Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/531CC8C8C27811EFB7E12C45762E951A.roa
File: 531CC8C8C27811EFB7E12C45762E951A.roa (raw, json)
Hash identifier: DD9etLo8q0MeznXVD9s7L8GFETcPtMP7IpDxYDMJzRw=
Subject key identifier: D3:39:F0:0F:23:EE:E7:FC:96:92:5C:FF:09:58:6C:E8:58:13:46:6C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0124B4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/531CC8C8C27811EFB7E12C45762E951A.roa
Signing time: Wed 25 Dec 2024 04:25:52 +0000
ROA not before: Wed 25 Dec 2024 04:25:48 +0000
ROA not after: Wed 10 Dec 2025 04:25:48 +0000
asID: 984
IP address blocks: 154.211.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74932 (0x124b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 04:25:48 2024 GMT
Not After : Dec 10 04:25:48 2025 GMT
Subject: CN=676b8950-a0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8d:6b:70:3c:68:c7:fb:64:c9:63:47:2f:49:
b3:fd:94:3d:47:07:1c:82:ca:23:2c:0d:6d:6e:d3:
69:07:3a:24:3a:e1:2d:4e:36:84:83:1f:65:ed:b8:
74:80:94:f1:55:5c:b5:86:3a:dc:82:21:39:14:e5:
da:b7:cd:c0:3b:f5:75:e4:d0:78:f9:bb:00:0a:48:
21:6e:91:89:a2:6f:45:dd:28:9e:be:f7:16:e1:b6:
c2:ec:3e:25:55:4d:69:a1:62:d3:dd:f8:55:c3:bb:
df:ed:bd:ee:a9:df:bd:b4:94:2b:ca:eb:48:bc:55:
44:89:68:b6:f1:02:7d:56:1e:99:e1:b4:6a:74:b6:
88:58:11:e6:48:a5:6f:94:4e:67:7b:75:24:f0:0e:
7a:88:af:f7:52:bf:81:c8:da:0c:07:7e:02:e7:c3:
55:a0:8f:18:ce:86:d7:1b:07:b7:2b:a8:e0:0d:95:
bc:c8:5d:09:4c:bc:df:46:48:9c:6e:ff:14:c4:3a:
43:fe:8d:19:53:e8:82:90:ce:5d:30:61:20:bf:02:
60:bc:77:b1:d5:f3:63:63:f5:80:5b:53:2e:14:64:
af:40:23:96:a8:56:05:7a:00:18:89:f2:be:05:b3:
06:7d:ca:a7:9a:49:87:a7:be:e2:1a:34:47:7c:dd:
78:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:39:F0:0F:23:EE:E7:FC:96:92:5C:FF:09:58:6C:E8:58:13:46:6C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/531CC8C8C27811EFB7E12C45762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.247.0/24
Signature Algorithm: sha256WithRSAEncryption
01:ca:6e:6e:e2:9d:07:4e:89:90:9a:c7:70:27:87:5d:55:d8:
ac:3c:a7:c8:77:9b:13:bf:b4:00:d4:d7:c5:36:ab:6c:9f:5c:
25:8c:98:1a:a4:2b:cd:19:aa:ba:be:ae:9f:95:91:74:67:1a:
e4:c3:c9:b1:98:39:0f:b0:a2:87:d3:ee:79:32:61:44:be:cf:
70:ef:44:6e:d3:b1:6b:2d:40:f3:8a:ec:b8:05:3e:91:46:c8:
b3:19:9f:98:0f:b4:a1:43:23:4b:0f:5a:61:07:5d:f8:c3:e0:
25:ba:15:08:f3:dd:53:f4:aa:17:d9:2a:7a:c4:f4:47:e9:58:
fa:17:f0:19:1a:6a:a9:cc:a3:ca:74:cc:91:5d:d5:cc:87:b5:
51:cb:34:bb:5a:b8:3b:e6:27:93:36:18:13:0b:84:d8:a5:e5:
38:8b:53:00:96:03:07:e4:6b:d1:a7:ce:9c:b3:73:ec:85:e0:
1a:1c:d2:19:55:3c:b4:d5:b6:0b:5f:ac:ad:16:e7:6b:9d:72:
76:f7:62:18:16:3a:a8:d6:c5:fd:d5:db:9b:28:74:a3:83:57:
9a:75:25:31:1a:69:42:cd:63:4f:4f:46:ef:a1:db:91:4f:cf:
ce:8f:d6:58:b4:fd:c3:a5:72:e7:dc:3a:45:3e:e8:8f:55:95:
6f:c0:7a:9a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASS0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDQyNTQ4WhcNMjUxMjEwMDQyNTQ4WjAYMRYw
FAYDVQQDEw02NzZiODk1MC1hMGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1o1rcDxox/tkyWNHL0mz/ZQ9RwccgsojLA1tbtNpBzokOuEtTjaEgx9l
7bh0gJTxVVy1hjrcgiE5FOXat83AO/V15NB4+bsACkghbpGJom9F3SievvcW4bbC
7D4lVU1poWLT3fhVw7vf7b3uqd+9tJQryutIvFVEiWi28QJ9Vh6Z4bRqdLaIWBHm
SKVvlE5ne3Uk8A56iK/3Ur+ByNoMB34C58NVoI8YzobXGwe3K6jgDZW8yF0JTLzf
Rkicbv8UxDpD/o0ZU+iCkM5dMGEgvwJgvHex1fNjY/WAW1MuFGSvQCOWqFYFegAY
ifK+BbMGfcqnmkmHp77iGjRHfN14NQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNM5
8A8j7uf8lpJc/wlYbOhYE0ZsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MzFDQzhDOEMyNzgxMUVGQjdFMTJDNDU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtP3MA0GCSqGSIb3DQEB
CwUAA4IBAQABym5u4p0HTomQmsdwJ4ddVdisPKfId5sTv7QA1NfFNqtsn1wljJga
pCvNGaq6vq6flZF0Zxrkw8mxmDkPsKKH0+55MmFEvs9w70Ru07FrLUDziuy4BT6R
RsizGZ+YD7ShQyNLD1phB134w+AluhUI891T9KoX2Sp6xPRH6Vj6F/AZGmqpzKPK
dMyRXdXMh7VRyzS7Wrg75ieTNhgTC4TYpeU4i1MAlgMH5GvRp86cs3PsheAaHNIZ
VTy01bYLX6ytFudrnXJ292IYFjqo1sX91dubKHSjg1eadSUxGmlCzWNPT0bvoduR
T8/Oj9ZYtP3DpXLn3DpFPuiPVZVvwHqa
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:36 2025 by rpki-client