Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/45AF4C40C40F11EFAFB17463762E951A.roa
File: 45AF4C40C40F11EFAFB17463762E951A.roa (raw, json)
Hash identifier: +SKzQkpGC/HNXcBIP32LOaxJHCfUf9UpSIuMf2nNh18=
Subject key identifier: CE:09:9C:CA:BB:BE:DB:C1:55:8A:EC:1E:9F:ED:BA:D8:B5:12:37:BD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01293F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/45AF4C40C40F11EFAFB17463762E951A.roa
Signing time: Fri 27 Dec 2024 04:58:55 +0000
ROA not before: Fri 27 Dec 2024 04:58:51 +0000
ROA not after: Fri 12 Dec 2025 04:58:51 +0000
asID: 984
IP address blocks: 154.196.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76095 (0x1293f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 04:58:51 2024 GMT
Not After : Dec 12 04:58:51 2025 GMT
Subject: CN=676e340f-b1e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:32:fa:26:95:0a:78:c5:cc:c5:e1:ad:fa:a6:
3b:22:05:5d:fd:71:83:b2:5f:4e:00:62:7e:b4:50:
a1:f6:15:6c:be:13:38:9d:2e:9b:35:b0:2b:b1:1c:
63:5a:eb:76:cf:4c:bb:b6:ab:c8:4d:5c:5f:08:d7:
8c:8a:73:1d:04:29:c0:74:20:66:c1:c2:da:d7:b1:
fb:f3:95:9c:0e:08:59:a1:49:0c:af:54:6a:d8:da:
94:7b:68:d8:d7:1c:77:5a:dc:00:ab:61:1f:20:4b:
f1:c6:6e:ef:48:cd:a6:e7:b9:46:33:87:6e:5e:0c:
96:26:cd:6b:ac:ca:59:19:d5:a1:67:88:7b:d7:93:
d6:11:88:12:9a:0d:b3:74:87:0f:d8:2a:69:cd:b3:
5e:de:20:d0:90:75:54:eb:1e:e6:64:91:c1:4d:3b:
94:95:b8:7f:a0:5a:aa:50:03:1d:97:64:77:45:93:
9a:2c:7b:5d:d7:d1:d8:35:14:e9:70:5e:15:36:70:
3e:7d:f2:8f:50:3b:57:2f:54:af:d0:0b:1d:aa:f8:
75:46:87:4e:b8:41:a2:e0:11:1e:09:14:3a:de:eb:
fb:e0:50:0b:a5:16:57:bb:cc:c1:4e:1c:ea:10:95:
31:33:6f:68:14:b2:ce:63:82:88:05:1b:6f:e8:fd:
5e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:09:9C:CA:BB:BE:DB:C1:55:8A:EC:1E:9F:ED:BA:D8:B5:12:37:BD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/45AF4C40C40F11EFAFB17463762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.233.0/24
Signature Algorithm: sha256WithRSAEncryption
86:48:9f:be:c2:03:dc:34:d6:d0:7f:cc:9b:bf:d9:df:fc:39:
28:3f:f9:d6:e0:12:76:f8:cd:c3:32:f7:0e:b3:d4:bc:03:b9:
17:63:97:6d:49:40:35:58:f4:b0:5b:1b:ee:73:5a:cd:a3:cc:
34:31:e6:88:d1:f6:71:5d:f8:23:91:b4:ff:45:6e:cd:b3:f8:
a2:e3:ee:d0:3e:8e:37:c0:6b:0f:0f:f9:25:0c:cc:dd:4b:0d:
b7:09:f5:4d:a6:68:36:27:71:dc:92:e0:2d:05:18:ea:f6:18:
ee:5e:28:90:f3:5c:96:d0:04:8b:85:17:dd:e9:75:d2:4c:eb:
2f:ec:39:70:3c:cd:83:27:7d:6b:12:7d:8f:79:d0:60:b6:36:
5e:a0:07:a2:74:47:45:a5:e8:98:3a:3e:98:c7:9c:e9:2b:69:
a8:e2:d8:6f:d3:bb:f0:a4:7f:33:32:67:f6:92:81:49:33:8b:
ad:b6:bf:30:7e:da:be:86:0c:0d:82:2c:db:89:6b:82:70:be:
48:11:d3:83:61:3e:f7:b3:46:6f:28:5a:c6:e4:a5:d1:f9:4a:
29:11:95:00:74:a4:75:5a:4a:9c:db:d7:05:0e:60:71:0e:52:
08:21:80:6d:98:1f:e7:be:7c:dd:6a:45:3c:ba:09:8d:75:91:
4d:b2:9f:cd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASk/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDQ1ODUxWhcNMjUxMjEyMDQ1ODUxWjAYMRYw
FAYDVQQDEw02NzZlMzQwZi1iMWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwjL6JpUKeMXMxeGt+qY7IgVd/XGDsl9OAGJ+tFCh9hVsvhM4nS6bNbAr
sRxjWut2z0y7tqvITVxfCNeMinMdBCnAdCBmwcLa17H785WcDghZoUkMr1Rq2NqU
e2jY1xx3WtwAq2EfIEvxxm7vSM2m57lGM4duXgyWJs1rrMpZGdWhZ4h715PWEYgS
mg2zdIcP2CppzbNe3iDQkHVU6x7mZJHBTTuUlbh/oFqqUAMdl2R3RZOaLHtd19HY
NRTpcF4VNnA+ffKPUDtXL1Sv0Asdqvh1RodOuEGi4BEeCRQ63uv74FALpRZXu8zB
ThzqEJUxM29oFLLOY4KIBRtv6P1evwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM4J
nMq7vtvBVYrsHp/tuti1Eje9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NUFGNEM0MEM0MEYxMUVGQUZCMTc0NjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsTpMA0GCSqGSIb3DQEB
CwUAA4IBAQCGSJ++wgPcNNbQf8ybv9nf/DkoP/nW4BJ2+M3DMvcOs9S8A7kXY5dt
SUA1WPSwWxvuc1rNo8w0MeaI0fZxXfgjkbT/RW7Ns/ii4+7QPo43wGsPD/klDMzd
Sw23CfVNpmg2J3HckuAtBRjq9hjuXiiQ81yW0ASLhRfd6XXSTOsv7DlwPM2DJ31r
En2PedBgtjZeoAeidEdFpeiYOj6Yx5zpK2mo4thv07vwpH8zMmf2koFJM4uttr8w
ftq+hgwNgizbiWuCcL5IEdODYT73s0ZvKFrG5KXR+UopEZUAdKR1Wkqc29cFDmBx
DlIIIYBtmB/nvnzdakU8ugmNdZFNsp/N
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:46:53 2025 by rpki-client