Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/51C90AB6C63011EFAFC16A55762E951A.roa
File: 51C90AB6C63011EFAFC16A55762E951A.roa (raw, json)
Hash identifier: gVZY87iGxGsN9vxe4IO20AT9Eej3z3TVXINN7rCR45c=
Subject key identifier: 59:23:BF:2E:5D:04:EF:CB:67:2C:D1:6B:4F:27:79:7C:B0:36:30:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012FEC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/51C90AB6C63011EFAFC16A55762E951A.roa
Signing time: Sun 29 Dec 2024 22:00:30 +0000
ROA not before: Sun 29 Dec 2024 22:00:27 +0000
ROA not after: Sun 12 Dec 2027 22:00:27 +0000
asID: 17561
IP address blocks: 154.217.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77804 (0x12fec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 22:00:27 2024 GMT
Not After : Dec 12 22:00:27 2027 GMT
Subject: CN=6771c67e-51f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7d:ff:74:39:f6:8b:a9:eb:55:85:d0:81:27:
e3:fb:6b:23:91:62:ea:5d:a1:e6:51:c9:bc:dd:ef:
a8:6a:0a:75:b8:c9:a3:bf:fe:c7:a2:ed:4a:2d:2e:
9d:48:76:25:54:0e:aa:57:2f:0b:bd:77:7d:63:22:
e3:7d:cb:bb:df:1a:54:1d:63:39:2a:f8:5e:43:4e:
98:cb:e0:b5:0d:ee:fa:72:05:5e:f1:db:ef:69:86:
fd:ac:5d:db:34:05:8e:27:fd:0e:89:8e:00:2b:f1:
e6:09:05:c2:3b:75:b8:65:af:5c:1d:7d:df:1f:b8:
7a:8a:d3:ae:c3:e6:07:14:db:97:da:98:d8:4e:a3:
a5:c7:e9:d0:b2:0e:8a:fb:aa:45:55:35:2e:a2:0e:
8d:90:e3:fa:ed:be:e8:9e:c8:00:39:e6:b1:1a:56:
d2:00:94:59:bf:4f:59:1b:ec:a9:ed:17:d8:24:04:
25:7d:d5:83:24:b1:f5:2f:fa:fe:df:85:13:86:96:
01:74:46:19:39:1f:25:38:5a:67:8d:5c:e1:87:d8:
a7:1a:36:2b:08:b6:dc:61:4d:25:0d:9a:77:4a:c2:
4b:e0:7d:66:84:38:1d:f4:35:1b:e4:30:5a:af:d2:
10:a4:c8:25:f9:ea:d8:23:3b:90:d7:83:02:31:f4:
2f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:23:BF:2E:5D:04:EF:CB:67:2C:D1:6B:4F:27:79:7C:B0:36:30:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/51C90AB6C63011EFAFC16A55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.217.0/24
Signature Algorithm: sha256WithRSAEncryption
50:f3:7f:67:85:06:31:d8:1b:35:d5:25:4b:e9:8a:68:8e:00:
1b:a1:f6:f4:be:d5:b3:ca:4d:4b:94:14:5d:b1:93:15:dc:d4:
30:36:dc:7e:9a:d0:91:49:88:0c:04:22:e7:91:80:c4:94:dc:
ab:cb:ac:0c:2a:04:c3:5b:b6:aa:89:54:5f:b0:73:05:75:3f:
30:28:89:5e:36:a5:f6:60:da:32:2a:05:a3:ce:47:3d:b5:18:
63:e4:63:ac:5a:b1:9e:af:78:28:dc:fe:1a:31:2a:36:40:0d:
d7:7d:76:b3:e0:de:88:23:8a:c0:87:25:63:d4:c3:36:a1:b9:
42:b6:b1:76:4a:3b:5b:a3:ee:30:54:74:cf:92:20:62:4a:05:
df:22:82:89:25:b3:11:14:e3:82:91:fb:20:cd:a0:d7:2e:eb:
1d:69:51:4d:0d:e6:6a:38:1e:96:a4:5d:e4:1d:a1:69:ef:fb:
53:d5:16:af:9d:22:09:4f:8b:61:7e:e1:4b:a3:fc:68:f9:36:
ca:74:1f:7c:bf:bd:6c:9a:0f:b4:cb:7a:93:3b:4c:28:58:c7:
8c:47:2d:37:b2:a0:de:00:fb:6a:54:04:f7:96:af:f8:1c:c5:
72:33:81:5f:cd:29:53:4c:64:19:c1:cc:df:7d:4a:fd:c9:12:
8d:c8:59:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS/sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjIwMDI3WhcNMjcxMjEyMjIwMDI3WjAYMRYw
FAYDVQQDEw02NzcxYzY3ZS01MWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtH3/dDn2i6nrVYXQgSfj+2sjkWLqXaHmUcm83e+oagp1uMmjv/7Hou1K
LS6dSHYlVA6qVy8LvXd9YyLjfcu73xpUHWM5KvheQ06Yy+C1De76cgVe8dvvaYb9
rF3bNAWOJ/0OiY4AK/HmCQXCO3W4Za9cHX3fH7h6itOuw+YHFNuX2pjYTqOlx+nQ
sg6K+6pFVTUuog6NkOP67b7onsgAOeaxGlbSAJRZv09ZG+yp7RfYJAQlfdWDJLH1
L/r+34UThpYBdEYZOR8lOFpnjVzhh9inGjYrCLbcYU0lDZp3SsJL4H1mhDgd9DUb
5DBar9IQpMgl+erYIzuQ14MCMfQvgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFkj
vy5dBO/LZyzRa08neXywNjD/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MUM5MEFCNkM2MzAxMUVGQUZDMTZBNTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtnZMA0GCSqGSIb3DQEB
CwUAA4IBAQBQ839nhQYx2Bs11SVL6YpojgAbofb0vtWzyk1LlBRdsZMV3NQwNtx+
mtCRSYgMBCLnkYDElNyry6wMKgTDW7aqiVRfsHMFdT8wKIleNqX2YNoyKgWjzkc9
tRhj5GOsWrGer3go3P4aMSo2QA3XfXaz4N6II4rAhyVj1MM2oblCtrF2Sjtbo+4w
VHTPkiBiSgXfIoKJJbMRFOOCkfsgzaDXLusdaVFNDeZqOB6WpF3kHaFp7/tT1Rav
nSIJT4thfuFLo/xo+TbKdB98v71smg+0y3qTO0woWMeMRy03sqDeAPtqVAT3lq/4
HMVyM4FfzSlTTGQZwczffUr9yRKNyFnc
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:45 2025 by rpki-client