Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/53AA1AB2C35311EF8452E9AE762E951A.roa
File: 53AA1AB2C35311EF8452E9AE762E951A.roa (raw, json)
Hash identifier: /E4ihsuwiR899aZ3rA5941uINnpByJ4tkoeRWnnQEDM=
Subject key identifier: 0D:00:FA:99:D4:AE:11:9E:6E:7B:5B:5F:49:FA:2D:D4:E8:7E:DE:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0125C1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/53AA1AB2C35311EF8452E9AE762E951A.roa
Signing time: Thu 26 Dec 2024 06:33:32 +0000
ROA not before: Thu 26 Dec 2024 06:33:29 +0000
ROA not after: Sun 12 Dec 2027 06:33:29 +0000
asID: 17561
IP address blocks: 154.88.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75201 (0x125c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 06:33:29 2024 GMT
Not After : Dec 12 06:33:29 2027 GMT
Subject: CN=676cf8bc-ca7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bb:34:76:74:1f:f1:59:b9:9b:3d:47:ef:86:
19:59:8f:96:82:53:9f:99:e5:9c:e6:30:a8:62:0a:
05:1e:4d:1f:39:6c:51:e1:27:81:5a:f9:e9:72:1d:
f2:06:76:db:e0:29:30:54:5e:ed:1a:9e:ac:b8:fa:
1c:68:7c:6c:02:a4:88:11:01:b0:1a:eb:c5:b7:28:
37:a0:49:39:00:d0:9f:5a:ca:56:46:d0:d0:23:bb:
92:db:b0:b2:7c:43:15:d7:59:37:11:a0:63:87:e8:
a2:1f:db:cd:83:d3:89:b9:ed:3d:25:c6:92:8c:7c:
b6:72:52:ef:71:8c:77:2f:52:3f:c2:7f:4f:1f:d5:
50:28:16:11:dd:33:a6:90:13:90:f8:c2:96:0c:d6:
0a:31:b4:a2:88:7c:56:96:01:a9:ac:23:1e:7a:b9:
8f:3b:8d:9c:55:f5:58:ed:51:0c:a9:fc:11:69:4a:
71:b1:bd:6e:a6:19:16:18:6c:9e:c2:ba:37:5e:d2:
c4:d8:5d:cd:4f:b8:41:71:de:20:78:e6:22:a8:8f:
39:cb:1e:31:a5:fc:a8:f6:fd:f5:31:f4:5a:20:a6:
64:f1:26:f1:3d:1b:9b:fb:f5:d9:7a:98:18:03:f1:
58:44:57:bc:fb:9b:18:0b:fa:25:42:a7:69:5d:4c:
d2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:00:FA:99:D4:AE:11:9E:6E:7B:5B:5F:49:FA:2D:D4:E8:7E:DE:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/53AA1AB2C35311EF8452E9AE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.36.0/24
Signature Algorithm: sha256WithRSAEncryption
49:63:f1:50:d1:7c:02:ac:4f:f3:cf:da:33:98:84:71:ff:95:
20:41:24:96:85:a6:e0:0e:90:a5:8c:03:f0:da:ee:9b:f8:ce:
c6:0d:c6:d7:e9:d2:d8:66:29:36:43:36:6f:7d:07:62:92:61:
ed:5e:7f:f1:33:0a:65:44:46:b9:a0:41:3d:e9:67:32:2a:61:
d4:50:b7:4f:54:86:5f:6c:0d:d7:08:46:74:37:68:4c:3f:72:
24:cf:aa:85:a2:2a:b5:55:67:4c:be:9b:30:3f:4f:a3:4c:7b:
f5:5f:e5:63:18:c3:a3:b8:d1:d1:bb:0b:22:24:aa:51:3e:e1:
65:ba:69:bb:19:86:81:42:f7:08:94:7d:d3:ce:da:d2:18:db:
c5:38:c6:29:37:ea:f0:33:ea:94:7b:58:dd:fc:15:08:61:82:
23:a5:b2:9d:7e:27:c4:72:10:0e:02:59:1e:92:11:a5:8d:57:
2d:65:f2:d6:08:a5:69:6a:37:b3:e3:0d:75:4c:a9:a6:26:e6:
8b:84:8d:49:43:2c:6f:ff:fb:31:bf:84:c2:74:90:88:88:4f:
3d:ec:13:ce:79:8b:b7:a1:45:4e:64:6c:1d:fa:4a:34:2e:d7:
9d:b1:ea:28:85:65:f2:17:21:85:2e:f3:c3:dc:a7:5b:e3:ac:
6f:76:f8:67
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASXBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDYzMzI5WhcNMjcxMjEyMDYzMzI5WjAYMRYw
FAYDVQQDEw02NzZjZjhiYy1jYTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxLs0dnQf8Vm5mz1H74YZWY+WglOfmeWc5jCoYgoFHk0fOWxR4SeBWvnp
ch3yBnbb4CkwVF7tGp6suPocaHxsAqSIEQGwGuvFtyg3oEk5ANCfWspWRtDQI7uS
27CyfEMV11k3EaBjh+iiH9vNg9OJue09JcaSjHy2clLvcYx3L1I/wn9PH9VQKBYR
3TOmkBOQ+MKWDNYKMbSiiHxWlgGprCMeermPO42cVfVY7VEMqfwRaUpxsb1uphkW
GGyewro3XtLE2F3NT7hBcd4geOYiqI85yx4xpfyo9v31MfRaIKZk8SbxPRub+/XZ
epgYA/FYRFe8+5sYC/olQqdpXUzSCQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA0A
+pnUrhGebntbX0n6LdToft5XMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81M0FBMUFCMkMzNTMxMUVGODQ1MkU5QUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlgkMA0GCSqGSIb3DQEB
CwUAA4IBAQBJY/FQ0XwCrE/zz9ozmIRx/5UgQSSWhabgDpCljAPw2u6b+M7GDcbX
6dLYZik2QzZvfQdikmHtXn/xMwplREa5oEE96WcyKmHUULdPVIZfbA3XCEZ0N2hM
P3Ikz6qFoiq1VWdMvpswP0+jTHv1X+VjGMOjuNHRuwsiJKpRPuFlumm7GYaBQvcI
lH3TztrSGNvFOMYpN+rwM+qUe1jd/BUIYYIjpbKdfifEchAOAlkekhGljVctZfLW
CKVpajez4w11TKmmJuaLhI1JQyxv//sxv4TCdJCIiE897BPOeYu3oUVOZGwd+ko0
LtedseoohWXyFyGFLvPD3Kdb46xvdvhn
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:14:03 2025 by rpki-client