Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5531E378C3DB11EF8D6BA684762E951A.roa
File: 5531E378C3DB11EF8D6BA684762E951A.roa (raw, json)
Hash identifier: pZHRZs4feOUKwTCCcIDMm49JKYLVmILlr6JEYobrZzs=
Subject key identifier: D8:A6:DE:CF:85:F3:9C:F5:4E:44:81:86:77:4C:2F:C6:20:E3:6B:93
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0128A8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5531E378C3DB11EF8D6BA684762E951A.roa
Signing time: Thu 26 Dec 2024 22:47:07 +0000
ROA not before: Thu 26 Dec 2024 22:47:03 +0000
ROA not after: Sun 12 Dec 2027 22:47:03 +0000
asID: 17561
IP address blocks: 154.85.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75944 (0x128a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 22:47:03 2024 GMT
Not After : Dec 12 22:47:03 2027 GMT
Subject: CN=676ddceb-34e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7c:be:5f:ce:38:4f:15:8a:e0:43:c6:24:d7:
b6:03:ee:83:35:f8:fc:f7:4b:5e:cc:bb:52:3f:ca:
96:c6:03:25:de:29:11:b1:49:8c:27:d8:26:33:fa:
b8:7b:5e:2a:df:74:39:bd:91:70:20:e4:1a:40:bc:
15:f2:84:01:d9:b7:a2:de:45:1c:5e:02:b2:90:5c:
49:fc:61:9f:fb:1c:11:80:47:b9:3f:2e:6d:06:1b:
6e:21:d8:f5:af:95:b6:46:d9:c7:f1:fe:95:10:b2:
65:29:0a:64:57:65:f7:0c:79:f7:16:95:7d:1d:9b:
c2:3c:96:8f:5a:2a:a2:a0:61:d8:54:e9:f5:76:f1:
f9:f8:7f:0f:51:6a:a6:22:1d:de:d1:53:5f:75:86:
eb:3d:ca:8c:19:27:34:9a:29:f1:22:bc:ed:57:c4:
70:b3:4d:67:78:2f:69:ce:5c:dc:db:7a:64:dd:40:
4c:8d:c3:ea:5e:af:c5:ee:09:12:73:c6:18:13:12:
33:94:24:d9:96:8f:35:eb:5b:f4:e1:a8:48:90:74:
1e:ce:88:08:43:11:a3:20:49:60:ba:96:32:03:d5:
cf:10:2f:03:3f:be:1c:72:54:58:29:03:5a:f8:29:
2f:80:4d:94:2e:e1:a8:ea:7f:1b:c6:c4:79:bc:bb:
a7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A6:DE:CF:85:F3:9C:F5:4E:44:81:86:77:4C:2F:C6:20:E3:6B:93
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5531E378C3DB11EF8D6BA684762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.30.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:92:bd:e0:0d:f1:25:99:74:12:bc:0a:25:06:96:f9:09:b6:
cc:50:52:b9:30:b1:37:b9:ed:0f:ba:e0:3b:e5:62:90:fa:49:
3d:2f:42:65:c5:d6:04:d5:32:cd:1c:cd:b9:14:20:4d:1e:30:
84:cf:58:34:09:f1:bc:11:e6:35:bf:65:70:55:fd:38:c5:0a:
8b:4b:0b:08:d5:c4:e8:08:ad:ca:af:2b:b5:2a:6e:74:e4:f2:
f1:97:c6:90:3a:31:0b:d4:e8:26:57:71:da:af:06:b9:ee:b0:
13:46:f4:04:33:7d:7a:7a:73:20:a7:77:a6:5d:40:ce:ab:06:
7e:cd:34:b5:30:5f:9d:c0:bc:2f:46:47:cc:d0:f0:33:da:d3:
19:e5:ea:29:66:38:f8:08:1d:08:e1:d5:1f:8e:6b:21:52:c3:
a9:55:be:c6:d9:22:5e:f7:e5:ee:b8:a7:13:71:e2:38:83:83:
d4:ac:a2:b2:32:57:b3:fb:9f:fd:7d:86:ac:9f:e5:3a:1a:91:
c2:2e:ec:f1:c2:92:5d:ec:8d:59:c5:e1:e1:cc:26:9a:fa:62:
d5:4b:a3:37:2f:e2:99:e2:53:c1:9a:95:ba:3e:dd:48:61:14:
cd:b1:d4:fd:69:b8:58:16:bd:c8:fa:7c:35:2e:9a:0a:7c:ec:
39:6e:29:5e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASioMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjI0NzAzWhcNMjcxMjEyMjI0NzAzWjAYMRYw
FAYDVQQDEw02NzZkZGNlYi0zNGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxXy+X844TxWK4EPGJNe2A+6DNfj890tezLtSP8qWxgMl3ikRsUmMJ9gm
M/q4e14q33Q5vZFwIOQaQLwV8oQB2bei3kUcXgKykFxJ/GGf+xwRgEe5Py5tBhtu
Idj1r5W2RtnH8f6VELJlKQpkV2X3DHn3FpV9HZvCPJaPWiqioGHYVOn1dvH5+H8P
UWqmIh3e0VNfdYbrPcqMGSc0minxIrztV8Rws01neC9pzlzc23pk3UBMjcPqXq/F
7gkSc8YYExIzlCTZlo8161v04ahIkHQezogIQxGjIElgupYyA9XPEC8DP74cclRY
KQNa+CkvgE2ULuGo6n8bxsR5vLunEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNim
3s+F85z1TkSBhndML8Yg42uTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NTMxRTM3OEMzREIxMUVGOEQ2QkE2ODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlUeMA0GCSqGSIb3DQEB
CwUAA4IBAQCLkr3gDfElmXQSvAolBpb5CbbMUFK5MLE3ue0PuuA75WKQ+kk9L0Jl
xdYE1TLNHM25FCBNHjCEz1g0CfG8EeY1v2VwVf04xQqLSwsI1cToCK3Kryu1Km50
5PLxl8aQOjEL1OgmV3Harwa57rATRvQEM316enMgp3emXUDOqwZ+zTS1MF+dwLwv
RkfM0PAz2tMZ5eopZjj4CB0I4dUfjmshUsOpVb7G2SJe9+XuuKcTceI4g4PUrKKy
Mlez+5/9fYasn+U6GpHCLuzxwpJd7I1ZxeHhzCaa+mLVS6M3L+KZ4lPBmpW6Pt1I
YRTNsdT9abhYFr3I+nw1LpoKfOw5bile
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:24:33 2025 by rpki-client