Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/471F6B7AC53911EF9E9F39B9762E951A.roa
File: 471F6B7AC53911EF9E9F39B9762E951A.roa (raw, json)
Hash identifier: Ss0ApJyrQVhxmeV1lxPAy5Z+hGh7HOTqARbJ0zb2P5M=
Subject key identifier: BB:15:29:9A:F8:CF:26:30:BB:96:5A:DF:00:4C:97:A2:C1:8C:74:9A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012C35
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/471F6B7AC53911EF9E9F39B9762E951A.roa
Signing time: Sat 28 Dec 2024 16:32:07 +0000
ROA not before: Sat 28 Dec 2024 16:32:03 +0000
ROA not after: Fri 12 Dec 2025 16:32:03 +0000
asID: 984
IP address blocks: 154.205.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76853 (0x12c35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 16:32:03 2024 GMT
Not After : Dec 12 16:32:03 2025 GMT
Subject: CN=67702807-e978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:43:c1:dc:12:61:c4:d6:10:81:97:22:9c:f8:
73:2f:37:0b:3e:b4:36:16:8e:94:80:b6:c6:bb:0e:
80:ad:34:8c:bb:b2:79:5d:0a:30:4e:cb:24:81:68:
64:0c:87:65:53:9b:6c:3f:7f:dd:65:7d:2d:45:e3:
5d:7c:75:b3:df:26:58:20:fe:e2:bc:49:8f:e1:6f:
59:c4:32:43:db:66:82:7b:a5:f2:61:43:36:ee:52:
39:8a:07:06:7c:e1:81:52:06:31:2d:cf:78:3e:c6:
c7:f8:18:ef:17:d3:4d:79:e8:a0:02:aa:36:a0:44:
34:40:be:25:d8:b4:2c:71:e8:81:ff:06:00:26:24:
82:f5:c8:21:2d:ea:46:6b:b0:2f:0f:9b:45:ab:1b:
36:93:2a:98:c0:6d:c8:62:45:ea:0a:8c:ad:a8:0e:
5a:47:f1:8e:c8:8c:85:69:c3:40:db:63:12:71:41:
c3:7d:a5:db:7b:4b:ce:01:81:e9:3c:dc:00:0a:28:
84:f0:b4:cc:a8:cf:08:1d:90:ea:eb:c3:1e:5e:32:
a3:de:59:50:83:fa:59:89:96:35:16:c9:2b:ed:63:
ca:e5:1b:29:52:6a:c1:14:63:f0:c9:fc:cd:bf:43:
ee:e5:19:50:56:c2:e7:e5:f0:3d:74:7d:9c:01:4e:
c4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:15:29:9A:F8:CF:26:30:BB:96:5A:DF:00:4C:97:A2:C1:8C:74:9A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/471F6B7AC53911EF9E9F39B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.35.0/24
Signature Algorithm: sha256WithRSAEncryption
84:3b:28:db:eb:7d:e9:c3:10:3b:b5:5d:4d:a7:1d:73:84:3e:
5a:21:b1:0a:d2:e5:2d:99:6d:c6:54:e2:35:25:dd:cb:f2:ab:
cf:6d:d8:f7:11:8a:9a:26:e0:6e:37:5d:36:44:03:3e:e1:28:
23:c9:49:19:c5:b6:7a:1c:a8:85:af:c4:7d:33:dc:51:51:c7:
18:12:42:1e:27:19:11:ad:2c:53:f9:23:09:70:3c:ae:fb:d6:
a8:d4:d8:a1:2f:04:19:0e:85:f4:b6:a5:7c:f8:e9:2e:e8:fb:
a6:bb:26:e4:b5:bb:a6:fe:8e:1e:dd:bd:53:41:16:f6:42:6d:
60:9c:73:a0:dd:f6:63:5c:2e:09:61:7d:1c:64:d5:6a:5f:bf:
66:ec:a3:a5:d1:2e:6e:26:82:d7:07:d6:47:77:47:38:5e:d8:
a2:17:db:dd:3d:02:a3:98:d0:39:3f:c9:4d:25:93:a4:b8:b4:
94:12:04:27:5f:b5:54:c7:70:69:df:62:9d:05:1c:fd:78:a1:
81:7b:27:f5:8e:52:29:97:87:9c:73:4c:c5:a1:b1:66:50:da:
cb:79:18:1b:67:b3:95:1d:53:a4:58:88:c1:4a:1e:03:79:36:
d2:c2:33:92:3e:10:f0:9f:7e:1a:b1:da:b2:a3:6c:bc:6a:df:
61:97:80:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASw1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTYzMjAzWhcNMjUxMjEyMTYzMjAzWjAYMRYw
FAYDVQQDEw02NzcwMjgwNy1lOTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1EPB3BJhxNYQgZcinPhzLzcLPrQ2Fo6UgLbGuw6ArTSMu7J5XQowTssk
gWhkDIdlU5tsP3/dZX0tReNdfHWz3yZYIP7ivEmP4W9ZxDJD22aCe6XyYUM27lI5
igcGfOGBUgYxLc94PsbH+BjvF9NNeeigAqo2oEQ0QL4l2LQsceiB/wYAJiSC9cgh
LepGa7AvD5tFqxs2kyqYwG3IYkXqCoytqA5aR/GOyIyFacNA22MScUHDfaXbe0vO
AYHpPNwACiiE8LTMqM8IHZDq68MeXjKj3llQg/pZiZY1Fskr7WPK5RspUmrBFGPw
yfzNv0Pu5RlQVsLn5fA9dH2cAU7EewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLsV
KZr4zyYwu5Za3wBMl6LBjHSaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzFGNkI3QUM1MzkxMUVGOUU5RjM5Qjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms0jMA0GCSqGSIb3DQEB
CwUAA4IBAQCEOyjb633pwxA7tV1Npx1zhD5aIbEK0uUtmW3GVOI1Jd3L8qvPbdj3
EYqaJuBuN102RAM+4SgjyUkZxbZ6HKiFr8R9M9xRUccYEkIeJxkRrSxT+SMJcDyu
+9ao1NihLwQZDoX0tqV8+Oku6Pumuybktbum/o4e3b1TQRb2Qm1gnHOg3fZjXC4J
YX0cZNVqX79m7KOl0S5uJoLXB9ZHd0c4XtiiF9vdPQKjmNA5P8lNJZOkuLSUEgQn
X7VUx3Bp32KdBRz9eKGBeyf1jlIpl4ecc0zFobFmUNrLeRgbZ7OVHVOkWIjBSh4D
eTbSwjOSPhDwn34asdqyo2y8at9hl4Aj
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:42:47 2025 by rpki-client