Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6047D070AB3411EFADDDA1A4762E951A.roa
File: 6047D070AB3411EFADDDA1A4762E951A.roa (raw, json)
Hash identifier: 1WSgkhWWVuEvLjy09iDAyIQSZiZRBBy01K+v/gZr7t0=
Subject key identifier: 93:25:0F:D1:34:7F:FA:CC:AD:0C:A7:45:DB:1D:49:0B:BD:D6:7F:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01134C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6047D070AB3411EFADDDA1A4762E951A.roa
Signing time: Mon 25 Nov 2024 13:51:31 +0000
ROA not before: Mon 25 Nov 2024 13:51:28 +0000
ROA not after: Wed 07 Jan 2026 13:51:28 +0000
asID: 139057
IP address blocks: 154.85.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70476 (0x1134c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 25 13:51:28 2024 GMT
Not After : Jan 7 13:51:28 2026 GMT
Subject: CN=674480e3-1f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:56:a3:da:8d:ea:1b:ef:1a:d9:95:15:27:c0:
2d:05:e1:dd:bb:4f:07:64:3d:d5:62:3e:dc:d8:a6:
8d:2f:9f:04:63:81:77:ba:66:48:c0:8c:1f:94:56:
21:02:a9:06:b2:a8:21:87:75:f3:60:9e:45:47:48:
8b:db:58:19:2d:d1:30:c3:79:ea:d4:ec:eb:1c:98:
79:32:45:9c:c8:d3:fe:ac:8e:11:82:ed:20:ff:a4:
c2:1c:d4:54:7d:8a:50:39:6d:e5:bc:98:c9:06:73:
12:c7:99:1a:56:18:5b:79:8b:18:2f:bf:ce:c0:fa:
8b:91:01:74:e8:ae:ea:37:e6:58:6c:45:fe:80:e8:
2a:94:46:14:41:39:fc:5b:24:5d:14:3f:06:85:9c:
d3:cd:fe:df:94:66:1c:84:24:2c:4b:94:5d:4c:62:
02:dc:78:80:b8:f1:9d:c3:c6:84:24:4e:ed:f4:b0:
c3:31:96:92:93:b7:8e:bb:f0:75:3d:3c:16:7e:ef:
eb:e3:a5:73:49:67:04:7a:5e:c8:46:04:67:ca:54:
be:27:4a:a8:7e:df:8a:5d:31:30:52:a9:e2:ee:c4:
29:26:4f:fa:83:b5:1e:3f:c7:a1:ff:26:7e:c3:11:
07:88:b8:92:6f:73:95:7b:8b:f2:3d:de:18:7a:1c:
f8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:25:0F:D1:34:7F:FA:CC:AD:0C:A7:45:DB:1D:49:0B:BD:D6:7F:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6047D070AB3411EFADDDA1A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.92.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:21:65:62:45:b8:9c:76:37:0f:13:d0:4d:32:23:e6:b0:64:
71:eb:e9:89:77:5a:b5:35:66:9b:92:35:09:d1:67:16:3f:29:
d6:fa:f3:82:da:80:64:08:75:8b:26:f6:e3:5d:f0:0d:e6:94:
4d:e3:55:20:0b:e7:d6:d3:07:e5:2a:5f:6b:ba:b3:3b:91:a8:
3b:ab:33:9c:f5:92:75:98:bc:fc:0a:24:28:28:05:cb:b4:4c:
d0:7c:96:3f:24:8a:94:e9:73:ed:f0:3e:b5:9c:06:16:00:5a:
66:95:e7:6a:f5:cb:a7:40:07:18:9a:f6:60:a1:3b:73:86:10:
cb:db:dd:68:9c:27:c5:10:16:e6:06:37:6b:ba:8e:a2:89:9a:
bd:34:df:9f:9d:d0:ab:9f:8d:77:51:e6:80:c8:17:af:1f:96:
0f:e3:54:72:0e:25:12:38:d2:10:03:2c:21:83:8c:d7:fe:02:
bd:b4:c8:3e:00:8a:e9:14:6e:1b:9b:04:42:9e:40:6c:c8:06:
a3:55:85:13:45:1c:1e:4b:3e:08:26:e9:ea:59:85:dc:c9:25:
1b:ce:6b:53:5b:cf:38:75:3d:f5:aa:d1:94:c9:85:f2:97:d7:
e3:20:5f:f1:50:13:a2:e8:df:92:e9:f0:61:41:b4:00:5d:ce:
83:aa:16:20
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARNMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTI1MTM1MTI4WhcNMjYwMTA3MTM1MTI4WjAYMRYw
FAYDVQQDEw02NzQ0ODBlMy0xZjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyVaj2o3qG+8a2ZUVJ8AtBeHdu08HZD3VYj7c2KaNL58EY4F3umZIwIwf
lFYhAqkGsqghh3XzYJ5FR0iL21gZLdEww3nq1OzrHJh5MkWcyNP+rI4Rgu0g/6TC
HNRUfYpQOW3lvJjJBnMSx5kaVhhbeYsYL7/OwPqLkQF06K7qN+ZYbEX+gOgqlEYU
QTn8WyRdFD8GhZzTzf7flGYchCQsS5RdTGIC3HiAuPGdw8aEJE7t9LDDMZaSk7eO
u/B1PTwWfu/r46VzSWcEel7IRgRnylS+J0qoft+KXTEwUqni7sQpJk/6g7UeP8eh
/yZ+wxEHiLiSb3OVe4vyPd4Yehz4eQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJMl
D9E0f/rMrQynRdsdSQu91n9cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MDQ3RDA3MEFCMzQxMUVGQUREREExQTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlVcMA0GCSqGSIb3DQEB
CwUAA4IBAQDAIWViRbicdjcPE9BNMiPmsGRx6+mJd1q1NWabkjUJ0WcWPynW+vOC
2oBkCHWLJvbjXfAN5pRN41UgC+fW0wflKl9rurM7kag7qzOc9ZJ1mLz8CiQoKAXL
tEzQfJY/JIqU6XPt8D61nAYWAFpmledq9cunQAcYmvZgoTtzhhDL291onCfFEBbm
Bjdruo6iiZq9NN+fndCrn413UeaAyBevH5YP41RyDiUSONIQAywhg4zX/gK9tMg+
AIrpFG4bmwRCnkBsyAajVYUTRRweSz4IJunqWYXcySUbzmtTW884dT31qtGUyYXy
l9fjIF/xUBOi6N+S6fBhQbQAXc6DqhYg
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:49:18 2025 by rpki-client