Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61D01D5AC61C11EFB9ED9058762E951A.roa
File: 61D01D5AC61C11EFB9ED9058762E951A.roa (raw, json)
Hash identifier: G8qGKt7Ju5VnIg2sFSk/tH0AhnvN7PG/gNn5gsQt0vY=
Subject key identifier: 3A:6A:0E:78:D2:5C:8F:D1:5E:4A:48:1C:C9:49:6F:FA:D5:DA:7A:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012F46
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61D01D5AC61C11EFB9ED9058762E951A.roa
Signing time: Sun 29 Dec 2024 19:37:47 +0000
ROA not before: Sun 29 Dec 2024 19:37:44 +0000
ROA not after: Sun 12 Dec 2027 19:37:44 +0000
asID: 17561
IP address blocks: 154.217.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77638 (0x12f46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 19:37:44 2024 GMT
Not After : Dec 12 19:37:44 2027 GMT
Subject: CN=6771a50b-6373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0d:b0:11:b3:d5:30:97:7b:9e:ab:c8:89:63:
47:ed:23:ce:81:d7:4e:9a:36:4d:69:f0:28:de:bb:
c0:22:af:16:19:1d:a2:c3:90:98:72:22:68:26:e3:
8a:5d:49:e5:21:99:0b:b2:4e:ee:2d:25:f5:6e:13:
40:fe:82:5f:a7:d7:b3:af:2a:4f:46:b3:ca:9d:61:
65:d0:01:bc:80:66:d4:8c:bc:1a:f2:4c:ef:61:3a:
50:06:17:a3:4c:95:25:95:92:45:34:72:04:dd:40:
cb:a3:71:8d:b2:8a:a5:f4:49:50:8a:94:ff:31:63:
09:98:b6:86:ca:a0:cc:b4:91:66:9a:22:66:97:95:
e2:68:c0:02:7b:d0:ba:1f:09:26:11:93:95:a1:0d:
78:7e:0b:da:5a:76:d0:16:eb:9a:35:87:d1:0a:16:
ac:86:52:29:80:91:06:90:8a:14:3f:56:1e:4d:a7:
e1:b1:33:b6:5e:9b:75:6c:7e:52:d5:ad:09:af:ac:
60:b6:6a:88:fa:08:9c:f0:00:ef:09:8c:82:3d:ac:
de:56:33:f0:83:dc:4f:4b:2e:cd:54:1c:22:80:c4:
2f:fb:13:64:6b:9e:d0:21:c2:21:6a:4d:38:16:41:
0a:65:6f:95:af:e9:34:a0:ad:41:c2:27:58:4d:cd:
b5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6A:0E:78:D2:5C:8F:D1:5E:4A:48:1C:C9:49:6F:FA:D5:DA:7A:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61D01D5AC61C11EFB9ED9058762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.134.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:26:de:08:78:c9:7c:93:07:51:89:c6:85:7c:eb:c0:db:e0:
cb:37:ec:df:35:52:cf:4e:fc:b9:8c:e2:1f:8f:8c:79:4f:3c:
ca:17:c8:98:24:9f:3f:7c:5e:b5:18:71:5e:20:e0:8a:a7:04:
24:34:7d:17:4d:a9:c8:46:a9:e3:51:76:be:b9:b5:47:00:d9:
47:27:be:cd:cb:84:36:c7:bb:e7:63:28:4c:48:ff:7c:f3:76:
c4:14:d3:f6:b3:df:9f:a5:9c:e5:d8:75:19:ad:07:47:97:ec:
dd:6e:d9:6e:6e:61:cc:19:1e:e6:1a:63:d8:0c:8c:6f:8d:76:
fd:b0:62:f9:5f:ac:ad:2c:f3:01:15:77:e7:b1:a0:c2:95:54:
7e:82:9c:7c:8c:43:a0:b3:58:05:f3:2c:67:8d:ac:53:dd:78:
fd:1c:bd:ac:65:c7:39:75:ee:b2:52:9d:f5:9c:11:fd:d9:26:
bb:05:b8:0c:93:15:8f:b7:69:50:fa:13:65:8f:8b:7c:70:c7:
30:21:09:8f:bd:ea:74:18:c6:01:e6:7b:d2:3f:da:71:5e:47:
ac:34:29:45:96:3e:e7:7d:fb:a9:92:a1:46:7c:22:02:72:1b:
e2:e9:de:23:4c:0a:80:ad:31:35:b4:1d:76:b7:9e:ac:d9:aa:
ce:9f:f0:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS9GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTkzNzQ0WhcNMjcxMjEyMTkzNzQ0WjAYMRYw
FAYDVQQDEw02NzcxYTUwYi02MzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtA2wEbPVMJd7nqvIiWNH7SPOgddOmjZNafAo3rvAIq8WGR2iw5CYciJo
JuOKXUnlIZkLsk7uLSX1bhNA/oJfp9ezrypPRrPKnWFl0AG8gGbUjLwa8kzvYTpQ
BhejTJUllZJFNHIE3UDLo3GNsoql9ElQipT/MWMJmLaGyqDMtJFmmiJml5XiaMAC
e9C6HwkmEZOVoQ14fgvaWnbQFuuaNYfRChashlIpgJEGkIoUP1YeTafhsTO2Xpt1
bH5S1a0Jr6xgtmqI+gic8ADvCYyCPazeVjPwg9xPSy7NVBwigMQv+xNka57QIcIh
ak04FkEKZW+Vr+k0oK1BwidYTc21XQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDpq
DnjSXI/RXkpIHMlJb/rV2nqoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MUQwMUQ1QUM2MUMxMUVGQjlFRDkwNTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtmGMA0GCSqGSIb3DQEB
CwUAA4IBAQDTJt4IeMl8kwdRicaFfOvA2+DLN+zfNVLPTvy5jOIfj4x5TzzKF8iY
JJ8/fF61GHFeIOCKpwQkNH0XTanIRqnjUXa+ubVHANlHJ77Ny4Q2x7vnYyhMSP98
83bEFNP2s9+fpZzl2HUZrQdHl+zdbtlubmHMGR7mGmPYDIxvjXb9sGL5X6ytLPMB
FXfnsaDClVR+gpx8jEOgs1gF8yxnjaxT3Xj9HL2sZcc5de6yUp31nBH92Sa7BbgM
kxWPt2lQ+hNlj4t8cMcwIQmPvep0GMYB5nvSP9pxXkesNClFlj7nffupkqFGfCIC
chvi6d4jTAqArTE1tB12t56s2arOn/DK
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:11:25 2025 by rpki-client