Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5201023AC1B811EF8E3A7C6E762E951A.roa
File: 5201023AC1B811EF8E3A7C6E762E951A.roa (raw, json)
Hash identifier: z891jeAnLTUqu6PC7UURHbixqMoQkBMIqyiSz7JCkZE=
Subject key identifier: 3A:27:AA:0D:B2:10:F0:FD:0F:9D:D6:F8:65:EE:3D:A2:91:D4:67:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0121CB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5201023AC1B811EF8E3A7C6E762E951A.roa
Signing time: Tue 24 Dec 2024 05:31:27 +0000
ROA not before: Tue 24 Dec 2024 05:31:23 +0000
ROA not after: Wed 10 Dec 2025 05:31:23 +0000
asID: 984
IP address blocks: 154.193.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74187 (0x121cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 05:31:23 2024 GMT
Not After : Dec 10 05:31:23 2025 GMT
Subject: CN=676a472e-f1ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:08:2c:67:a0:96:8c:95:cf:13:ea:f2:04:5d:
70:90:22:c6:62:a6:76:f8:84:d8:c0:a4:a1:99:c1:
96:bc:1e:54:a6:7a:1b:d3:1d:89:4d:6c:c7:e4:85:
18:86:b2:ce:85:1a:2e:f0:86:cf:cd:99:50:01:3b:
5a:68:47:f2:5c:bf:5c:9c:fd:59:78:82:f8:35:2e:
48:48:69:52:9e:86:31:0f:4e:3e:f0:0e:fc:56:1f:
fb:fb:f9:04:68:a6:b6:19:ac:29:7e:a1:85:9f:10:
6e:01:68:19:22:4f:75:bc:af:dc:9b:9e:08:89:89:
a8:96:d4:13:77:7a:37:72:94:fb:3f:b5:78:7a:4c:
72:82:37:a1:fc:12:f8:40:ff:33:fe:43:5e:9a:9c:
ae:82:dc:2e:a3:ad:5e:94:af:96:3e:dc:2b:e8:a3:
fd:5e:de:3a:1a:6a:70:a9:97:20:83:a8:53:fe:a5:
34:0d:fe:50:20:c6:66:7d:87:ed:76:c4:a8:65:4a:
dd:43:12:02:51:d7:ef:6b:46:1e:71:1b:73:5d:97:
94:fb:53:d8:40:b2:e9:6d:9f:ca:16:9e:8e:ca:89:
1a:a5:ac:ea:a8:22:a6:61:01:67:39:03:1e:e6:82:
f9:04:9f:e2:14:37:22:a7:06:49:0b:4e:8b:68:40:
e0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:27:AA:0D:B2:10:F0:FD:0F:9D:D6:F8:65:EE:3D:A2:91:D4:67:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5201023AC1B811EF8E3A7C6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.159.0/24
Signature Algorithm: sha256WithRSAEncryption
23:77:43:55:cd:6c:01:a5:05:f9:71:93:9c:12:14:5c:2b:4b:
e6:bf:ec:f3:df:0c:ce:fb:42:9f:f3:13:fb:51:44:6f:d8:2b:
e8:59:5f:62:5c:05:70:59:92:fa:ad:41:92:f6:c3:8a:a5:11:
4c:5e:ef:79:7d:6c:5b:39:71:b4:f1:4d:9b:80:96:0d:82:aa:
ac:6c:2b:65:e0:30:9e:ea:a8:cf:14:89:4d:8d:4f:55:79:55:
9b:dc:65:2e:05:c8:d2:19:6a:38:6f:d8:b8:a4:9b:b7:82:32:
e6:09:c0:39:7b:c9:eb:a4:fd:9d:cf:97:da:ed:73:5a:e7:ba:
8f:d9:3e:47:db:6b:cc:77:37:dc:35:de:0a:1b:10:ac:8e:a0:
a4:6b:e0:11:eb:24:16:93:85:ea:3c:48:e3:67:90:5c:d7:05:
74:c0:51:35:7e:64:2a:cf:d6:1d:30:e4:ab:3e:95:8e:e1:90:
de:cb:4f:9b:04:3c:49:c0:a9:41:d6:ee:bc:3a:36:e1:06:d3:
87:90:70:f8:42:8a:a7:af:e2:42:32:51:d2:f3:c5:bc:fe:b7:
79:67:5b:ad:f0:10:ba:cf:c7:12:b1:4d:40:dc:b1:b4:6f:71:
eb:d7:88:82:5d:65:1a:94:e5:b3:f9:6f:0d:b9:69:d8:23:6b:
c6:a7:2e:28
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASHLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDUzMTIzWhcNMjUxMjEwMDUzMTIzWjAYMRYw
FAYDVQQDEw02NzZhNDcyZS1mMWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtwgsZ6CWjJXPE+ryBF1wkCLGYqZ2+ITYwKShmcGWvB5Upnob0x2JTWzH
5IUYhrLOhRou8IbPzZlQATtaaEfyXL9cnP1ZeIL4NS5ISGlSnoYxD04+8A78Vh/7
+/kEaKa2GawpfqGFnxBuAWgZIk91vK/cm54IiYmoltQTd3o3cpT7P7V4ekxygjeh
/BL4QP8z/kNempyugtwuo61elK+WPtwr6KP9Xt46GmpwqZcgg6hT/qU0Df5QIMZm
fYftdsSoZUrdQxICUdfva0YecRtzXZeU+1PYQLLpbZ/KFp6OyokapazqqCKmYQFn
OQMe5oL5BJ/iFDcipwZJC06LaEDgOwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDon
qg2yEPD9D53W+GXuPaKR1GfiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MjAxMDIzQUMxQjgxMUVGOEUzQTdDNkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGfMA0GCSqGSIb3DQEB
CwUAA4IBAQAjd0NVzWwBpQX5cZOcEhRcK0vmv+zz3wzO+0Kf8xP7UURv2CvoWV9i
XAVwWZL6rUGS9sOKpRFMXu95fWxbOXG08U2bgJYNgqqsbCtl4DCe6qjPFIlNjU9V
eVWb3GUuBcjSGWo4b9i4pJu3gjLmCcA5e8nrpP2dz5fa7XNa57qP2T5H22vMdzfc
Nd4KGxCsjqCka+AR6yQWk4XqPEjjZ5Bc1wV0wFE1fmQqz9YdMOSrPpWO4ZDey0+b
BDxJwKlB1u68OjbhBtOHkHD4Qoqnr+JCMlHS88W8/rd5Z1ut8BC6z8cSsU1A3LG0
b3Hr14iCXWUalOWz+W8NuWnYI2vGpy4o
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:13 2025 by rpki-client