Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/566E441EC1B711EFAB3F0468762E951A.roa
File: 566E441EC1B711EFAB3F0468762E951A.roa (raw, json)
Hash identifier: MYYdu00ZTxMQPm3fXA7lVHuWH1VaWGHwfY8Aq/HzTe8=
Subject key identifier: 18:4A:E7:8C:0E:05:C2:47:47:D9:87:0C:85:FA:88:CE:09:07:E1:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0121BF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/566E441EC1B711EFAB3F0468762E951A.roa
Signing time: Tue 24 Dec 2024 05:24:25 +0000
ROA not before: Tue 24 Dec 2024 05:24:21 +0000
ROA not after: Wed 10 Dec 2025 05:24:21 +0000
asID: 984
IP address blocks: 154.193.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74175 (0x121bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 05:24:21 2024 GMT
Not After : Dec 10 05:24:21 2025 GMT
Subject: CN=676a4588-eeed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9d:76:2d:80:08:09:18:ef:78:83:b2:09:3d:
94:f0:70:19:92:73:ec:c3:15:79:5d:43:04:28:50:
23:d7:f3:f8:3c:15:f2:b6:46:6f:85:49:b9:38:d0:
6a:ea:4a:de:63:ee:55:e8:7d:43:91:65:49:2e:a0:
36:cf:ff:da:b0:f1:cc:68:44:50:38:32:8b:2e:75:
a8:1c:17:45:91:05:a8:ac:fa:0b:64:fb:7e:c0:40:
fe:3d:6d:e0:da:a7:b0:b4:cb:5e:3b:e5:a3:62:e8:
12:66:3c:1e:64:36:ea:dc:b5:d0:88:50:f5:1b:b8:
ae:bd:61:d8:a7:0e:d3:17:9f:f2:bc:7e:fd:45:55:
68:a4:c6:a1:8e:72:83:e2:dd:a9:bc:8f:1b:9d:ce:
c8:44:47:f2:0a:21:9a:40:75:bb:dc:7e:28:2e:21:
0e:0f:f3:ad:15:e0:5e:ff:b3:96:fb:25:46:b9:9d:
f7:92:6f:f9:6f:05:bf:18:35:07:4f:46:5c:09:38:
98:4d:0b:03:b3:d9:56:ec:90:16:8b:58:bd:43:4a:
c5:11:42:12:28:55:dc:a3:73:a8:47:5c:14:a0:c4:
93:01:23:b1:2d:0d:3f:27:3b:af:aa:4b:da:2a:88:
51:e9:be:d1:b1:46:35:53:fa:71:6f:b2:b2:13:f9:
0f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4A:E7:8C:0E:05:C2:47:47:D9:87:0C:85:FA:88:CE:09:07:E1:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/566E441EC1B711EFAB3F0468762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.153.0/24
Signature Algorithm: sha256WithRSAEncryption
41:ff:58:bf:c2:bd:8b:35:0f:57:c6:3b:aa:a0:22:69:44:f8:
5c:2c:2c:a8:96:b3:7c:80:75:1c:92:50:89:aa:4f:b2:c0:8e:
b8:2c:98:95:f2:5f:30:f5:d7:8d:c7:17:45:e0:ac:6d:ea:8f:
ce:a8:92:7a:e3:ca:41:e3:8c:d3:dc:75:ea:95:fd:85:15:d4:
e5:35:ee:54:02:aa:42:76:fe:a0:15:fb:c4:b9:09:be:2a:55:
d7:7f:aa:e6:13:0d:4b:0a:7f:ac:75:5a:8d:ad:9c:50:de:cc:
f6:0b:47:6c:7c:88:96:70:85:e4:a9:91:cb:a1:b1:1e:c8:98:
e2:df:61:90:32:4c:b0:6c:f1:08:ea:70:39:05:26:f9:9e:40:
cd:14:ad:6b:b6:cc:7d:6d:f0:a9:cc:08:99:78:7e:13:8e:62:
c2:4f:51:80:24:a4:35:59:14:1e:35:05:70:75:50:d0:54:c2:
96:d3:fe:5b:18:62:16:eb:f2:32:a4:8c:ba:7e:76:13:e0:d6:
81:b0:75:a4:2d:93:a9:90:fd:14:c5:8d:69:da:4f:3f:0d:d4:
ac:c7:96:33:a0:f5:be:23:4e:06:13:14:30:29:2f:61:c2:3d:
f7:c3:d6:ef:83:72:91:b0:07:61:44:01:65:4c:f0:be:73:6a:
1b:93:05:5e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASG/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDUyNDIxWhcNMjUxMjEwMDUyNDIxWjAYMRYw
FAYDVQQDEw02NzZhNDU4OC1lZWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Z12LYAICRjveIOyCT2U8HAZknPswxV5XUMEKFAj1/P4PBXytkZvhUm5
ONBq6kreY+5V6H1DkWVJLqA2z//asPHMaERQODKLLnWoHBdFkQWorPoLZPt+wED+
PW3g2qewtMteO+WjYugSZjweZDbq3LXQiFD1G7iuvWHYpw7TF5/yvH79RVVopMah
jnKD4t2pvI8bnc7IREfyCiGaQHW73H4oLiEOD/OtFeBe/7OW+yVGuZ33km/5bwW/
GDUHT0ZcCTiYTQsDs9lW7JAWi1i9Q0rFEUISKFXco3OoR1wUoMSTASOxLQ0/Jzuv
qkvaKohR6b7RsUY1U/pxb7KyE/kPqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBhK
54wOBcJHR9mHDIX6iM4JB+F7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjZFNDQxRUMxQjcxMUVGQUIzRjA0Njg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGZMA0GCSqGSIb3DQEB
CwUAA4IBAQBB/1i/wr2LNQ9XxjuqoCJpRPhcLCyolrN8gHUcklCJqk+ywI64LJiV
8l8w9deNxxdF4Kxt6o/OqJJ648pB44zT3HXqlf2FFdTlNe5UAqpCdv6gFfvEuQm+
KlXXf6rmEw1LCn+sdVqNrZxQ3sz2C0dsfIiWcIXkqZHLobEeyJji32GQMkywbPEI
6nA5BSb5nkDNFK1rtsx9bfCpzAiZeH4TjmLCT1GAJKQ1WRQeNQVwdVDQVMKW0/5b
GGIW6/IypIy6fnYT4NaBsHWkLZOpkP0UxY1p2k8/DdSsx5YzoPW+I04GExQwKS9h
wj33w9bvg3KRsAdhRAFlTPC+c2obkwVe
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:16:43 2025 by rpki-client