Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4D877A80C91611EFA7F9D549762E951A.roa
File: 4D877A80C91611EFA7F9D549762E951A.roa (raw, json)
Hash identifier: W/IgN5FZIqb3tkeN/4cfO7mGh83pb0R7fKgcNoM6q14=
Subject key identifier: 4C:72:B4:8F:0D:41:8F:64:9F:F3:1A:0E:5E:59:65:16:9B:92:51:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0132D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4D877A80C91611EFA7F9D549762E951A.roa
Signing time: Thu 02 Jan 2025 14:31:50 +0000
ROA not before: Thu 02 Jan 2025 14:31:46 +0000
ROA not after: Mon 13 Dec 2027 14:31:46 +0000
asID: 17561
IP address blocks: 154.221.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78547 (0x132d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 14:31:46 2025 GMT
Not After : Dec 13 14:31:46 2027 GMT
Subject: CN=6776a356-f1fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e4:66:a9:59:b4:f5:e5:29:1e:59:e5:df:26:
74:c5:fd:9c:dc:a2:72:b6:9c:15:51:b9:fc:44:7d:
73:31:9e:2d:c3:08:2c:de:c3:68:52:73:21:a1:20:
36:48:68:53:fb:f8:55:cf:e6:a0:7e:20:50:b8:eb:
8a:94:e6:26:d7:64:3e:67:81:30:ab:8f:dd:79:6a:
8e:e7:5c:e1:89:40:9d:47:5a:8e:40:ac:4d:f6:34:
6c:db:57:fe:cb:41:f5:a1:12:47:ff:0c:7a:25:6b:
16:1c:f2:0a:c9:0f:b2:c6:da:64:1e:7a:f4:8a:5e:
87:00:b8:2f:57:af:09:36:f1:65:02:ae:39:b3:2b:
27:7d:54:46:3b:41:3a:12:db:a5:b3:f8:b9:d4:00:
d1:bd:39:ac:92:0a:ce:68:82:39:19:d8:38:01:5d:
f0:30:aa:e0:0b:7b:d9:77:89:d9:8a:ec:d4:37:f9:
c2:b7:c7:46:db:04:34:5f:df:af:93:23:b6:a0:7a:
08:25:e2:a8:3c:58:00:12:89:5f:d5:da:2f:de:a2:
52:af:3b:01:cb:9e:80:a3:14:ac:61:b0:7d:04:ff:
a1:e7:1f:40:91:53:7f:52:82:3a:25:41:5e:76:6b:
36:51:8b:dd:e3:ef:43:a7:c5:e6:30:a9:66:3b:28:
8c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:72:B4:8F:0D:41:8F:64:9F:F3:1A:0E:5E:59:65:16:9B:92:51:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4D877A80C91611EFA7F9D549762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.246.0/24
Signature Algorithm: sha256WithRSAEncryption
45:34:68:37:ac:ac:9d:fa:85:4d:e4:c2:59:3d:03:98:95:f1:
d5:e6:cd:29:df:8a:d7:06:9c:16:f0:04:d2:ee:ed:b3:ef:0c:
de:9f:d7:93:a0:0b:ed:fb:d6:8e:1b:b6:af:8c:ce:88:36:ee:
3a:44:41:c7:67:73:92:79:08:4a:16:bb:b1:30:93:a3:31:82:
b2:08:e0:a7:d8:65:3a:1e:c1:96:5e:a8:fb:21:3c:84:3a:e6:
6e:75:18:98:b8:5d:20:0a:0b:5a:a8:53:58:3c:3d:93:30:db:
e2:43:f5:2d:94:a9:fd:a9:9e:c4:29:b3:c6:19:a2:58:60:90:
06:dd:6a:10:4d:58:6e:01:be:51:8b:e7:c8:b3:93:45:5e:3e:
30:d8:dc:34:75:ae:70:30:49:8a:9f:23:10:0c:57:b5:2d:29:
57:fc:2b:95:13:a0:be:3e:94:f2:76:33:c8:3d:19:de:6e:e3:
92:41:a4:e5:c8:1b:1c:4d:67:cb:d4:67:9f:09:da:6c:a1:3b:
8b:39:88:3f:cc:fe:aa:46:bc:f4:a9:56:11:13:ca:66:a5:44:
b1:cf:57:5d:d1:d7:7e:74:a0:11:dd:99:5d:80:2d:ff:79:28:
fe:82:c4:ca:70:5d:9e:10:8b:77:47:b5:44:cc:de:e9:b4:15:
5f:63:60:eb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATLTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTQzMTQ2WhcNMjcxMjEzMTQzMTQ2WjAYMRYw
FAYDVQQDEw02Nzc2YTM1Ni1mMWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt+RmqVm09eUpHlnl3yZ0xf2c3KJytpwVUbn8RH1zMZ4twwgs3sNoUnMh
oSA2SGhT+/hVz+agfiBQuOuKlOYm12Q+Z4Ewq4/deWqO51zhiUCdR1qOQKxN9jRs
21f+y0H1oRJH/wx6JWsWHPIKyQ+yxtpkHnr0il6HALgvV68JNvFlAq45sysnfVRG
O0E6Etuls/i51ADRvTmskgrOaII5Gdg4AV3wMKrgC3vZd4nZiuzUN/nCt8dG2wQ0
X9+vkyO2oHoIJeKoPFgAEolf1dov3qJSrzsBy56AoxSsYbB9BP+h5x9AkVN/UoI6
JUFedms2UYvd4+9Dp8XmMKlmOyiMEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFExy
tI8NQY9kn/MaDl5ZZRabklGlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RDg3N0E4MEM5MTYxMUVGQTdGOUQ1NDk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt32MA0GCSqGSIb3DQEB
CwUAA4IBAQBFNGg3rKyd+oVN5MJZPQOYlfHV5s0p34rXBpwW8ATS7u2z7wzen9eT
oAvt+9aOG7avjM6INu46REHHZ3OSeQhKFruxMJOjMYKyCOCn2GU6HsGWXqj7ITyE
OuZudRiYuF0gCgtaqFNYPD2TMNviQ/UtlKn9qZ7EKbPGGaJYYJAG3WoQTVhuAb5R
i+fIs5NFXj4w2Nw0da5wMEmKnyMQDFe1LSlX/CuVE6C+PpTydjPIPRnebuOSQaTl
yBscTWfL1GefCdpsoTuLOYg/zP6qRrz0qVYRE8pmpUSxz1dd0dd+dKAR3ZldgC3/
eSj+gsTKcF2eEIt3R7VEzN7ptBVfY2Dr
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:40 2025 by rpki-client