Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F6FD888AB3311EFA295ED9C762E951A.roa
File: 5F6FD888AB3311EFA295ED9C762E951A.roa (raw, json)
Hash identifier: WWsC+8beOejxlw4URjuvUh1SGIuZjgvH8CY+hHIWjq0=
Subject key identifier: D2:B0:62:65:DC:E0:32:70:05:BD:C8:EE:61:BC:9D:D6:91:7E:99:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01134A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F6FD888AB3311EFA295ED9C762E951A.roa
Signing time: Mon 25 Nov 2024 13:44:20 +0000
ROA not before: Mon 25 Nov 2024 13:44:17 +0000
ROA not after: Thu 30 Oct 2025 13:44:17 +0000
asID: 58460
IP address blocks: 154.198.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70474 (0x1134a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 25 13:44:17 2024 GMT
Not After : Oct 30 13:44:17 2025 GMT
Subject: CN=67447f34-c99e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c8:89:a7:71:fc:b9:21:f9:f3:82:da:72:25:
f6:9e:c3:ad:5f:7c:c8:18:d5:67:b5:2d:cb:35:1d:
c7:66:87:9b:ae:45:57:62:1c:e3:e7:b9:7d:4f:a2:
4e:b5:50:20:10:ed:18:48:88:79:57:fe:9a:50:15:
72:19:f5:e2:0a:e3:c6:d4:49:e2:f5:8d:eb:c7:54:
d6:6e:47:10:8f:bb:f6:e1:24:57:0c:56:ed:3a:b9:
f7:cd:71:f8:84:e3:fa:b3:a7:0b:ea:46:d7:2d:67:
08:3b:b3:54:7e:32:71:09:91:15:78:73:2d:d8:73:
b8:5c:b2:fd:2a:b0:22:a8:c5:b9:9e:0b:75:c4:5e:
11:74:5b:5b:c5:b0:d2:ab:cd:8c:68:35:f5:73:97:
48:cf:8e:7e:c8:1a:7d:cd:ef:f6:54:79:a7:11:05:
56:cf:5f:5d:71:8a:9c:7a:76:42:a1:04:e7:f8:91:
c2:16:11:cb:37:fe:c4:aa:c4:f3:dc:52:c1:5d:2c:
d6:62:e1:65:2e:47:a5:2b:07:36:a9:fe:76:6f:b8:
9f:e0:02:b8:9f:d9:67:d9:01:d8:e2:c4:14:53:f3:
da:fb:37:5b:be:66:77:58:85:19:e7:68:74:a1:97:
2a:18:d0:16:10:50:f8:d8:36:86:7a:45:af:da:1b:
6f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B0:62:65:DC:E0:32:70:05:BD:C8:EE:61:BC:9D:D6:91:7E:99:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F6FD888AB3311EFA295ED9C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.0.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:fd:2b:ad:fa:aa:89:a4:1f:4f:3d:c4:5b:7a:00:b2:a5:d2:
06:a6:25:70:1c:cf:7c:55:5b:d9:8f:fe:64:b6:9a:ec:e8:39:
83:0d:fb:ab:72:0c:48:24:d5:60:5f:a2:3a:e0:ec:d3:a8:dd:
96:90:f4:3d:bf:68:91:74:08:58:f4:0e:99:5d:62:bc:81:97:
68:20:6c:57:98:d4:33:de:62:71:f5:b6:b5:62:3a:61:df:79:
2f:be:1e:cb:72:78:4b:19:83:dd:bf:3a:35:e8:d6:bc:5a:db:
07:b5:81:f3:ab:a2:07:42:b3:a7:a2:ea:5a:fb:5b:7e:7d:03:
12:da:8f:43:16:e3:cb:84:d0:20:c4:09:a8:0f:eb:35:32:43:
15:9a:61:48:f0:77:bf:4d:83:07:53:f3:36:1c:4c:58:54:15:
bd:87:8e:ab:d8:c5:44:0b:f0:1c:c1:a4:36:58:4e:4d:09:da:
c4:28:7e:93:a1:ca:34:ca:6f:d1:e9:93:ad:c1:dd:19:52:94:
b9:3a:d1:e8:91:13:05:57:77:98:c2:8d:1b:50:6e:79:3f:74:
4f:59:8d:f6:c0:1a:79:b2:be:96:5a:16:41:07:2a:59:6a:fe:
10:84:d0:ab:46:06:da:57:63:5b:23:e6:69:7e:3a:3f:0f:29:
7f:a6:4b:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARNKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTI1MTM0NDE3WhcNMjUxMDMwMTM0NDE3WjAYMRYw
FAYDVQQDEw02NzQ0N2YzNC1jOTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8iJp3H8uSH584LaciX2nsOtX3zIGNVntS3LNR3HZoebrkVXYhzj57l9
T6JOtVAgEO0YSIh5V/6aUBVyGfXiCuPG1Eni9Y3rx1TWbkcQj7v24SRXDFbtOrn3
zXH4hOP6s6cL6kbXLWcIO7NUfjJxCZEVeHMt2HO4XLL9KrAiqMW5ngt1xF4RdFtb
xbDSq82MaDX1c5dIz45+yBp9ze/2VHmnEQVWz19dcYqcenZCoQTn+JHCFhHLN/7E
qsTz3FLBXSzWYuFlLkelKwc2qf52b7if4AK4n9ln2QHY4sQUU/Pa+zdbvmZ3WIUZ
52h0oZcqGNAWEFD42DaGekWv2htvnQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNKw
YmXc4DJwBb3I7mG8ndaRfplLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RjZGRDg4OEFCMzMxMUVGQTI5NUVEOUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYAMA0GCSqGSIb3DQEB
CwUAA4IBAQBf/Sut+qqJpB9PPcRbegCypdIGpiVwHM98VVvZj/5ktprs6DmDDfur
cgxIJNVgX6I64OzTqN2WkPQ9v2iRdAhY9A6ZXWK8gZdoIGxXmNQz3mJx9ba1Yjph
33kvvh7LcnhLGYPdvzo16Na8WtsHtYHzq6IHQrOnoupa+1t+fQMS2o9DFuPLhNAg
xAmoD+s1MkMVmmFI8He/TYMHU/M2HExYVBW9h46r2MVEC/AcwaQ2WE5NCdrEKH6T
oco0ym/R6ZOtwd0ZUpS5OtHokRMFV3eYwo0bUG55P3RPWY32wBp5sr6WWhZBBypZ
av4QhNCrRgbaV2NbI+Zpfjo/Dyl/pktu
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:13:47 2025 by rpki-client