Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5AA0EB72C05911EFB693D440762E951A.roa
File: 5AA0EB72C05911EFB693D440762E951A.roa (raw, json)
Hash identifier: ZFws4IuVuSMYOl4zgm3KwkCQTZtmNoLcPG7NDBaVUME=
Subject key identifier: 45:64:93:25:FB:8E:C3:9D:97:CF:09:84:B9:24:92:E8:54:BA:38:3A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011DAE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5AA0EB72C05911EFB693D440762E951A.roa
Signing time: Sun 22 Dec 2024 11:39:08 +0000
ROA not before: Sun 22 Dec 2024 11:39:04 +0000
ROA not after: Mon 22 Dec 2025 11:39:04 +0000
asID: 152450
IP address blocks: 154.211.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73134 (0x11dae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 22 11:39:04 2024 GMT
Not After : Dec 22 11:39:04 2025 GMT
Subject: CN=6767fa5c-0a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7a:c7:2a:bc:60:ae:2a:7c:28:dd:c8:d0:48:
6f:ea:b0:6e:fa:a0:0c:0c:cb:46:bc:b7:5d:61:66:
46:86:a2:f9:7a:ad:ff:01:3a:5a:05:06:99:a7:29:
55:54:e4:d6:ba:1c:48:f8:e4:e5:5e:37:d4:49:1c:
ef:eb:e5:7a:2d:c1:fb:47:e2:86:7e:e4:98:ff:4a:
85:bd:18:11:f7:03:29:12:7f:c7:86:fb:7f:92:47:
2d:b5:f5:65:4c:f3:e0:4b:49:3f:8b:88:39:ab:2f:
19:e0:7a:6d:ce:44:76:90:cd:c3:04:9a:6a:56:0d:
c3:20:36:b8:6c:2b:2c:f1:97:ab:8b:fc:c3:06:61:
20:92:44:80:9a:ec:30:0e:a6:fc:a4:7b:ae:85:7c:
2e:d0:29:b0:27:95:dd:13:32:21:e7:17:89:c2:ae:
c3:34:6b:b5:dd:73:1d:31:1a:a8:6e:01:11:ee:a3:
90:e0:d6:ea:ea:9b:8d:bf:59:a8:a4:ff:7d:a5:91:
c2:59:a8:82:c8:c2:96:1f:21:d9:2c:1a:a1:cb:e3:
98:10:2c:a5:09:ed:f1:85:c5:37:2c:d7:22:0a:c1:
57:11:f8:52:24:89:4c:24:03:5e:f9:26:3d:6d:08:
34:47:b8:04:0b:b4:00:7a:1c:30:f4:5a:32:b1:63:
11:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:64:93:25:FB:8E:C3:9D:97:CF:09:84:B9:24:92:E8:54:BA:38:3A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5AA0EB72C05911EFB693D440762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.20.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:45:dd:aa:97:f7:97:91:65:7f:af:a4:9b:86:d2:b4:ae:c8:
18:4a:b4:a8:19:5e:f2:99:93:4d:22:e6:65:bd:4d:39:14:40:
8b:f5:c0:d4:48:84:06:0b:d2:f8:62:8d:77:a3:e6:32:76:8b:
e7:65:c7:e2:f6:27:df:5c:71:ee:d4:ef:02:99:83:92:66:ae:
0d:3e:0a:93:8d:3e:65:b2:32:f2:9b:7e:a0:99:ef:b7:cd:5f:
da:aa:67:1a:43:f4:06:0d:cd:6b:e6:cb:ae:4c:69:16:b2:0f:
27:8f:50:b2:06:ee:28:b5:ff:b9:1c:0b:a4:6e:1c:c2:4e:97:
d8:7e:38:22:c6:6f:73:94:0d:2c:4a:63:9d:48:b8:9a:24:6f:
67:35:2f:29:11:05:40:f3:b4:68:19:d4:9f:d5:77:82:f5:25:
d7:dd:c4:e9:22:61:71:14:09:a8:d6:70:b6:9c:cd:18:7c:41:
58:55:3a:da:fb:3e:85:37:0c:11:f8:71:df:4a:18:52:d9:82:
f7:de:5f:b9:8e:7a:5b:76:dd:49:30:bf:6d:68:f3:0a:6c:9e:
6d:69:60:9e:ad:38:af:98:85:d8:00:2b:1b:16:17:f2:ff:5b:
68:b9:24:47:0d:e2:ee:96:c1:de:fb:b3:6b:45:c0:d0:12:6b:
44:15:ef:c7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR2uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIyMTEzOTA0WhcNMjUxMjIyMTEzOTA0WjAYMRYw
FAYDVQQDEw02NzY3ZmE1Yy0wYTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArXrHKrxgrip8KN3I0Ehv6rBu+qAMDMtGvLddYWZGhqL5eq3/ATpaBQaZ
pylVVOTWuhxI+OTlXjfUSRzv6+V6LcH7R+KGfuSY/0qFvRgR9wMpEn/Hhvt/kkct
tfVlTPPgS0k/i4g5qy8Z4HptzkR2kM3DBJpqVg3DIDa4bCss8Zeri/zDBmEgkkSA
muwwDqb8pHuuhXwu0CmwJ5XdEzIh5xeJwq7DNGu13XMdMRqobgER7qOQ4Nbq6puN
v1mopP99pZHCWaiCyMKWHyHZLBqhy+OYECylCe3xhcU3LNciCsFXEfhSJIlMJANe
+SY9bQg0R7gEC7QAehww9FoysWMRxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEVk
kyX7jsOdl88JhLkkkuhUujg6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QUEwRUI3MkMwNTkxMUVGQjY5M0Q0NDA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtMUMA0GCSqGSIb3DQEB
CwUAA4IBAQC3Rd2ql/eXkWV/r6SbhtK0rsgYSrSoGV7ymZNNIuZlvU05FECL9cDU
SIQGC9L4Yo13o+YydovnZcfi9iffXHHu1O8CmYOSZq4NPgqTjT5lsjLym36gme+3
zV/aqmcaQ/QGDc1r5suuTGkWsg8nj1CyBu4otf+5HAukbhzCTpfYfjgixm9zlA0s
SmOdSLiaJG9nNS8pEQVA87RoGdSf1XeC9SXX3cTpImFxFAmo1nC2nM0YfEFYVTra
+z6FNwwR+HHfShhS2YL33l+5jnpbdt1JML9taPMKbJ5taWCerTivmIXYACsbFhfy
/1touSRHDeLulsHe+7NrRcDQEmtEFe/H
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:14:37 2025 by rpki-client