Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48E8CC66C1D911EF8B759ABB762E951A.roa
File: 48E8CC66C1D911EF8B759ABB762E951A.roa (raw, json)
Hash identifier: 8ByvXGmJnb2jakvP0Vtv14ESV7WR0zb3/SPbA90HeV8=
Subject key identifier: D5:3E:03:76:88:CB:76:0B:1D:3C:EE:6E:9B:EA:65:8D:B8:9E:C4:9D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0122ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48E8CC66C1D911EF8B759ABB762E951A.roa
Signing time: Tue 24 Dec 2024 09:27:25 +0000
ROA not before: Tue 24 Dec 2024 09:27:21 +0000
ROA not after: Wed 10 Dec 2025 09:27:21 +0000
asID: 984
IP address blocks: 154.194.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74477 (0x122ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 09:27:21 2024 GMT
Not After : Dec 10 09:27:21 2025 GMT
Subject: CN=676a7e7d-f711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c3:14:3b:b4:28:ee:a1:42:81:e2:90:0b:43:
24:8d:4d:33:df:83:a8:ab:cf:c7:21:c4:4e:c2:69:
7f:75:6c:fd:37:fb:66:55:7f:79:49:6e:52:2b:3b:
80:2e:f6:3a:61:1c:3d:e2:03:03:74:d0:dc:79:8c:
c5:31:ff:82:b3:2d:51:ad:cd:23:65:ab:85:d1:3d:
f8:c2:46:79:4b:02:1f:50:03:09:0a:b2:b9:bb:30:
2b:4d:3b:39:74:b3:0a:8c:72:1f:3d:b6:63:25:6e:
8b:98:c3:1e:cd:63:b4:86:f1:98:91:ba:f8:7d:0b:
49:97:3e:c6:1d:c6:84:6a:59:31:e5:10:5e:c7:4a:
ad:40:27:d6:b9:b7:69:39:40:5e:1c:0b:65:34:4f:
cf:ee:5c:ad:35:8f:cc:78:66:82:bb:d7:4f:80:9e:
42:81:4a:9e:f0:0e:77:a8:5b:5c:12:da:bf:9b:75:
a5:ac:69:4d:87:7c:37:c4:9e:7d:80:d8:f1:75:b7:
33:21:ac:80:39:f6:1a:af:e4:55:30:ff:c4:1d:42:
72:b8:82:b8:1a:1a:30:14:51:42:13:ad:ae:74:dd:
9e:20:ed:f1:b5:30:08:2b:79:bb:28:44:ce:3c:9f:
41:b7:07:8c:55:c6:96:62:e2:d9:3b:31:18:c5:78:
c3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3E:03:76:88:CB:76:0B:1D:3C:EE:6E:9B:EA:65:8D:B8:9E:C4:9D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48E8CC66C1D911EF8B759ABB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.235.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:c7:aa:6c:8a:f6:ce:6f:3a:41:d9:ea:d5:ab:d7:1e:fd:63:
6c:05:3a:68:c8:db:08:c0:ec:34:e4:36:c3:53:b9:cc:0a:52:
2c:3c:aa:4f:b8:59:ba:23:0c:2b:b8:54:4b:99:21:8f:3a:92:
eb:e6:3d:4d:ff:17:4d:11:00:11:b1:a8:10:b9:69:c9:55:2c:
e2:4b:02:6b:47:b2:75:a6:0c:8c:89:f9:26:d1:71:e3:41:8b:
75:3c:2c:d2:5a:f3:a5:8b:f4:5c:eb:0e:35:2a:e3:f6:21:67:
40:15:e8:8c:1d:13:f3:6d:7d:8d:ce:a1:b9:d3:5f:0d:6a:ba:
30:35:02:ec:85:28:22:b8:55:c3:ba:13:f5:1f:d2:cf:4d:47:
a0:b9:48:21:7c:3b:9f:32:56:aa:88:db:d9:53:b7:2b:f0:bf:
18:d4:bf:63:31:b1:00:97:8b:5b:59:5b:59:f2:97:d9:27:c7:
59:68:75:00:fb:ff:ae:cf:cb:e6:55:84:38:64:1e:87:1b:55:
0c:38:c0:9b:af:22:71:1c:6d:90:13:38:0d:f1:cc:cf:63:32:
d0:7b:b7:14:06:01:62:a4:80:0e:fa:0a:9c:f3:6d:08:e0:dd:
55:37:4f:56:fe:17:9e:ac:40:76:09:e3:f8:33:b0:bd:08:a3:
9c:22:38:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASLtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDkyNzIxWhcNMjUxMjEwMDkyNzIxWjAYMRYw
FAYDVQQDEw02NzZhN2U3ZC1mNzExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo8MUO7Qo7qFCgeKQC0MkjU0z34Ooq8/HIcROwml/dWz9N/tmVX95SW5S
KzuALvY6YRw94gMDdNDceYzFMf+Csy1Rrc0jZauF0T34wkZ5SwIfUAMJCrK5uzAr
TTs5dLMKjHIfPbZjJW6LmMMezWO0hvGYkbr4fQtJlz7GHcaEalkx5RBex0qtQCfW
ubdpOUBeHAtlNE/P7lytNY/MeGaCu9dPgJ5CgUqe8A53qFtcEtq/m3WlrGlNh3w3
xJ59gNjxdbczIayAOfYar+RVMP/EHUJyuIK4GhowFFFCE62udN2eIO3xtTAIK3m7
KETOPJ9BtweMVcaWYuLZOzEYxXjDSwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNU+
A3aIy3YLHTzubpvqZY24nsSdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OEU4Q0M2NkMxRDkxMUVGOEI3NTlBQkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsLrMA0GCSqGSIb3DQEB
CwUAA4IBAQA6x6psivbObzpB2erVq9ce/WNsBTpoyNsIwOw05DbDU7nMClIsPKpP
uFm6IwwruFRLmSGPOpLr5j1N/xdNEQARsagQuWnJVSziSwJrR7J1pgyMifkm0XHj
QYt1PCzSWvOli/Rc6w41KuP2IWdAFeiMHRPzbX2NzqG5018NarowNQLshSgiuFXD
uhP1H9LPTUeguUghfDufMlaqiNvZU7cr8L8Y1L9jMbEAl4tbWVtZ8pfZJ8dZaHUA
+/+uz8vmVYQ4ZB6HG1UMOMCbryJxHG2QEzgN8czPYzLQe7cUBgFipIAO+gqc820I
4N1VN09W/heerEB2CeP4M7C9CKOcIjiU
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:08 2025 by rpki-client