Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/62D1B7EEC1DB11EFB7515D4A762E951A.roa
File: 62D1B7EEC1DB11EFB7515D4A762E951A.roa (raw, json)
Hash identifier: +ZfSIPO2SlwTIwnJG4e8HxscyKdJOGySglDcbKifgnU=
Subject key identifier: 38:F8:E0:5F:1B:ED:08:5A:AD:9B:F6:1F:C0:F7:28:8A:AA:5E:22:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012305
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/62D1B7EEC1DB11EFB7515D4A762E951A.roa
Signing time: Tue 24 Dec 2024 09:42:27 +0000
ROA not before: Tue 24 Dec 2024 09:42:24 +0000
ROA not after: Wed 10 Dec 2025 09:42:24 +0000
asID: 984
IP address blocks: 154.194.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74501 (0x12305)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 09:42:24 2024 GMT
Not After : Dec 10 09:42:24 2025 GMT
Subject: CN=676a8203-1afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d5:fc:13:db:ae:fb:fe:fd:1e:06:bd:a3:a9:
31:3d:43:7e:0e:c2:bb:31:71:d6:e3:c4:89:a3:9d:
0f:9a:ef:ed:b5:4b:31:08:67:32:d0:e9:b7:41:cd:
5c:d9:fa:06:6c:52:ea:97:68:45:30:ea:a3:12:3d:
37:bb:3a:12:34:8b:bf:c0:d2:38:80:c2:85:66:af:
8f:98:ff:a6:36:53:88:52:06:57:8c:3a:32:da:0f:
95:ea:4f:2c:7c:67:8b:61:7c:17:e0:b2:6c:2c:f8:
65:3b:02:c8:11:c3:c8:e7:4a:3e:d5:b1:4e:5a:62:
4c:d6:f7:46:cd:1c:1d:06:6d:7e:10:6b:71:1d:b2:
5e:4e:fc:50:58:1b:e1:63:6d:2e:5f:2c:f4:85:23:
75:8d:05:2b:e2:46:b7:74:4a:5d:c9:c9:5c:93:43:
b8:f6:84:8a:23:a3:0a:03:bb:70:f5:dd:e0:8f:cf:
95:37:37:98:23:83:bd:fb:f0:88:04:04:8c:8f:54:
a1:fc:03:98:77:a8:3d:81:04:99:b6:29:01:0b:d7:
7a:35:2a:7f:dd:d7:79:c3:a2:e4:87:41:58:d5:4e:
ea:d5:8c:f8:3e:f1:96:aa:2f:f7:52:38:54:16:87:
bc:ae:ef:62:7c:6d:a7:ab:d2:b9:35:29:f6:52:f1:
ec:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F8:E0:5F:1B:ED:08:5A:AD:9B:F6:1F:C0:F7:28:8A:AA:5E:22:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/62D1B7EEC1DB11EFB7515D4A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.247.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:6a:7f:cb:70:75:f0:7a:1c:a4:1c:8c:6d:f8:e4:11:28:43:
17:ee:e0:c7:6b:c4:57:27:83:81:98:c3:f3:0a:12:fa:30:d1:
ac:15:1e:71:13:33:13:f9:dc:bd:fe:7b:18:70:bb:c9:b9:ed:
bb:78:86:e8:c9:47:a9:32:30:5a:df:37:53:82:4f:3c:f9:e9:
74:81:07:ba:c4:c2:9d:5f:4d:b2:f9:62:e4:e5:c3:bd:8d:75:
69:18:9a:c1:d7:23:8b:20:0b:f0:ca:ca:6c:27:2b:09:0e:49:
40:75:16:75:ae:fd:f4:55:99:4b:45:68:eb:57:cd:40:fa:ee:
40:24:bf:a0:ac:7f:e6:a1:b5:6e:d6:33:4c:9f:26:0a:fd:30:
f5:58:ef:cc:cc:d8:71:0a:93:ab:64:c3:d1:1f:13:79:b3:f2:
b1:d0:c5:38:b9:be:f1:ba:be:aa:2a:60:37:24:08:2a:69:06:
7e:ab:06:75:a4:30:eb:6e:53:42:89:da:f2:34:70:35:57:d1:
b7:d1:31:50:9f:15:1f:60:6d:13:bb:34:d4:da:aa:94:84:03:
d3:bc:87:56:95:17:f3:c7:07:8a:e0:36:36:31:04:9c:4d:24:
59:a8:19:84:6d:84:73:3d:d6:99:57:a4:69:bf:c8:d6:28:ba:
ae:e3:d0:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASMFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDk0MjI0WhcNMjUxMjEwMDk0MjI0WjAYMRYw
FAYDVQQDEw02NzZhODIwMy0xYWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAytX8E9uu+/79Hga9o6kxPUN+DsK7MXHW48SJo50Pmu/ttUsxCGcy0Om3
Qc1c2foGbFLql2hFMOqjEj03uzoSNIu/wNI4gMKFZq+PmP+mNlOIUgZXjDoy2g+V
6k8sfGeLYXwX4LJsLPhlOwLIEcPI50o+1bFOWmJM1vdGzRwdBm1+EGtxHbJeTvxQ
WBvhY20uXyz0hSN1jQUr4ka3dEpdyclck0O49oSKI6MKA7tw9d3gj8+VNzeYI4O9
+/CIBASMj1Sh/AOYd6g9gQSZtikBC9d6NSp/3dd5w6Lkh0FY1U7q1Yz4PvGWqi/3
UjhUFoe8ru9ifG2nq9K5NSn2UvHsgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDj4
4F8b7QharZv2H8D3KIqqXiKBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MkQxQjdFRUMxREIxMUVGQjc1MTVENEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsL3MA0GCSqGSIb3DQEB
CwUAA4IBAQDLan/LcHXwehykHIxt+OQRKEMX7uDHa8RXJ4OBmMPzChL6MNGsFR5x
EzMT+dy9/nsYcLvJue27eIboyUepMjBa3zdTgk88+el0gQe6xMKdX02y+WLk5cO9
jXVpGJrB1yOLIAvwyspsJysJDklAdRZ1rv30VZlLRWjrV81A+u5AJL+grH/mobVu
1jNMnyYK/TD1WO/MzNhxCpOrZMPRHxN5s/Kx0MU4ub7xur6qKmA3JAgqaQZ+qwZ1
pDDrblNCidryNHA1V9G30TFQnxUfYG0TuzTU2qqUhAPTvIdWlRfzxweK4DY2MQSc
TSRZqBmEbYRzPdaZV6Rpv8jWKLqu49B4
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:22:46 2025 by rpki-client