Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/458ACFA8C25911EF8F4CFE68762E951A.roa
File: 458ACFA8C25911EF8F4CFE68762E951A.roa (raw, json)
Hash identifier: 4In00WkFarSma72kJkmiV8AGrwRyf/Y78n9Tn+/GoWE=
Subject key identifier: FF:F5:86:AD:60:01:CD:2E:03:13:36:07:40:2D:08:A5:CA:E8:B2:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012357
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/458ACFA8C25911EF8F4CFE68762E951A.roa
Signing time: Wed 25 Dec 2024 00:43:35 +0000
ROA not before: Wed 25 Dec 2024 00:00:31 +0000
ROA not after: Wed 10 Dec 2025 00:00:31 +0000
asID: 984
IP address blocks: 154.199.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74583 (0x12357)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 00:00:31 2024 GMT
Not After : Dec 10 00:00:31 2025 GMT
Subject: CN=676b5537-df6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:60:96:ad:3d:6f:06:a1:28:72:02:37:c2:7c:
00:7f:db:46:f9:40:5f:60:fd:1a:e1:9e:2f:30:79:
0c:6d:e3:f3:8c:d7:38:cb:72:23:aa:fc:a2:c7:58:
93:a4:48:2c:cd:94:c8:a7:9a:74:1a:96:85:17:ca:
60:6f:32:e2:c7:97:72:d8:98:9f:80:99:7a:6c:83:
cc:bd:26:f2:4c:1a:2b:68:b7:39:40:91:ab:6f:8b:
f2:f7:d5:08:5c:00:cb:94:5b:2f:48:b1:f4:bb:7e:
51:c6:b4:d5:24:19:33:b2:07:6d:2c:15:cd:f9:b6:
46:f0:fc:63:e0:fb:38:93:bb:26:9c:5f:02:f6:80:
9d:56:47:7f:3f:c8:15:55:3c:3d:b7:19:f3:8f:cd:
ad:72:a6:ad:db:99:2f:02:bd:a8:fb:d3:32:15:b3:
90:25:eb:13:5d:79:78:1c:d0:72:5e:4b:8e:f7:88:
a4:35:a3:5f:3a:ea:68:b5:ea:e5:20:32:c3:fe:18:
7a:6f:e4:95:93:d0:42:5e:50:17:08:b5:ec:54:ea:
ce:41:96:6c:25:12:3d:79:19:a6:2f:a8:3a:0c:ef:
a8:fe:8c:e5:39:9b:bf:06:7d:1e:a1:c4:ed:94:91:
b8:0d:d9:60:87:b0:88:d9:be:9b:30:7a:67:9b:c6:
4e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F5:86:AD:60:01:CD:2E:03:13:36:07:40:2D:08:A5:CA:E8:B2:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/458ACFA8C25911EF8F4CFE68762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.57.0/24
Signature Algorithm: sha256WithRSAEncryption
78:89:73:f3:02:77:6c:50:27:fa:9e:16:be:3c:13:df:48:de:
4a:f3:33:24:11:7c:15:2a:b5:ec:96:5d:b6:3d:a2:2c:e3:b5:
1a:b5:8d:94:59:36:cd:00:09:4c:bc:55:a7:29:92:82:a1:ca:
9e:3d:59:cf:cf:f8:66:0a:f4:d7:48:b1:2f:5c:55:d4:17:4a:
1b:49:d9:79:44:de:ae:46:85:e3:93:1b:8c:7b:93:2c:2d:0f:
e8:99:1a:5d:98:ad:a2:d9:40:38:75:1b:0b:8f:06:09:bc:70:
45:cc:96:b4:00:c7:22:80:18:79:ec:50:0d:71:b4:15:e9:5b:
c6:e2:e8:02:3b:fa:44:d7:f2:32:32:a2:34:52:e5:c4:41:ff:
a2:c0:97:89:3a:cc:20:5e:ed:d7:56:4d:80:e3:a9:f5:b1:95:
b5:68:fe:d3:a5:35:79:05:08:b6:4d:91:c5:79:b6:ab:b8:98:
79:ff:b7:02:b4:be:59:f5:67:56:4f:fb:7c:2f:ce:04:1c:d3:
a0:be:fe:26:4c:0d:7d:e2:00:27:20:0f:26:ac:3c:4c:ab:d2:
7b:d2:28:3b:38:7b:b3:7e:18:a6:4d:0c:78:83:66:06:9c:53:
d4:f8:45:55:62:27:31:61:82:cf:ba:ad:6b:cb:35:7c:1e:49:
76:c9:c7:5a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASNXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDAwMDMxWhcNMjUxMjEwMDAwMDMxWjAYMRYw
FAYDVQQDEw02NzZiNTUzNy1kZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3GCWrT1vBqEocgI3wnwAf9tG+UBfYP0a4Z4vMHkMbePzjNc4y3Ijqvyi
x1iTpEgszZTIp5p0GpaFF8pgbzLix5dy2JifgJl6bIPMvSbyTBoraLc5QJGrb4vy
99UIXADLlFsvSLH0u35RxrTVJBkzsgdtLBXN+bZG8Pxj4Ps4k7smnF8C9oCdVkd/
P8gVVTw9txnzj82tcqat25kvAr2o+9MyFbOQJesTXXl4HNByXkuO94ikNaNfOupo
terlIDLD/hh6b+SVk9BCXlAXCLXsVOrOQZZsJRI9eRmmL6g6DO+o/ozlOZu/Bn0e
ocTtlJG4Ddlgh7CI2b6bMHpnm8ZOAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP/1
hq1gAc0uAxM2B0AtCKXK6LJCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NThBQ0ZBOEMyNTkxMUVGOEY0Q0ZFNjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsc5MA0GCSqGSIb3DQEB
CwUAA4IBAQB4iXPzAndsUCf6nha+PBPfSN5K8zMkEXwVKrXsll22PaIs47UatY2U
WTbNAAlMvFWnKZKCocqePVnPz/hmCvTXSLEvXFXUF0obSdl5RN6uRoXjkxuMe5Ms
LQ/omRpdmK2i2UA4dRsLjwYJvHBFzJa0AMcigBh57FANcbQV6VvG4ugCO/pE1/Iy
MqI0UuXEQf+iwJeJOswgXu3XVk2A46n1sZW1aP7TpTV5BQi2TZHFebaruJh5/7cC
tL5Z9WdWT/t8L84EHNOgvv4mTA194gAnIA8mrDxMq9J70ig7OHuzfhimTQx4g2YG
nFPU+EVVYicxYYLPuq1ryzV8Hkl2ycda
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:56 2025 by rpki-client