Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C2218F0C1B211EF9599F349762E951A.roa
File: 4C2218F0C1B211EF9599F349762E951A.roa (raw, json)
Hash identifier: /X7CDRD7MPEKVrDZWlfCkrF4DyBYsALZa+HgzX5e/Ys=
Subject key identifier: 4C:C1:77:34:FE:53:10:5A:44:E4:3F:4D:48:B9:97:29:EC:21:6C:D3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012183
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C2218F0C1B211EF9599F349762E951A.roa
Signing time: Tue 24 Dec 2024 04:48:20 +0000
ROA not before: Tue 24 Dec 2024 04:48:16 +0000
ROA not after: Wed 10 Dec 2025 04:48:16 +0000
asID: 984
IP address blocks: 154.193.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74115 (0x12183)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 04:48:16 2024 GMT
Not After : Dec 10 04:48:16 2025 GMT
Subject: CN=676a3d14-e1d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:51:c5:44:8d:46:7d:27:5a:54:68:23:2e:5c:
7b:e6:40:93:56:0e:6b:da:c5:22:a1:a0:78:46:1c:
e6:e9:0b:cf:50:d4:ee:89:71:d4:86:b6:ad:cc:d3:
59:da:f8:8f:9e:11:57:e3:12:e8:9a:be:14:36:77:
a3:09:7e:53:3a:8e:8d:95:0f:87:36:a7:08:83:88:
a1:37:b9:9a:49:48:75:2b:24:6b:aa:ea:c3:c4:7d:
f2:e0:52:85:8c:33:10:f0:6d:1c:ff:64:f3:ad:f7:
47:4a:f3:0a:94:53:d5:ac:58:c4:f4:2f:96:d6:bd:
a8:d3:d7:fd:58:50:06:9f:11:90:fe:ba:23:4d:84:
0e:31:1b:cd:b3:2d:a3:f7:e6:cb:3c:4e:1a:50:cb:
fe:f2:49:60:c4:60:9a:a4:d4:de:eb:e5:cf:9d:51:
5e:36:84:77:dc:f9:ce:5c:94:12:98:06:68:03:17:
3d:c5:9b:a8:53:fe:01:01:21:3f:eb:c7:a8:b9:fb:
94:1d:23:28:56:04:b0:a0:90:15:bc:b1:56:47:08:
65:63:3e:19:72:1e:f0:c6:2d:61:dd:5b:7f:7a:a7:
13:e6:bf:ca:87:fb:b3:ca:c3:49:20:c1:b1:d9:f9:
50:bd:21:0a:89:4a:a1:e4:c4:95:4a:9f:df:0e:ff:
a0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C1:77:34:FE:53:10:5A:44:E4:3F:4D:48:B9:97:29:EC:21:6C:D3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C2218F0C1B211EF9599F349762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.107.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:fc:19:9d:72:63:68:d9:aa:16:19:27:3d:cc:a5:84:85:85:
12:19:d5:2b:e4:fa:5f:7a:68:86:20:e4:52:5f:80:2e:0d:c7:
47:28:6d:8b:35:66:95:2b:cc:d0:68:ae:73:3d:e2:16:42:ff:
68:57:73:f7:46:07:8a:cb:02:3d:d8:96:12:b3:56:f2:22:74:
03:1e:ea:96:17:9e:42:75:4c:aa:f7:af:43:3d:2d:94:78:08:
8b:38:f2:e0:a1:ac:03:73:af:9d:48:2c:1f:16:cf:41:f8:7d:
8e:b1:f8:78:0c:29:35:3b:4b:ab:a5:23:b0:2e:77:a6:9c:45:
fb:5a:cc:c3:a5:eb:5d:96:b3:03:54:11:64:42:08:9f:d3:6a:
ab:48:0e:45:ce:16:3a:bf:d4:89:25:45:23:65:77:a6:7f:2d:
4d:76:6c:1e:32:c8:90:a8:a8:20:e2:2b:49:bd:22:d4:c1:4b:
80:ea:dc:80:10:79:76:42:3b:32:03:e8:aa:52:81:32:da:b0:
b3:5d:05:08:af:47:04:36:1c:04:a8:06:de:e5:fb:a6:66:e8:
c8:2f:63:7d:a4:7f:b5:c4:9b:90:73:1a:46:0c:e4:34:58:8e:
21:66:1a:5e:3f:f6:40:4c:6e:5e:8d:11:12:23:cb:49:e8:b6:
ca:cb:75:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASGDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDQ0ODE2WhcNMjUxMjEwMDQ0ODE2WjAYMRYw
FAYDVQQDEw02NzZhM2QxNC1lMWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu1HFRI1GfSdaVGgjLlx75kCTVg5r2sUioaB4Rhzm6QvPUNTuiXHUhrat
zNNZ2viPnhFX4xLomr4UNnejCX5TOo6NlQ+HNqcIg4ihN7maSUh1KyRrqurDxH3y
4FKFjDMQ8G0c/2TzrfdHSvMKlFPVrFjE9C+W1r2o09f9WFAGnxGQ/rojTYQOMRvN
sy2j9+bLPE4aUMv+8klgxGCapNTe6+XPnVFeNoR33PnOXJQSmAZoAxc9xZuoU/4B
ASE/68eoufuUHSMoVgSwoJAVvLFWRwhlYz4Zch7wxi1h3Vt/eqcT5r/Kh/uzysNJ
IMGx2flQvSEKiUqh5MSVSp/fDv+gGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEzB
dzT+UxBaROQ/TUi5lynsIWzTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QzIyMThGMEMxQjIxMUVGOTU5OUYzNDk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsFrMA0GCSqGSIb3DQEB
CwUAA4IBAQCs/BmdcmNo2aoWGSc9zKWEhYUSGdUr5PpfemiGIORSX4AuDcdHKG2L
NWaVK8zQaK5zPeIWQv9oV3P3RgeKywI92JYSs1byInQDHuqWF55CdUyq969DPS2U
eAiLOPLgoawDc6+dSCwfFs9B+H2Osfh4DCk1O0urpSOwLnemnEX7WszDpetdlrMD
VBFkQgif02qrSA5FzhY6v9SJJUUjZXemfy1NdmweMsiQqKgg4itJvSLUwUuA6tyA
EHl2QjsyA+iqUoEy2rCzXQUIr0cENhwEqAbe5fumZujIL2N9pH+1xJuQcxpGDOQ0
WI4hZhpeP/ZATG5ejRESI8tJ6LbKy3Uw
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:35 2025 by rpki-client