Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/46081B74C93011EFA5953C6D762E951A.roa
File: 46081B74C93011EFA5953C6D762E951A.roa (raw, json)
Hash identifier: ogokYeQLhahneNt6+MiULnR3XJQ0vxlW57p64ehZG0A=
Subject key identifier: 1B:30:0A:D4:1B:A0:76:7B:E4:4B:19:7A:82:AB:0E:AD:B7:34:9E:B3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0133A5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/46081B74C93011EFA5953C6D762E951A.roa
Signing time: Thu 02 Jan 2025 17:37:44 +0000
ROA not before: Thu 02 Jan 2025 17:37:41 +0000
ROA not after: Mon 13 Dec 2027 17:37:41 +0000
asID: 17561
IP address blocks: 154.222.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78757 (0x133a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 17:37:41 2025 GMT
Not After : Dec 13 17:37:41 2027 GMT
Subject: CN=6776cee8-c8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:31:99:56:17:00:27:fc:1e:11:50:ea:47:5f:
5c:69:73:2c:ef:68:90:09:5f:f1:a3:5f:cf:c0:77:
4a:72:28:82:83:7d:d4:28:d1:db:39:b5:de:85:e9:
07:9d:2e:58:85:75:8a:9e:9f:b1:32:12:8d:d5:ac:
4a:a5:ca:37:9d:dd:13:7e:03:b5:7f:4a:8b:46:b3:
c4:e3:2b:d5:45:8c:c2:97:3b:85:21:fd:84:fa:2b:
9b:a6:b7:73:61:78:18:91:e1:85:df:b3:8b:66:76:
68:b5:98:ea:0f:92:1c:03:4a:e4:e6:1d:a0:31:05:
6e:db:d7:5c:29:3d:17:d3:42:ba:0e:f0:1f:a7:2e:
d6:30:8b:7b:f8:b1:53:ad:31:95:22:5c:94:e3:26:
c9:79:83:66:d9:4e:80:f8:78:a2:57:ff:6a:b5:75:
56:72:98:83:48:8c:ef:da:d0:b0:f9:be:ff:07:04:
37:7e:b2:d8:c9:e0:0a:45:38:78:d3:41:e2:23:8a:
9c:59:d0:7a:c0:cd:c0:e8:a6:e5:6f:e3:a1:61:7a:
32:f0:d9:53:3b:1e:58:57:3a:cc:6b:ab:5d:c5:6b:
c0:8f:43:34:6b:e7:80:c5:9d:ee:a8:e4:79:b9:15:
77:2f:6c:e6:62:d4:6e:73:bb:00:65:f6:0d:9d:e6:
cf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:30:0A:D4:1B:A0:76:7B:E4:4B:19:7A:82:AB:0E:AD:B7:34:9E:B3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/46081B74C93011EFA5953C6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.160.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e7:6f:17:e4:c1:4f:54:71:f7:3d:dc:4e:fd:d1:3a:5b:05:
16:79:89:99:4b:ba:73:6d:f6:b9:b3:96:b1:21:80:63:cb:f6:
94:8f:c2:37:08:2c:67:3d:a9:d8:1b:60:82:a8:ac:05:cb:c6:
6c:6c:2d:d4:1c:85:cc:b9:29:f6:a0:fd:04:10:11:a0:77:94:
03:5a:10:fd:c5:79:c7:85:4b:7d:fa:02:92:05:f4:de:e0:fb:
e7:bd:f5:1b:a9:f7:8c:dc:bc:85:47:fd:da:f3:d2:20:12:b7:
ed:69:e3:ff:a0:17:5b:a5:bc:d2:fc:a7:99:2a:d3:7f:ce:04:
be:43:1b:fe:f9:ca:11:2e:e8:70:b4:ef:03:d9:70:cb:2f:01:
b2:9a:f5:f6:44:a9:66:c5:80:ec:06:5b:35:e9:3b:e5:3c:6e:
d8:1b:af:41:1e:36:4a:3d:e1:30:3a:4d:52:01:db:e6:55:af:
a7:67:c5:0f:37:fd:e6:1f:35:93:48:51:e0:d0:3b:f6:eb:57:
1f:5f:58:64:92:1b:15:a4:db:14:00:cf:96:11:f6:74:0e:67:
12:a9:d4:03:eb:c0:20:83:df:4c:91:df:73:d8:88:a4:d7:b4:
b2:54:98:08:9b:2f:85:31:3d:c1:70:89:3d:80:45:35:40:52:
d1:f9:f9:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATOlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTczNzQxWhcNMjcxMjEzMTczNzQxWjAYMRYw
FAYDVQQDEw02Nzc2Y2VlOC1jOGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9DGZVhcAJ/weEVDqR19caXMs72iQCV/xo1/PwHdKciiCg33UKNHbObXe
hekHnS5YhXWKnp+xMhKN1axKpco3nd0TfgO1f0qLRrPE4yvVRYzClzuFIf2E+iub
prdzYXgYkeGF37OLZnZotZjqD5IcA0rk5h2gMQVu29dcKT0X00K6DvAfpy7WMIt7
+LFTrTGVIlyU4ybJeYNm2U6A+HiiV/9qtXVWcpiDSIzv2tCw+b7/BwQ3frLYyeAK
RTh400HiI4qcWdB6wM3A6Kblb+OhYXoy8NlTOx5YVzrMa6tdxWvAj0M0a+eAxZ3u
qOR5uRV3L2zmYtRuc7sAZfYNnebPoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBsw
CtQboHZ75EsZeoKrDq23NJ6zMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NjA4MUI3NEM5MzAxMUVGQTU5NTNDNkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6gMA0GCSqGSIb3DQEB
CwUAA4IBAQCb528X5MFPVHH3PdxO/dE6WwUWeYmZS7pzbfa5s5axIYBjy/aUj8I3
CCxnPanYG2CCqKwFy8ZsbC3UHIXMuSn2oP0EEBGgd5QDWhD9xXnHhUt9+gKSBfTe
4PvnvfUbqfeM3LyFR/3a89IgErftaeP/oBdbpbzS/KeZKtN/zgS+Qxv++coRLuhw
tO8D2XDLLwGymvX2RKlmxYDsBls16TvlPG7YG69BHjZKPeEwOk1SAdvmVa+nZ8UP
N/3mHzWTSFHg0Dv261cfX1hkkhsVpNsUAM+WEfZ0DmcSqdQD68Agg99Mkd9z2Iik
17SyVJgImy+FMT3BcIk9gEU1QFLR+fmE
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:03:14 2025 by rpki-client