Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E98E09AE13411EFB2F9105B762E951A.roa
File: 4E98E09AE13411EFB2F9105B762E951A.roa (raw, json)
Hash identifier: KDXu+X/ewojS/tdtzvUmJUuAh8fRQZdxAGLl7DSDn5A=
Subject key identifier: 52:C1:6D:93:0C:9C:46:A1:3A:E3:0D:98:1A:0D:F7:9E:F2:74:8F:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014F1D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E98E09AE13411EFB2F9105B762E951A.roa
Signing time: Sun 02 Feb 2025 07:07:04 +0000
ROA not before: Sun 02 Feb 2025 07:07:01 +0000
ROA not after: Tue 04 Mar 2025 07:07:01 +0000
asID: 272092
IP address blocks: 154.83.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 11:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85789 (0x14f1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 2 07:07:01 2025 GMT
Not After : Mar 4 07:07:01 2025 GMT
Subject: CN=679f1998-fac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cf:02:14:60:84:3d:c6:4f:33:2f:39:82:73:
fd:c0:7a:43:2b:39:8c:54:fc:b7:c4:22:2d:0d:89:
ba:a5:6d:1a:d1:d8:03:88:a5:98:e8:67:a0:a0:67:
d4:33:04:c1:45:43:d9:49:c7:1c:64:79:a6:e3:f0:
44:a0:b2:e0:b6:8b:46:c4:b4:8c:91:b3:c4:50:92:
23:08:44:11:41:cc:15:90:70:c4:db:ec:59:f4:e0:
83:47:25:9d:c0:85:66:16:3a:6c:33:5d:e9:e4:70:
09:26:4c:91:1b:00:ae:f5:eb:59:fb:a3:26:77:b5:
4f:f2:e6:46:db:a0:97:3e:aa:23:2a:3e:59:da:1b:
93:e3:22:04:5d:51:34:b2:0b:3a:7e:26:f3:fc:41:
a0:3d:0b:65:5c:17:5e:5b:35:cd:3a:6c:57:40:24:
5d:22:58:85:3a:05:ae:cb:f7:ab:f2:c0:85:9f:cc:
19:2e:26:15:9e:dc:fb:7c:9a:af:12:96:8d:dd:69:
82:dc:fa:53:7b:47:f7:58:51:1d:97:82:3e:81:98:
79:4c:1d:f9:8b:d1:c1:a2:49:fb:e5:fe:d0:5e:b5:
5d:27:86:f0:76:c0:66:8c:8a:7f:28:fd:ba:63:44:
ef:48:df:29:ab:6d:fa:b0:9a:90:6a:c6:c5:4c:15:
29:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C1:6D:93:0C:9C:46:A1:3A:E3:0D:98:1A:0D:F7:9E:F2:74:8F:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E98E09AE13411EFB2F9105B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.29.0/24
Signature Algorithm: sha256WithRSAEncryption
83:69:0d:4a:66:ba:3e:2d:06:c0:86:c8:73:c0:9e:ea:36:5d:
b6:86:3b:43:3e:c2:5f:62:e0:d8:fa:a1:b5:84:54:f2:d3:1c:
d6:9e:f4:a8:c1:63:94:47:d9:15:a0:54:85:1a:0b:c8:cb:38:
74:99:33:3a:26:9c:f7:d2:a9:de:2e:1d:5c:f7:a3:e7:b5:34:
24:98:19:1c:12:3d:d8:9b:f1:2e:ce:92:9d:16:4f:3d:15:9a:
8b:85:14:c3:dd:7e:fb:5c:ad:a7:fe:18:e0:f5:db:28:b9:32:
44:c1:49:f5:34:fd:ae:81:81:bb:de:3f:4a:25:f9:13:46:d5:
07:3d:eb:6f:c5:81:75:87:a7:1c:db:11:04:b7:d7:91:f1:9f:
76:c1:54:80:b7:1d:ff:f1:30:71:f3:50:17:8b:a9:2d:26:7b:
5b:4c:54:4a:0f:79:9f:0c:cf:8c:3c:d1:88:dc:55:54:a5:e5:
fe:5b:5d:e6:dd:ed:7b:00:56:c3:f1:ca:9e:d0:83:2f:bd:4d:
de:cb:63:5f:de:5a:45:a7:1d:44:91:f0:42:4f:23:2e:de:a1:
f3:80:d0:e4:5e:d1:cb:7b:1f:20:98:0f:90:5a:f2:82:f8:d1:
c1:bd:fe:4e:aa:13:ae:42:db:b0:1d:69:1d:16:cf:04:35:9b:
27:64:8d:d7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU8dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjAyMDcwNzAxWhcNMjUwMzA0MDcwNzAxWjAYMRYw
FAYDVQQDEw02NzlmMTk5OC1mYWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0s8CFGCEPcZPMy85gnP9wHpDKzmMVPy3xCItDYm6pW0a0dgDiKWY6Geg
oGfUMwTBRUPZScccZHmm4/BEoLLgtotGxLSMkbPEUJIjCEQRQcwVkHDE2+xZ9OCD
RyWdwIVmFjpsM13p5HAJJkyRGwCu9etZ+6Mmd7VP8uZG26CXPqojKj5Z2huT4yIE
XVE0sgs6fibz/EGgPQtlXBdeWzXNOmxXQCRdIliFOgWuy/er8sCFn8wZLiYVntz7
fJqvEpaN3WmC3PpTe0f3WFEdl4I+gZh5TB35i9HBokn75f7QXrVdJ4bwdsBmjIp/
KP26Y0TvSN8pq236sJqQasbFTBUpRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFLB
bZMMnEahOuMNmBoN957ydI9UMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RTk4RTA5QUUxMzQxMUVGQjJGOTEwNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlMdMA0GCSqGSIb3DQEB
CwUAA4IBAQCDaQ1KZro+LQbAhshzwJ7qNl22hjtDPsJfYuDY+qG1hFTy0xzWnvSo
wWOUR9kVoFSFGgvIyzh0mTM6Jpz30qneLh1c96PntTQkmBkcEj3Ym/EuzpKdFk89
FZqLhRTD3X77XK2n/hjg9dsouTJEwUn1NP2ugYG73j9KJfkTRtUHPetvxYF1h6cc
2xEEt9eR8Z92wVSAtx3/8TBx81AXi6ktJntbTFRKD3mfDM+MPNGI3FVUpeX+W13m
3e17AFbD8cqe0IMvvU3ey2Nf3lpFpx1EkfBCTyMu3qHzgNDkXtHLex8gmA+QWvKC
+NHBvf5OqhOuQtuwHWkdFs8ENZsnZI3X
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:52:21 2025 by rpki-client