Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67545D10C51B11EFB8C2DB7E762E951A.roa
File: 67545D10C51B11EFB8C2DB7E762E951A.roa (raw, json)
Hash identifier: qwL/5QrwpuCgt62wR92OwwJoJpTrwFmTI0IrX+OlX5Q=
Subject key identifier: C0:79:D3:3F:B1:20:FA:10:8B:3F:AC:49:30:81:0B:E9:C6:E7:98:BE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012B23
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67545D10C51B11EFB8C2DB7E762E951A.roa
Signing time: Sat 28 Dec 2024 12:58:16 +0000
ROA not before: Sat 28 Dec 2024 12:58:12 +0000
ROA not after: Sun 12 Dec 2027 12:58:12 +0000
asID: 17561
IP address blocks: 154.203.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76579 (0x12b23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 12:58:12 2024 GMT
Not After : Dec 12 12:58:12 2027 GMT
Subject: CN=676ff5e8-61a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:05:bc:e1:c4:47:86:48:a0:87:ca:86:06:a7:
9e:ab:ca:56:23:33:c8:5d:8f:69:6a:1d:f9:25:c1:
d9:7f:6b:77:43:1a:40:72:8c:2d:cd:7f:b2:fa:0d:
f6:c2:33:ab:ba:42:d7:37:4c:4c:94:eb:0a:49:bb:
5a:5f:8f:eb:18:36:74:27:33:2d:f5:86:74:f2:43:
f0:9a:05:fa:8d:27:3c:96:f2:62:6b:c8:b5:cc:90:
16:f3:8e:3c:0e:de:fd:b6:f3:bc:48:79:1f:4a:9d:
3a:09:32:05:b8:78:6f:ef:a6:7c:46:8d:b1:11:19:
02:d5:78:e8:5b:7c:6f:28:07:8a:9c:d7:62:74:df:
79:66:e7:96:dc:04:7c:e0:b1:41:28:cb:0d:90:6e:
08:f2:62:67:58:d2:4e:5d:fb:de:35:4c:a6:d3:5a:
51:2c:b7:14:3d:91:1d:1d:77:63:2f:c6:7d:7a:86:
c9:8a:18:91:80:1b:ae:0b:6c:ef:35:a9:ac:e6:dc:
d1:7e:c9:70:ea:32:d4:65:95:4d:fb:3e:de:9a:4b:
4b:d9:0d:2b:d6:81:8a:73:95:f6:21:9e:6e:10:3d:
3b:7b:33:0b:a1:2c:c1:36:dc:0c:b1:15:8b:6c:c9:
02:64:9c:f0:3a:28:f5:f4:c3:81:dd:c9:f3:9b:24:
15:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:79:D3:3F:B1:20:FA:10:8B:3F:AC:49:30:81:0B:E9:C6:E7:98:BE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67545D10C51B11EFB8C2DB7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.13.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:00:db:02:94:dc:1b:39:bc:9b:3a:1b:04:a7:90:eb:18:7b:
e3:77:73:04:9a:99:4f:5c:16:34:e9:70:96:ed:41:cc:32:18:
65:c3:75:ef:53:9d:5d:64:13:6b:98:d3:eb:1b:7c:d9:c6:87:
af:4f:85:07:11:c1:c3:60:04:2f:6b:60:6f:a3:6f:d3:21:88:
5f:9d:a5:27:33:d0:93:b4:02:3d:64:f0:d3:cf:f7:aa:f0:0d:
b2:9a:6b:22:88:55:c5:8d:d8:52:b0:78:cc:f6:12:74:cc:20:
7e:b6:b3:fe:6b:4b:23:05:e5:9f:fa:b0:8f:fa:92:c7:c6:41:
5f:d4:bb:9c:6d:fc:d1:c0:5a:96:ac:eb:d7:b7:a2:58:90:84:
bf:ba:ce:7b:7f:14:37:ff:e9:ba:d3:d7:43:24:d5:d0:8c:38:
8c:c4:f3:67:a2:2e:ae:79:50:03:c5:cb:b2:5a:81:2c:3d:98:
46:ec:63:89:df:c1:93:36:06:74:9b:b0:32:15:f1:76:48:0b:
78:37:c2:d3:f6:f8:bc:c6:6a:4f:d9:9c:0b:e5:62:1d:ea:da:
23:3f:e0:fe:d6:55:96:82:d2:74:78:60:18:87:84:70:de:be:
c8:ea:25:36:a9:d1:a0:d9:d3:2c:2e:7e:b2:5d:e6:d5:ee:e3:
d9:3c:10:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASsjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTI1ODEyWhcNMjcxMjEyMTI1ODEyWjAYMRYw
FAYDVQQDEw02NzZmZjVlOC02MWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwAW84cRHhkigh8qGBqeeq8pWIzPIXY9pah35JcHZf2t3QxpAcowtzX+y
+g32wjOrukLXN0xMlOsKSbtaX4/rGDZ0JzMt9YZ08kPwmgX6jSc8lvJia8i1zJAW
8448Dt79tvO8SHkfSp06CTIFuHhv76Z8Ro2xERkC1XjoW3xvKAeKnNdidN95ZueW
3AR84LFBKMsNkG4I8mJnWNJOXfveNUym01pRLLcUPZEdHXdjL8Z9eobJihiRgBuu
C2zvNams5tzRfslw6jLUZZVN+z7emktL2Q0r1oGKc5X2IZ5uED07ezMLoSzBNtwM
sRWLbMkCZJzwOij19MOB3cnzmyQVUwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMB5
0z+xIPoQiz+sSTCBC+nG55i+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NzU0NUQxMEM1MUIxMUVGQjhDMkRCN0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmssNMA0GCSqGSIb3DQEB
CwUAA4IBAQCyANsClNwbObybOhsEp5DrGHvjd3MEmplPXBY06XCW7UHMMhhlw3Xv
U51dZBNrmNPrG3zZxoevT4UHEcHDYAQva2Bvo2/TIYhfnaUnM9CTtAI9ZPDTz/eq
8A2ymmsiiFXFjdhSsHjM9hJ0zCB+trP+a0sjBeWf+rCP+pLHxkFf1LucbfzRwFqW
rOvXt6JYkIS/us57fxQ3/+m609dDJNXQjDiMxPNnoi6ueVADxcuyWoEsPZhG7GOJ
38GTNgZ0m7AyFfF2SAt4N8LT9vi8xmpP2ZwL5WId6tojP+D+1lWWgtJ0eGAYh4Rw
3r7I6iU2qdGg2dMsLn6yXebV7uPZPBDn
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:44:37 2025 by rpki-client