Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4452A642D56411EFBFE4AA4B762E951A.roa
File: 4452A642D56411EFBFE4AA4B762E951A.roa (raw, json)
Hash identifier: lplfxxxXpZN7tKZilrFNbiYnJJWuwfjuMQPYQm6U/vU=
Subject key identifier: A4:B7:64:11:C4:71:B4:A4:CE:10:04:D8:AC:B4:52:53:C1:A8:07:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D72
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4452A642D56411EFBFE4AA4B762E951A.roa
Signing time: Sat 18 Jan 2025 06:20:09 +0000
ROA not before: Sat 18 Jan 2025 06:20:05 +0000
ROA not after: Sat 22 Feb 2025 06:20:05 +0000
asID: 395886
IP address blocks: 154.217.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 11:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81266 (0x13d72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 18 06:20:05 2025 GMT
Not After : Feb 22 06:20:05 2025 GMT
Subject: CN=678b4819-702c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a6:27:16:b3:2a:09:fc:44:03:e2:cb:b1:64:
90:c4:c1:03:61:5e:65:70:4b:4f:94:a4:28:e1:1a:
19:ac:17:d8:e2:c2:fc:05:0d:72:f4:07:a1:4f:f5:
18:68:d5:76:43:7d:af:f8:ae:c1:a3:14:9c:14:55:
91:64:a0:52:27:08:bf:54:f0:33:6d:01:6c:ae:44:
64:c6:71:b3:b6:f1:b2:ae:e8:55:5a:68:a7:86:87:
9d:4a:91:ce:2c:a6:f8:99:1a:0e:60:6c:f4:3b:31:
73:fe:62:d1:f2:66:01:9f:da:8d:33:16:b7:35:d8:
01:be:cd:91:37:cd:49:90:ec:29:f6:64:e7:a2:29:
00:d4:af:0a:47:0a:85:09:2e:0c:20:67:2b:3b:38:
ed:de:9f:39:d1:d0:08:58:f8:28:6b:75:24:8e:ab:
78:cd:a4:45:b3:e5:59:c0:09:d0:17:a9:1a:77:8f:
60:fa:bb:f1:e7:3c:b9:95:f1:80:c3:2b:2c:55:6a:
ab:b0:ec:9c:41:04:6a:67:19:76:de:9f:63:2a:8f:
ad:9a:c6:12:2c:02:e3:61:4e:63:a5:06:7d:5c:56:
3c:38:fd:fe:f5:6b:17:af:e0:79:94:ad:cf:46:10:
0a:ee:f8:79:40:67:44:05:2e:89:38:d2:79:78:cf:
5f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B7:64:11:C4:71:B4:A4:CE:10:04:D8:AC:B4:52:53:C1:A8:07:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4452A642D56411EFBFE4AA4B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.236.0/22
Signature Algorithm: sha256WithRSAEncryption
68:19:5a:a5:62:38:16:33:b9:b8:86:18:e0:96:03:ff:00:11:
7f:b1:0b:ce:b7:d6:d2:40:39:b8:c3:e3:8e:22:3c:3e:f8:02:
c2:a3:ef:80:88:98:37:81:8c:93:4a:32:d8:c2:f0:54:63:6e:
8f:1c:94:6e:de:c4:b3:f2:16:ab:c2:6c:69:8d:c7:9f:d3:51:
76:40:b2:1d:09:ef:42:d2:3a:09:fb:8c:02:da:67:0e:44:0b:
b6:3d:33:c2:27:6f:44:f1:0e:55:3e:7f:ba:a8:54:ba:c2:c8:
00:eb:f9:60:88:6a:6b:64:60:34:e3:a0:14:7b:ef:0c:da:e7:
44:05:5b:77:2d:09:b8:bb:e7:a3:6b:55:75:51:c0:35:86:3c:
d7:6b:9d:96:8c:40:cc:df:08:cb:cd:ad:30:4c:ee:1d:9b:9e:
08:4d:96:e6:cd:56:fa:b7:6d:49:71:de:2b:3d:9a:a8:4e:a3:
2e:50:b4:08:58:32:5a:77:d6:fd:1e:b7:55:9d:8d:8d:7e:ed:
ef:49:e6:8d:3e:b2:fa:3b:81:48:9e:0b:01:43:4b:6e:17:53:
00:08:9f:30:39:2c:de:05:3d:29:02:65:dc:58:85:c0:4f:0b:
3d:a2:c1:72:35:5f:06:41:09:6b:72:c5:9d:44:9a:7d:33:6f:
76:34:f1:05
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT1yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDYyMDA1WhcNMjUwMjIyMDYyMDA1WjAYMRYw
FAYDVQQDEw02NzhiNDgxOS03MDJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA56YnFrMqCfxEA+LLsWSQxMEDYV5lcEtPlKQo4RoZrBfY4sL8BQ1y9Aeh
T/UYaNV2Q32v+K7BoxScFFWRZKBSJwi/VPAzbQFsrkRkxnGztvGyruhVWminhoed
SpHOLKb4mRoOYGz0OzFz/mLR8mYBn9qNMxa3NdgBvs2RN81JkOwp9mTnoikA1K8K
RwqFCS4MIGcrOzjt3p850dAIWPgoa3Ukjqt4zaRFs+VZwAnQF6kad49g+rvx5zy5
lfGAwyssVWqrsOycQQRqZxl23p9jKo+tmsYSLALjYU5jpQZ9XFY8OP3+9WsXr+B5
lK3PRhAK7vh5QGdEBS6JONJ5eM9fwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKS3
ZBHEcbSkzhAE2Ky0UlPBqAdyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NDUyQTY0MkQ1NjQxMUVGQkZFNEFBNEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtnsMA0GCSqGSIb3DQEB
CwUAA4IBAQBoGVqlYjgWM7m4hhjglgP/ABF/sQvOt9bSQDm4w+OOIjw++ALCo++A
iJg3gYyTSjLYwvBUY26PHJRu3sSz8harwmxpjcef01F2QLIdCe9C0joJ+4wC2mcO
RAu2PTPCJ29E8Q5VPn+6qFS6wsgA6/lgiGprZGA046AUe+8M2udEBVt3LQm4u+ej
a1V1UcA1hjzXa52WjEDM3wjLza0wTO4dm54ITZbmzVb6t21Jcd4rPZqoTqMuULQI
WDJad9b9HrdVnY2Nfu3vSeaNPrL6O4FIngsBQ0tuF1MACJ8wOSzeBT0pAmXcWIXA
Tws9osFyNV8GQQlrcsWdRJp9M292NPEF
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:14 2025 by rpki-client