Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E6BCE28C5FC11EFA3AC128E762E951A.roa
File: 4E6BCE28C5FC11EFA3AC128E762E951A.roa (raw, json)
Hash identifier: g8z8HMuiM2JR4oMDxTYBFxmPu3ex0vFHsxWZuZKtB+c=
Subject key identifier: D7:B0:7A:31:E4:DE:BD:81:4A:AF:04:42:80:E7:9F:2A:57:AC:8D:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E36
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E6BCE28C5FC11EFA3AC128E762E951A.roa
Signing time: Sun 29 Dec 2024 15:48:11 +0000
ROA not before: Sun 29 Dec 2024 15:48:07 +0000
ROA not after: Sun 12 Dec 2027 15:48:07 +0000
asID: 17561
IP address blocks: 154.216.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77366 (0x12e36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 15:48:07 2024 GMT
Not After : Dec 12 15:48:07 2027 GMT
Subject: CN=67716f3b-0e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9e:b8:c6:f7:bf:fc:75:aa:f1:dd:56:36:5d:
ff:1b:21:d5:30:29:14:cb:7d:64:f6:e2:ca:6b:fe:
ef:e5:80:8a:ea:18:e9:cc:43:bd:60:97:1f:b7:f8:
35:ed:87:5a:05:bf:c1:63:85:44:55:02:9e:9a:63:
f2:75:18:9a:fb:1a:5c:52:cf:a8:3f:d4:6f:0a:86:
c0:af:f1:fe:b8:0e:d0:be:18:b2:68:bf:0b:a2:80:
cd:12:00:09:39:88:88:41:f2:88:e5:89:58:28:52:
18:a4:83:c8:6d:f5:87:40:96:b0:2d:85:27:ef:25:
9a:83:78:58:0d:4d:02:7d:41:e9:c2:b3:16:40:9f:
ad:36:23:ae:9a:04:47:ab:e4:1c:ab:ec:73:6f:d6:
a5:37:70:82:5c:99:0b:99:95:16:38:bb:c9:08:fb:
01:53:2a:9d:c5:06:81:2c:dd:b8:ba:82:dc:be:21:
45:29:a1:f6:98:75:8f:b0:73:4f:d1:f8:1d:1f:14:
1e:22:65:ba:a4:e8:11:10:db:bd:cc:d0:15:bd:6c:
3a:0d:f8:57:60:04:5a:59:3c:52:0c:40:be:5b:2d:
11:57:85:9f:1e:ea:4b:a3:fb:b3:56:56:bd:30:9f:
84:c8:cd:9f:97:d9:8d:a3:dc:0e:21:63:02:d2:9a:
cc:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B0:7A:31:E4:DE:BD:81:4A:AF:04:42:80:E7:9F:2A:57:AC:8D:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E6BCE28C5FC11EFA3AC128E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.30.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:dd:0e:33:c5:11:92:ab:42:89:1b:9c:68:58:51:84:30:f8:
d9:c3:7e:fb:21:c9:c2:55:2e:03:93:72:c3:c1:00:04:7f:a0:
7b:0e:85:6b:d5:4a:46:fa:f1:50:18:19:dd:db:f2:8a:f9:5b:
1e:65:3a:ea:4b:3a:87:4e:50:81:7d:34:df:3c:4f:65:f1:df:
78:8a:9e:84:a8:a0:dc:8a:e1:99:b9:ce:bb:49:84:81:ae:30:
06:76:70:10:f1:8e:6c:91:56:d6:11:ef:bd:62:31:58:be:36:
90:7a:33:d0:3a:61:06:d2:81:e5:a5:16:56:16:88:72:f5:59:
f5:98:c2:9e:01:b5:24:38:54:6a:bf:7a:53:c3:4a:f9:49:b7:
b0:e5:69:69:3c:08:c1:4c:78:bb:8a:e2:9e:a6:dd:ec:42:e1:
33:22:f4:6a:f2:81:d8:71:ed:cd:87:b3:8d:66:e8:93:02:af:
40:02:08:8f:85:f9:a4:72:f9:6e:3d:07:bc:39:f4:2f:2a:db:
7f:36:e2:d4:a5:4e:de:fa:58:38:ef:a2:b7:84:9a:50:b3:6c:
11:e0:17:07:7b:a2:03:14:fa:ba:3d:18:7d:33:49:ce:81:f4:
62:7d:5d:38:32:e9:0d:ee:4f:28:c2:24:62:53:3e:ee:bd:27:
a3:c0:89:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS42MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTU0ODA3WhcNMjcxMjEyMTU0ODA3WjAYMRYw
FAYDVQQDEw02NzcxNmYzYi0wZThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApJ64xve//HWq8d1WNl3/GyHVMCkUy31k9uLKa/7v5YCK6hjpzEO9YJcf
t/g17YdaBb/BY4VEVQKemmPydRia+xpcUs+oP9RvCobAr/H+uA7QvhiyaL8LooDN
EgAJOYiIQfKI5YlYKFIYpIPIbfWHQJawLYUn7yWag3hYDU0CfUHpwrMWQJ+tNiOu
mgRHq+Qcq+xzb9alN3CCXJkLmZUWOLvJCPsBUyqdxQaBLN24uoLcviFFKaH2mHWP
sHNP0fgdHxQeImW6pOgRENu9zNAVvWw6DfhXYARaWTxSDEC+Wy0RV4WfHupLo/uz
Vla9MJ+EyM2fl9mNo9wOIWMC0prM8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNew
ejHk3r2BSq8EQoDnnypXrI3MMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RTZCQ0UyOEM1RkMxMUVGQTNBQzEyOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtgeMA0GCSqGSIb3DQEB
CwUAA4IBAQC93Q4zxRGSq0KJG5xoWFGEMPjZw377IcnCVS4Dk3LDwQAEf6B7DoVr
1UpG+vFQGBnd2/KK+VseZTrqSzqHTlCBfTTfPE9l8d94ip6EqKDciuGZuc67SYSB
rjAGdnAQ8Y5skVbWEe+9YjFYvjaQejPQOmEG0oHlpRZWFohy9Vn1mMKeAbUkOFRq
v3pTw0r5Sbew5WlpPAjBTHi7iuKept3sQuEzIvRq8oHYce3Nh7ONZuiTAq9AAgiP
hfmkcvluPQe8OfQvKtt/NuLUpU7e+lg476K3hJpQs2wR4BcHe6IDFPq6PRh9M0nO
gfRifV04MukN7k8owiRiUz7uvSejwInR
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:28:35 2025 by rpki-client