Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/47A8D9E2C40C11EF8F928950762E951A.roa
File: 47A8D9E2C40C11EF8F928950762E951A.roa (raw, json)
Hash identifier: o4aDClbBvquAzV3f8PB/C0pjSYWGbhLTfE24BEZBYJM=
Subject key identifier: B1:8F:EE:26:C4:CA:77:53:32:FA:1C:AF:4C:8F:C5:C0:26:C3:4D:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012921
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/47A8D9E2C40C11EF8F928950762E951A.roa
Signing time: Fri 27 Dec 2024 04:37:29 +0000
ROA not before: Fri 27 Dec 2024 04:37:26 +0000
ROA not after: Fri 12 Dec 2025 04:37:26 +0000
asID: 984
IP address blocks: 154.196.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76065 (0x12921)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 04:37:26 2024 GMT
Not After : Dec 12 04:37:26 2025 GMT
Subject: CN=676e2f09-378b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:be:fd:78:f3:3c:b8:cb:03:f8:e2:46:9c:89:
89:05:2e:85:2d:6c:7c:c3:9d:bb:f3:51:7f:e9:c2:
e2:c4:45:5c:65:ee:83:c6:e4:f5:c8:c1:32:1d:ab:
bc:d7:b6:14:31:8f:60:2f:dd:83:b7:54:85:d6:21:
be:89:87:99:95:c8:32:dd:a4:d0:77:62:e2:5d:01:
1c:2a:99:96:a5:20:93:9f:16:a1:71:05:29:47:21:
ab:ab:54:a4:29:b3:46:74:65:85:1b:76:d0:7b:be:
bd:6b:f4:30:e2:dd:22:0a:db:e6:c9:d9:1d:a0:d7:
8c:92:4c:cb:f0:71:cc:2e:59:ef:9a:8b:a2:ad:6e:
4c:7d:99:65:08:16:22:a9:72:e3:78:e2:86:df:a4:
f9:74:db:77:84:77:71:86:66:25:a8:5b:be:39:fa:
ec:ce:f7:4f:2a:ad:fa:ad:e0:2e:ad:3a:21:fa:b4:
cf:fe:19:7f:b3:33:46:fd:44:77:12:be:fd:d2:72:
51:3d:18:c8:af:1f:94:d1:d8:67:3c:cf:0d:7d:37:
da:63:b7:05:d7:45:c7:5b:fb:c4:f5:9f:1f:6b:39:
ed:45:9c:91:9a:5f:f3:6f:f2:29:a8:f5:b6:ac:93:
4c:5b:75:8e:e6:af:e2:18:56:94:53:7b:f2:f1:13:
4c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8F:EE:26:C4:CA:77:53:32:FA:1C:AF:4C:8F:C5:C0:26:C3:4D:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/47A8D9E2C40C11EF8F928950762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.218.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c0:12:04:e6:c3:47:64:6a:a1:d8:f8:9f:98:87:a1:48:3b:
bc:07:1d:e4:bd:f6:e2:87:74:c3:6b:3b:b4:3c:6a:e6:a1:db:
0f:c0:2a:f5:e7:bd:cd:0c:c0:4d:9f:84:b6:89:c2:5c:81:84:
8f:6a:97:f3:dc:f9:ef:62:2b:2c:1a:37:d5:87:a2:48:d3:dc:
ca:2d:e0:04:dd:5a:04:17:78:a9:7b:aa:9a:dc:be:c8:35:3a:
0b:37:8b:78:e4:d8:f3:45:95:cb:8d:02:19:76:17:04:1b:ad:
d5:c0:bb:e1:75:67:da:f2:9c:c2:44:31:e1:5c:0a:95:d8:68:
ba:b3:a6:ae:4e:00:85:48:1f:95:40:5a:a8:06:b1:4d:28:73:
8d:bb:f4:b9:7d:9a:dd:b0:57:af:66:3b:10:66:25:6d:94:d8:
c5:1d:b2:6f:61:1b:1c:c5:5b:fd:d6:78:7f:96:b8:9b:42:63:
63:2e:48:6a:4f:cf:3c:1a:11:4a:08:92:de:52:c9:2d:ce:37:
8f:87:08:84:2e:e1:44:30:17:2c:44:7c:54:1e:82:48:fc:1e:
b9:51:aa:aa:37:44:1f:c1:7d:e0:1b:5c:df:21:1c:6b:73:a8:
a1:7a:59:0b:50:1d:6c:e7:1f:02:d6:3a:ce:49:4c:cf:69:ff:
7e:14:e1:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASkhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDQzNzI2WhcNMjUxMjEyMDQzNzI2WjAYMRYw
FAYDVQQDEw02NzZlMmYwOS0zNzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvb79ePM8uMsD+OJGnImJBS6FLWx8w52781F/6cLixEVcZe6DxuT1yMEy
Hau817YUMY9gL92Dt1SF1iG+iYeZlcgy3aTQd2LiXQEcKpmWpSCTnxahcQUpRyGr
q1SkKbNGdGWFG3bQe769a/Qw4t0iCtvmydkdoNeMkkzL8HHMLlnvmouirW5MfZll
CBYiqXLjeOKG36T5dNt3hHdxhmYlqFu+OfrszvdPKq36reAurToh+rTP/hl/szNG
/UR3Er790nJRPRjIrx+U0dhnPM8NfTfaY7cF10XHW/vE9Z8fazntRZyRml/zb/Ip
qPW2rJNMW3WO5q/iGFaUU3vy8RNMkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLGP
7ibEyndTMvocr0yPxcAmw014MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80N0E4RDlFMkM0MEMxMUVGOEY5Mjg5NTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsTaMA0GCSqGSIb3DQEB
CwUAA4IBAQBlwBIE5sNHZGqh2PifmIehSDu8Bx3kvfbih3TDazu0PGrmodsPwCr1
573NDMBNn4S2icJcgYSPapfz3PnvYissGjfVh6JI09zKLeAE3VoEF3ipe6qa3L7I
NToLN4t45NjzRZXLjQIZdhcEG63VwLvhdWfa8pzCRDHhXAqV2Gi6s6auTgCFSB+V
QFqoBrFNKHONu/S5fZrdsFevZjsQZiVtlNjFHbJvYRscxVv91nh/lribQmNjLkhq
T888GhFKCJLeUsktzjePhwiELuFEMBcsRHxUHoJI/B65UaqqN0QfwX3gG1zfIRxr
c6ihelkLUB1s5x8C1jrOSUzPaf9+FOF4
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:51:46 2025 by rpki-client