Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F33915EC41811EF985EC89A762E951A.roa
File: 5F33915EC41811EF985EC89A762E951A.roa (raw, json)
Hash identifier: Fl5dHUlG62tlz4laiz4hyZG6wLxFoUrctcyj8kAts8M=
Subject key identifier: D6:8F:9B:AC:C1:EB:86:FC:17:06:76:7C:8B:F2:EB:41:8B:58:38:2E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012973
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F33915EC41811EF985EC89A762E951A.roa
Signing time: Fri 27 Dec 2024 06:04:03 +0000
ROA not before: Fri 27 Dec 2024 06:03:59 +0000
ROA not after: Sun 12 Dec 2027 06:03:59 +0000
asID: 17561
IP address blocks: 154.197.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76147 (0x12973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 06:03:59 2024 GMT
Not After : Dec 12 06:03:59 2027 GMT
Subject: CN=676e4353-3a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7a:16:0c:0d:50:31:aa:79:98:bb:12:5f:ee:
27:a1:0d:ed:42:bf:f8:c1:0d:70:60:86:64:ca:2c:
64:b5:42:8d:0d:c2:e5:0f:ee:43:24:fb:5f:9f:76:
51:0d:14:46:57:d4:fb:0c:8e:fc:46:8a:7a:91:46:
c6:09:8c:4f:49:91:9d:99:c0:37:0c:2e:d4:c2:c0:
d2:21:8a:c6:8f:f0:15:21:aa:65:e7:48:1b:d5:23:
79:f4:e8:bf:fe:86:6c:2f:b8:96:ca:9a:09:2a:c4:
c4:e6:ad:92:b7:9c:1a:15:2d:34:e9:2c:d4:1b:98:
f8:eb:63:c9:4e:ec:b9:ba:d4:83:9a:f1:d5:61:c5:
0c:e7:6a:d3:d9:91:7e:94:dc:4f:40:27:6b:18:46:
58:91:dc:80:4f:54:d0:a6:39:d1:60:11:63:e7:38:
0d:bf:1d:48:ca:0a:b2:9e:ce:51:e4:75:0d:d6:d6:
fb:a5:4f:91:cb:40:3b:c8:19:12:75:df:84:b9:f8:
f6:0a:5e:71:58:c1:75:75:59:02:06:a6:af:2c:5e:
98:b2:df:ce:b7:4f:23:b0:5f:f1:f4:74:c9:27:f1:
35:2d:9e:be:f1:85:88:4a:e5:3f:0f:47:3e:eb:9f:
55:ea:55:e6:4c:57:cf:1e:d1:c4:23:e1:e0:71:94:
fd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:8F:9B:AC:C1:EB:86:FC:17:06:76:7C:8B:F2:EB:41:8B:58:38:2E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F33915EC41811EF985EC89A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.113.0/24
Signature Algorithm: sha256WithRSAEncryption
38:eb:f4:a9:bb:e5:cf:2c:5c:85:4f:51:ad:b5:dc:1b:d7:6f:
73:14:65:ef:ab:77:68:86:a2:00:96:e6:a5:d5:08:60:30:01:
cd:09:52:b3:a7:18:a8:f8:bd:6a:2b:24:ec:3b:29:d4:67:80:
14:f3:17:aa:eb:09:c1:d3:40:6d:df:0e:8c:a0:d4:2f:7f:9a:
f2:87:5d:12:00:10:53:e6:c4:2d:9a:24:87:ca:4c:65:6d:66:
7a:a7:92:66:6f:ae:b2:01:9a:40:70:0d:76:a5:24:40:47:35:
41:ad:58:f0:dc:f6:ca:46:56:39:d6:62:05:8b:3f:18:1d:44:
10:2c:47:0d:24:1c:48:c9:fc:db:af:59:8b:65:f3:7c:85:a1:
e9:18:5f:15:36:e3:a2:ab:d4:e6:39:4f:ae:79:46:a4:77:47:
ed:a9:44:2d:b6:ca:de:e1:3c:f2:01:ac:5e:61:c4:14:04:14:
dc:46:0f:96:72:29:da:8a:de:2a:a5:6d:2f:df:45:73:1d:3d:
ad:03:14:6f:b6:7c:84:7a:23:e1:16:6f:73:06:c2:12:61:bb:
a4:44:fd:10:49:d2:58:e1:85:7a:18:49:4e:7a:2d:34:6b:91:
5a:0a:13:12:49:f7:ee:a6:18:f8:30:67:e1:73:c2:05:8c:54:
eb:4b:e2:0e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASlzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDYwMzU5WhcNMjcxMjEyMDYwMzU5WjAYMRYw
FAYDVQQDEw02NzZlNDM1My0zYTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx3oWDA1QMap5mLsSX+4noQ3tQr/4wQ1wYIZkyixktUKNDcLlD+5DJPtf
n3ZRDRRGV9T7DI78Rop6kUbGCYxPSZGdmcA3DC7UwsDSIYrGj/AVIapl50gb1SN5
9Oi//oZsL7iWypoJKsTE5q2St5waFS006SzUG5j462PJTuy5utSDmvHVYcUM52rT
2ZF+lNxPQCdrGEZYkdyAT1TQpjnRYBFj5zgNvx1Iygqyns5R5HUN1tb7pU+Ry0A7
yBkSdd+Eufj2Cl5xWMF1dVkCBqavLF6Yst/Ot08jsF/x9HTJJ/E1LZ6+8YWISuU/
D0c+659V6lXmTFfPHtHEI+HgcZT93QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNaP
m6zB64b8FwZ2fIvy60GLWDguMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RjMzOTE1RUM0MTgxMUVGOTg1RUM4OUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVxMA0GCSqGSIb3DQEB
CwUAA4IBAQA46/Spu+XPLFyFT1Gttdwb129zFGXvq3dohqIAlual1QhgMAHNCVKz
pxio+L1qKyTsOynUZ4AU8xeq6wnB00Bt3w6MoNQvf5ryh10SABBT5sQtmiSHykxl
bWZ6p5Jmb66yAZpAcA12pSRARzVBrVjw3PbKRlY51mIFiz8YHUQQLEcNJBxIyfzb
r1mLZfN8haHpGF8VNuOiq9TmOU+ueUakd0ftqUQttsre4TzyAaxeYcQUBBTcRg+W
cinait4qpW0v30VzHT2tAxRvtnyEeiPhFm9zBsISYbukRP0QSdJY4YV6GElOei00
a5FaChMSSffuphj4MGfhc8IFjFTrS+IO
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:55 2025 by rpki-client