Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6658219AC5FB11EFA896DE87762E951A.roa
File: 6658219AC5FB11EFA896DE87762E951A.roa (raw, json)
Hash identifier: JKE/5yt4B86ai/70IBvmMUFZnwBRasmaq7g2ujDjWLo=
Subject key identifier: B4:CB:27:58:3F:A8:DA:CD:8B:0C:42:EB:74:35:DD:C6:82:95:AC:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E2E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6658219AC5FB11EFA896DE87762E951A.roa
Signing time: Sun 29 Dec 2024 15:41:42 +0000
ROA not before: Sun 29 Dec 2024 15:41:38 +0000
ROA not after: Sun 12 Dec 2027 15:41:38 +0000
asID: 17561
IP address blocks: 154.216.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77358 (0x12e2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 15:41:38 2024 GMT
Not After : Dec 12 15:41:38 2027 GMT
Subject: CN=67716db6-6f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e7:1a:6a:b6:81:db:fa:ee:c2:80:49:3e:ea:
8e:70:41:4b:99:f3:9e:54:74:75:08:6b:51:b7:ab:
28:8e:f0:8e:26:70:ca:8e:42:45:e1:aa:d4:6c:08:
d8:96:a6:25:6f:25:75:2e:3d:1b:c0:ac:3d:93:49:
5f:6c:a9:e1:90:f2:7d:6b:8e:92:02:41:4b:5b:3a:
2c:d3:a1:e9:ab:29:8f:87:62:2f:eb:53:c0:a5:63:
02:f1:90:6f:28:f0:78:30:25:88:28:89:32:75:20:
28:6e:fc:1f:85:c0:49:5a:dc:1f:d4:61:4f:54:86:
05:96:a8:87:49:fc:d0:17:8d:af:e4:0a:d7:a1:6f:
7b:0e:27:0d:85:8f:bb:f4:7e:e0:aa:e4:9b:75:78:
73:78:3b:75:65:4b:3d:ad:01:a1:0e:3b:c1:f2:3a:
52:4c:3f:6c:4f:8e:9a:8d:2c:04:3f:cc:40:30:cb:
69:d1:23:a8:a7:e7:c6:6e:8f:32:3a:87:83:cf:3b:
14:c6:3e:35:14:b3:0c:2e:3d:8c:a5:4d:48:07:c1:
21:18:6a:69:13:00:ba:d2:3d:42:9d:75:9b:57:2b:
40:21:80:9f:a8:4e:f2:9f:ed:64:7e:70:35:59:85:
13:66:41:9c:ad:e9:23:e8:d4:b0:98:db:da:f0:e2:
04:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:CB:27:58:3F:A8:DA:CD:8B:0C:42:EB:74:35:DD:C6:82:95:AC:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6658219AC5FB11EFA896DE87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.26.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:38:4e:a5:ea:b0:12:6d:65:56:c5:d5:0b:ff:48:2b:49:45:
bd:23:78:1d:2c:c8:ff:d9:36:53:60:22:00:48:82:6a:e5:e5:
3c:e1:0f:2e:7c:99:ee:51:b6:57:5e:8f:91:7f:7f:27:79:3c:
09:a9:77:97:49:0d:b2:27:ef:9e:cf:b1:1b:b9:71:fa:4a:2f:
7b:27:cd:f9:ad:bb:9c:8e:99:f0:66:68:1e:97:56:18:d7:7c:
ec:73:19:e2:62:6d:80:9d:f1:17:d3:6c:58:bf:92:11:fb:97:
b7:30:cc:35:a2:a6:49:5a:66:42:48:df:c7:df:f8:1d:03:a8:
4d:08:9c:87:04:f6:a4:60:2c:cd:8c:48:e9:91:00:0c:13:28:
53:a3:33:dd:5f:14:8b:c0:bf:70:1f:06:97:29:89:81:34:60:
97:41:5a:03:0d:04:b8:e1:93:05:4e:29:d6:eb:50:f9:dd:e8:
70:2d:cc:34:4d:a1:86:29:53:b8:fa:a6:60:bf:20:2b:42:0b:
44:63:28:0b:c4:4b:49:9c:f4:28:52:7d:cc:16:a0:57:78:13:
40:4b:dc:95:1a:3a:f9:e1:3f:75:33:1b:ec:3b:82:a6:cc:dc:
58:59:b5:54:cd:59:62:98:57:fb:10:6a:3e:fc:0d:13:ce:68:
63:65:32:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS4uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTU0MTM4WhcNMjcxMjEyMTU0MTM4WjAYMRYw
FAYDVQQDEw02NzcxNmRiNi02ZjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyOcaaraB2/ruwoBJPuqOcEFLmfOeVHR1CGtRt6sojvCOJnDKjkJF4arU
bAjYlqYlbyV1Lj0bwKw9k0lfbKnhkPJ9a46SAkFLWzos06HpqymPh2Iv61PApWMC
8ZBvKPB4MCWIKIkydSAobvwfhcBJWtwf1GFPVIYFlqiHSfzQF42v5ArXoW97DicN
hY+79H7gquSbdXhzeDt1ZUs9rQGhDjvB8jpSTD9sT46ajSwEP8xAMMtp0SOop+fG
bo8yOoeDzzsUxj41FLMMLj2MpU1IB8EhGGppEwC60j1CnXWbVytAIYCfqE7yn+1k
fnA1WYUTZkGcrekj6NSwmNva8OIETwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLTL
J1g/qNrNiwxC63Q13caClayoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NjU4MjE5QUM1RkIxMUVGQTg5NkRFODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtgaMA0GCSqGSIb3DQEB
CwUAA4IBAQC9OE6l6rASbWVWxdUL/0grSUW9I3gdLMj/2TZTYCIASIJq5eU84Q8u
fJnuUbZXXo+Rf38neTwJqXeXSQ2yJ++ez7EbuXH6Si97J835rbucjpnwZmgel1YY
13zscxniYm2AnfEX02xYv5IR+5e3MMw1oqZJWmZCSN/H3/gdA6hNCJyHBPakYCzN
jEjpkQAMEyhTozPdXxSLwL9wHwaXKYmBNGCXQVoDDQS44ZMFTinW61D53ehwLcw0
TaGGKVO4+qZgvyArQgtEYygLxEtJnPQoUn3MFqBXeBNAS9yVGjr54T91MxvsO4Km
zNxYWbVUzVlimFf7EGo+/A0TzmhjZTLd
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:58:03 2025 by rpki-client