Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F2EDC28C41C11EF86FA8EB3762E951A.roa
File: 5F2EDC28C41C11EF86FA8EB3762E951A.roa (raw, json)
Hash identifier: ZyHYqPSHY8Xd9jOH9ePhzub0eV46qzxhZXJWhC6GyNg=
Subject key identifier: 81:D1:E1:59:D5:77:A3:A9:C8:58:D5:C8:96:9E:01:D6:BA:7C:3E:4C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012991
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F2EDC28C41C11EF86FA8EB3762E951A.roa
Signing time: Fri 27 Dec 2024 06:32:41 +0000
ROA not before: Fri 27 Dec 2024 06:32:37 +0000
ROA not after: Sun 12 Dec 2027 06:32:37 +0000
asID: 17561
IP address blocks: 154.201.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76177 (0x12991)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 06:32:37 2024 GMT
Not After : Dec 12 06:32:37 2027 GMT
Subject: CN=676e4a09-9112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:7c:a7:e9:86:0f:d4:9e:66:6b:19:d3:f6:b3:
53:e5:48:70:7c:18:15:c4:84:09:88:c6:ae:df:d6:
c5:88:26:82:e8:d8:1b:c0:4d:0c:c8:07:aa:de:00:
3e:09:3f:0c:f1:ae:99:1a:19:35:49:6f:dc:cc:a3:
11:ed:8d:19:80:c4:9e:1b:ce:72:0a:b7:1b:65:b0:
9d:e2:97:fd:25:61:ad:48:80:b5:81:e2:79:e8:a8:
b1:cd:6a:0a:96:53:7e:ef:9e:9a:f3:a8:a7:e8:a3:
23:ff:2e:2f:b9:6b:62:d6:71:54:56:ab:f0:42:88:
51:bf:ba:26:6e:6f:95:2b:58:0b:c2:12:98:ea:b9:
ff:0a:76:ff:25:79:78:ae:70:6c:79:dc:4e:2a:7e:
b9:f6:48:c9:df:a2:24:b9:94:c8:e7:e0:8a:c0:bf:
e2:e9:de:4f:a0:c5:4a:06:56:96:59:4c:79:e4:58:
2e:e4:2d:64:8a:d3:18:98:2a:e3:a3:61:95:03:54:
27:e1:c2:32:1a:77:47:13:ad:be:ba:ee:72:5c:41:
8a:2e:b6:fc:1d:be:de:58:07:66:22:92:26:ed:4d:
a9:e0:74:1d:7d:d5:b0:98:0f:04:d1:b5:d9:be:4f:
f4:4f:58:dc:44:1d:06:fc:d0:bc:4b:8c:69:68:fd:
cb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D1:E1:59:D5:77:A3:A9:C8:58:D5:C8:96:9E:01:D6:BA:7C:3E:4C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F2EDC28C41C11EF86FA8EB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.23.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:cf:c1:ff:c9:28:d2:06:5e:c8:7c:aa:6a:9d:e9:6a:1f:2e:
fd:ae:97:9b:80:40:8b:82:28:ce:93:2c:0f:63:5d:b3:51:b4:
f2:e4:bb:5b:e5:38:3a:68:71:fe:8e:d6:47:a9:5c:5f:36:f6:
72:06:4c:b4:5f:a7:01:c6:62:9a:b8:27:5b:c6:0a:69:75:ba:
e3:c5:37:b7:89:91:71:cc:54:bb:54:ab:20:f3:12:76:d9:6c:
db:fc:d4:58:c7:3b:94:58:3a:3f:42:43:f6:2d:cd:70:6e:72:
52:26:14:de:d0:a3:41:5f:46:74:83:1f:e6:fc:2d:eb:8b:a9:
3d:ea:76:33:87:f0:8b:30:1a:84:e3:54:79:ac:69:c3:24:ae:
a9:35:bc:af:85:d6:05:53:4b:d7:1e:1f:23:d0:38:c1:38:c9:
26:43:f0:ae:f2:04:38:23:96:3a:a8:2b:f9:28:07:3f:a8:03:
12:5a:48:9b:0a:cd:bf:71:93:41:51:f2:f8:75:09:bc:22:3c:
6a:95:b0:e0:b9:47:07:39:92:eb:f7:c5:02:42:6b:07:1f:2a:
d2:94:89:72:fc:75:13:c7:38:d6:82:63:9a:f9:34:d6:c7:2d:
d3:2b:f9:10:1e:64:59:8b:95:19:fb:a8:0c:23:d8:b4:25:04:
05:4f:a6:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASmRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDYzMjM3WhcNMjcxMjEyMDYzMjM3WjAYMRYw
FAYDVQQDEw02NzZlNGEwOS05MTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9Hyn6YYP1J5maxnT9rNT5UhwfBgVxIQJiMau39bFiCaC6NgbwE0MyAeq
3gA+CT8M8a6ZGhk1SW/czKMR7Y0ZgMSeG85yCrcbZbCd4pf9JWGtSIC1geJ56Kix
zWoKllN+756a86in6KMj/y4vuWti1nFUVqvwQohRv7ombm+VK1gLwhKY6rn/Cnb/
JXl4rnBsedxOKn659kjJ36IkuZTI5+CKwL/i6d5PoMVKBlaWWUx55Fgu5C1kitMY
mCrjo2GVA1Qn4cIyGndHE62+uu5yXEGKLrb8Hb7eWAdmIpIm7U2p4HQdfdWwmA8E
0bXZvk/0T1jcRB0G/NC8S4xpaP3LoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIHR
4VnVd6OpyFjVyJaeAda6fD5MMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RjJFREMyOEM0MUMxMUVGODZGQThFQjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmskXMA0GCSqGSIb3DQEB
CwUAA4IBAQAbz8H/ySjSBl7IfKpqnelqHy79rpebgECLgijOkywPY12zUbTy5Ltb
5Tg6aHH+jtZHqVxfNvZyBky0X6cBxmKauCdbxgppdbrjxTe3iZFxzFS7VKsg8xJ2
2Wzb/NRYxzuUWDo/QkP2Lc1wbnJSJhTe0KNBX0Z0gx/m/C3ri6k96nYzh/CLMBqE
41R5rGnDJK6pNbyvhdYFU0vXHh8j0DjBOMkmQ/Cu8gQ4I5Y6qCv5KAc/qAMSWkib
Cs2/cZNBUfL4dQm8IjxqlbDguUcHOZLr98UCQmsHHyrSlIly/HUTxzjWgmOa+TTW
xy3TK/kQHmRZi5UZ+6gMI9i0JQQFT6Zp
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:53:46 2025 by rpki-client