Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6557D1F2C27511EF80B026B2762E951A.roa
File: 6557D1F2C27511EF80B026B2762E951A.roa (raw, json)
Hash identifier: QTJEV31CyzWf9KodshP+O2b2v2TQvNz2pxUOhxpoL1I=
Subject key identifier: 6C:B4:A2:05:C4:29:65:89:ED:25:52:A9:5B:1F:09:4C:43:E7:FF:09
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012494
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6557D1F2C27511EF80B026B2762E951A.roa
Signing time: Wed 25 Dec 2024 04:04:54 +0000
ROA not before: Wed 25 Dec 2024 04:04:50 +0000
ROA not after: Wed 10 Dec 2025 04:04:50 +0000
asID: 984
IP address blocks: 154.211.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74900 (0x12494)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 04:04:50 2024 GMT
Not After : Dec 10 04:04:50 2025 GMT
Subject: CN=676b8466-35b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:04:09:45:16:47:24:d8:d8:1c:07:c5:dd:90:
47:79:ae:6a:ce:86:bf:83:bd:6c:4d:61:77:f7:e0:
f1:a7:4f:08:ac:52:af:ae:dd:81:55:f6:d1:1c:74:
fb:01:15:42:8a:a2:39:ae:93:b4:4a:34:26:e7:01:
79:0f:b6:98:41:ef:e6:2b:54:d9:93:be:9c:34:f5:
5a:0f:56:45:11:30:2f:ae:38:d2:62:2e:66:68:a5:
b3:05:27:e2:8f:cc:51:2e:b9:b2:ae:c6:97:6b:d1:
6f:2d:c2:f5:fd:d1:c0:4a:1c:88:23:ba:69:93:f4:
59:d2:a1:12:fb:77:23:17:87:43:d3:63:6a:c5:7e:
00:a2:84:f9:42:11:1b:15:ba:b9:0f:7d:c8:6d:17:
e0:1c:83:22:90:5c:68:39:63:64:a4:35:df:fc:ec:
b5:93:c1:fc:6a:e7:5d:5f:8d:54:d8:03:c1:56:53:
32:b6:80:74:97:41:87:dc:fe:2a:1d:34:b6:16:c5:
4f:15:21:74:19:27:4e:30:28:5a:5a:cc:0e:ae:be:
cf:17:88:4d:bb:d2:13:9b:bc:ab:07:cb:8b:5b:65:
62:83:e1:28:6b:f2:d1:9f:a4:8e:18:4a:30:da:2f:
3b:36:16:f4:74:26:d9:5f:b2:d9:f2:9b:b7:cf:ff:
79:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B4:A2:05:C4:29:65:89:ED:25:52:A9:5B:1F:09:4C:43:E7:FF:09
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6557D1F2C27511EF80B026B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.231.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:0d:0b:9e:a1:fe:cc:9c:55:9d:a3:8e:4d:5a:cf:85:e3:8e:
1f:fe:63:cd:aa:a4:d2:2e:54:48:bd:b8:8e:89:4a:d2:fc:30:
22:31:2e:55:05:35:78:9e:18:d5:18:3a:89:2d:37:11:5e:9a:
43:4a:2e:62:e6:86:3f:cb:a6:2f:1e:88:48:63:73:df:80:3d:
68:bb:b6:9d:f0:9d:ff:3c:37:bc:64:e8:2b:05:39:b9:7c:31:
4e:f7:3b:e8:84:36:3f:92:95:93:6f:75:44:f1:14:d8:eb:02:
c8:08:e9:23:2d:7f:62:a9:e7:cc:e0:32:62:73:36:23:ec:18:
cb:c4:16:23:46:12:b5:dd:a5:a5:a9:38:88:bb:9c:1d:3e:92:
44:d5:93:b7:47:da:77:cf:91:54:98:f1:52:64:05:a7:6f:be:
c9:a8:b6:ce:23:91:ed:64:df:07:1f:16:48:4b:b0:56:c0:ac:
34:52:53:35:52:96:14:9e:2d:a9:5c:f6:74:03:39:2f:96:b0:
a1:6b:84:92:46:b1:87:c5:6f:4e:99:a6:66:d4:b9:b0:7e:1f:
dc:39:f3:3a:e9:5f:3f:b3:a4:24:b2:a8:73:d0:7e:fc:54:aa:
d6:66:66:72:e2:3b:ea:d3:37:fc:d8:96:68:84:63:1c:e2:81:
88:16:ea:9c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASSUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDQwNDUwWhcNMjUxMjEwMDQwNDUwWjAYMRYw
FAYDVQQDEw02NzZiODQ2Ni0zNWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtQQJRRZHJNjYHAfF3ZBHea5qzoa/g71sTWF39+Dxp08IrFKvrt2BVfbR
HHT7ARVCiqI5rpO0SjQm5wF5D7aYQe/mK1TZk76cNPVaD1ZFETAvrjjSYi5maKWz
BSfij8xRLrmyrsaXa9FvLcL1/dHAShyII7ppk/RZ0qES+3cjF4dD02NqxX4AooT5
QhEbFbq5D33IbRfgHIMikFxoOWNkpDXf/Oy1k8H8auddX41U2APBVlMytoB0l0GH
3P4qHTS2FsVPFSF0GSdOMChaWswOrr7PF4hNu9ITm7yrB8uLW2Vig+Eoa/LRn6SO
GEow2i87Nhb0dCbZX7LZ8pu3z/95IQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGy0
ogXEKWWJ7SVSqVsfCUxD5/8JMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NTU3RDFGMkMyNzUxMUVGODBCMDI2QjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtPnMA0GCSqGSIb3DQEB
CwUAA4IBAQB+DQueof7MnFWdo45NWs+F444f/mPNqqTSLlRIvbiOiUrS/DAiMS5V
BTV4nhjVGDqJLTcRXppDSi5i5oY/y6YvHohIY3PfgD1ou7ad8J3/PDe8ZOgrBTm5
fDFO9zvohDY/kpWTb3VE8RTY6wLICOkjLX9iqefM4DJiczYj7BjLxBYjRhK13aWl
qTiIu5wdPpJE1ZO3R9p3z5FUmPFSZAWnb77JqLbOI5HtZN8HHxZIS7BWwKw0UlM1
UpYUni2pXPZ0AzkvlrCha4SSRrGHxW9OmaZm1Lmwfh/cOfM66V8/s6Qksqhz0H78
VKrWZmZy4jvq0zf82JZohGMc4oGIFuqc
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:11 2025 by rpki-client