrfPG5IkN8guo/2rJX9Sw=
Subject key identifier: CE:4C:A6:BB:5B:9B:9F:F7:C0:56:FC:D9:EA:E6:51:12:C5:CE:72:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B8C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D1D746D2E511EF8D362F94762E951A.roa
Signing time: Wed 15 Jan 2025 02:06:00 +0000
ROA not before: Wed 15 Jan 2025 02:05:56 +0000
ROA not after: Mon 03 Jan 2028 02:05:56 +0000
asID: 17561
IP address blocks: 154.222.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80780 (0x13b8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 02:05:56 2025 GMT
Not After : Jan 3 02:05:56 2028 GMT
Subject: CN=67871808-1251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:73:68:ee:4c:c5:52:1f:4d:18:21:b7:0a:61:
7e:1d:c5:7c:d9:b6:c7:a0:c8:72:6f:93:33:8f:d3:
5d:90:f6:61:c6:04:52:fd:39:ac:94:6f:a3:8c:7e:
75:a1:24:63:b9:54:57:cc:71:ca:23:8b:f4:7a:db:
14:2b:bf:df:70:23:9a:53:4a:c1:50:d8:a3:64:5c:
db:07:bf:b9:de:6b:19:b5:12:ec:06:42:bc:dd:c9:
c6:bd:cc:10:ff:f6:2e:96:c3:63:d0:34:36:14:39:
3e:d4:0e:85:61:28:bb:c3:fc:ae:55:0c:22:c4:9c:
15:52:82:56:43:e1:93:9a:b3:8b:ee:b4:91:de:ad:
76:ff:76:37:f2:fc:7f:4a:22:04:ba:cf:ee:73:eb:
e9:c9:c1:70:d4:e3:ab:84:f6:95:82:b4:56:bf:ae:
2a:f1:44:28:3f:e9:6b:2b:3b:83:99:b1:27:51:69:
1e:76:71:b1:0a:b7:8c:a9:d3:e4:a5:4b:2f:c4:12:
b0:76:e2:40:ad:da:e2:87:e1:4b:12:d0:1d:bb:9d:
7c:48:a3:ea:50:50:aa:6e:1c:b8:32:41:91:ef:8d:
e9:b4:47:e7:47:ad:47:e2:bd:7b:b5:f5:f3:8f:35:
3e:39:84:67:15:10:6d:50:62:17:fe:16:0a:8d:0b:
8d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4C:A6:BB:5B:9B:9F:F7:C0:56:FC:D9:EA:E6:51:12:C5:CE:72:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D1D746D2E511EF8D362F94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.108.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:81:ef:eb:02:de:bd:fc:b1:f4:d2:92:30:a4:24:64:6e:5f:
48:bd:8c:28:b0:f2:a1:04:c8:32:e9:82:82:15:f7:9d:8f:b9:
48:22:c9:92:2b:8c:97:4a:8a:1f:97:0a:ef:16:e7:dd:fd:f4:
ca:59:0a:94:09:dd:7a:92:e2:e2:f3:0c:4d:0b:da:98:6f:49:
e1:8c:4f:f5:02:4f:42:da:31:a2:86:2c:9b:bf:b7:1c:68:72:
63:91:4e:d9:6d:ec:ae:20:e9:af:c4:e7:d6:28:75:e2:de:f7:
0d:b7:e9:69:94:ea:54:21:b5:2f:9a:de:5f:01:f3:cf:b2:c7:
fd:c4:e0:9b:18:8d:f0:19:ac:0d:b9:1e:cf:9c:2c:74:42:33:
79:4c:7b:ce:df:5d:12:1f:88:5f:ae:a1:c0:83:67:55:23:c9:
13:b8:70:f5:be:87:d4:8e:d0:22:62:18:0f:42:49:a2:a8:45:
fd:c5:69:f6:8e:dc:44:e9:8f:84:ae:8c:2b:37:eb:01:1c:11:
b4:f7:1f:ba:26:12:75:92:8f:e9:13:33:9e:32:12:29:91:4f:
20:4f:ba:14:70:bd:89:a9:41:ca:49:f3:83:4e:a1:96:8e:36:
43:1f:73:9b:97:46:90:72:24:0c:a6:e5:c2:38:6e:46:20:22:
03:5e:af:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATuMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDIwNTU2WhcNMjgwMTAzMDIwNTU2WjAYMRYw
FAYDVQQDEw02Nzg3MTgwOC0xMjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn3No7kzFUh9NGCG3CmF+HcV82bbHoMhyb5Mzj9NdkPZhxgRS/TmslG+j
jH51oSRjuVRXzHHKI4v0etsUK7/fcCOaU0rBUNijZFzbB7+53msZtRLsBkK83cnG
vcwQ//YulsNj0DQ2FDk+1A6FYSi7w/yuVQwixJwVUoJWQ+GTmrOL7rSR3q12/3Y3
8vx/SiIEus/uc+vpycFw1OOrhPaVgrRWv64q8UQoP+lrKzuDmbEnUWkednGxCreM
qdPkpUsvxBKwduJArdrih+FLEtAdu518SKPqUFCqbhy4MkGR743ptEfnR61H4r17
tfXzjzU+OYRnFRBtUGIX/hYKjQuNywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM5M
prtbm5/3wFb82ermURLFznJzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0QxRDc0NkQyRTUxMUVGOEQzNjJGOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5sMA0GCSqGSIb3DQEB
CwUAA4IBAQC5ge/rAt69/LH00pIwpCRkbl9IvYwosPKhBMgy6YKCFfedj7lIIsmS
K4yXSooflwrvFufd/fTKWQqUCd16kuLi8wxNC9qYb0nhjE/1Ak9C2jGihiybv7cc
aHJjkU7ZbeyuIOmvxOfWKHXi3vcNt+lplOpUIbUvmt5fAfPPssf9xOCbGI3wGawN
uR7PnCx0QjN5THvO310SH4hfrqHAg2dVI8kTuHD1vofUjtAiYhgPQkmiqEX9xWn2
jtxE6Y+ErowrN+sBHBG09x+6JhJ1ko/pEzOeMhIpkU8gT7oUcL2JqUHKSfODTqGW
jjZDH3Obl0aQciQMpuXCOG5GICIDXq/x
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:52 2025 by rpki-client