Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/681E71C8BE9411EF876AFFA5762E951A.roa
File: 681E71C8BE9411EF876AFFA5762E951A.roa (raw, json)
Hash identifier: 2cAo31iENkH3D7EAtx1znJ3BubcOkZ/3ROAqaWKG0V4=
Subject key identifier: FA:0B:21:F4:32:AB:61:CF:CA:F1:CE:AF:3E:31:97:A3:91:18:BB:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011C3A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/681E71C8BE9411EF876AFFA5762E951A.roa
Signing time: Fri 20 Dec 2024 05:36:48 +0000
ROA not before: Fri 20 Dec 2024 05:36:45 +0000
ROA not after: Wed 10 Dec 2025 05:36:45 +0000
asID: 984
IP address blocks: 154.82.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72762 (0x11c3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 20 05:36:45 2024 GMT
Not After : Dec 10 05:36:45 2025 GMT
Subject: CN=67650270-e8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4b:73:67:d7:91:e1:31:0a:b4:61:cd:f1:fe:
69:b8:88:5a:f7:4f:b1:1d:0f:30:5d:61:b4:6d:da:
b9:82:06:52:eb:49:33:47:0f:f0:63:19:51:24:9e:
f2:e8:f2:fe:17:ee:29:b7:d0:ae:65:c5:49:8f:69:
86:06:41:20:2f:c0:36:bd:13:6a:b4:e8:85:b1:e1:
53:4c:ea:07:62:f6:a5:ac:9c:32:fa:d5:10:a7:b5:
e4:6d:99:2f:5b:f3:89:67:80:a0:51:ca:fe:d2:dc:
b7:68:3c:7b:70:15:c8:8d:eb:f2:3f:bb:6d:1e:50:
59:69:b9:1f:b4:8f:f4:3e:63:e2:23:c5:e2:00:d9:
29:6b:2b:fb:73:eb:8c:db:6e:35:38:6d:22:a9:65:
bb:62:2a:d8:4c:08:5a:1c:ca:28:b9:06:ef:61:58:
45:df:36:eb:db:77:f7:c4:a0:b0:cd:aa:a3:09:ab:
b6:24:18:0a:42:2f:f0:f8:24:2d:9f:54:bb:e1:bd:
fa:d0:0c:6b:95:3d:54:43:41:e0:92:40:3c:6e:e3:
b3:4d:e8:8d:c0:62:30:b9:f2:ce:df:09:74:4a:36:
c6:bb:a5:44:0f:11:f8:bd:8e:fb:f8:ec:e5:ca:57:
fc:86:f3:21:bb:ef:ab:12:76:8d:c4:75:ea:6a:60:
99:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0B:21:F4:32:AB:61:CF:CA:F1:CE:AF:3E:31:97:A3:91:18:BB:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/681E71C8BE9411EF876AFFA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.207.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:88:5a:f2:f8:7b:92:51:4b:77:09:06:8c:88:ba:10:b1:a8:
89:93:9a:82:7c:41:c9:bd:54:be:f7:db:f2:0b:85:44:85:af:
87:88:c9:9e:a8:f1:e8:b7:b2:c0:4c:b1:13:33:87:06:26:ca:
5b:75:77:f1:5c:bc:e6:ea:57:0f:ec:7f:1f:d2:7c:cd:d5:bb:
21:dd:3d:f3:10:e7:01:dc:71:4b:b9:db:42:03:aa:62:07:4a:
b8:06:d0:21:f9:7b:8f:d8:c9:4a:dd:e2:7c:20:ad:3f:1f:03:
eb:75:20:17:9e:c6:87:17:78:2d:fd:da:03:52:15:f4:3b:54:
e2:15:0a:37:10:f0:1e:9f:b8:4e:98:ab:3e:fe:f8:ce:04:04:
80:31:f2:a0:f6:f8:89:45:d6:42:93:e9:19:bf:08:93:43:dc:
36:1c:20:49:b4:51:79:e5:12:e0:d3:0e:04:e7:f4:64:34:51:
2d:9c:00:32:a0:ab:9b:48:e3:0b:e3:81:de:e9:ea:3a:b3:88:
9f:ff:c9:21:b3:f8:aa:ef:e2:5c:5a:44:2b:eb:5d:ce:4d:59:
40:68:b1:d4:66:c4:20:78:35:ed:e4:df:24:d2:7f:0e:fc:40:
6e:7f:ab:ed:44:be:54:2c:4a:ce:15:38:7c:70:fb:f4:92:fa:
05:59:f1:35
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARw6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMDUzNjQ1WhcNMjUxMjEwMDUzNjQ1WjAYMRYw
FAYDVQQDEw02NzY1MDI3MC1lOGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoktzZ9eR4TEKtGHN8f5puIha90+xHQ8wXWG0bdq5ggZS60kzRw/wYxlR
JJ7y6PL+F+4pt9CuZcVJj2mGBkEgL8A2vRNqtOiFseFTTOoHYvalrJwy+tUQp7Xk
bZkvW/OJZ4CgUcr+0ty3aDx7cBXIjevyP7ttHlBZabkftI/0PmPiI8XiANkpayv7
c+uM2241OG0iqWW7YirYTAhaHMoouQbvYVhF3zbr23f3xKCwzaqjCau2JBgKQi/w
+CQtn1S74b360AxrlT1UQ0HgkkA8buOzTeiNwGIwufLO3wl0SjbGu6VEDxH4vY77
+Ozlylf8hvMhu++rEnaNxHXqamCZRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPoL
IfQyq2HPyvHOrz4xl6ORGLuPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODFFNzFDOEJFOTQxMUVGODc2QUZGQTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLPMA0GCSqGSIb3DQEB
CwUAA4IBAQDEiFry+HuSUUt3CQaMiLoQsaiJk5qCfEHJvVS+99vyC4VEha+HiMme
qPHot7LATLETM4cGJspbdXfxXLzm6lcP7H8f0nzN1bsh3T3zEOcB3HFLudtCA6pi
B0q4BtAh+XuP2MlK3eJ8IK0/HwPrdSAXnsaHF3gt/doDUhX0O1TiFQo3EPAen7hO
mKs+/vjOBASAMfKg9viJRdZCk+kZvwiTQ9w2HCBJtFF55RLg0w4E5/RkNFEtnAAy
oKubSOML44He6eo6s4if/8khs/iq7+JcWkQr613OTVlAaLHUZsQgeDXt5N8k0n8O
/EBuf6vtRL5ULErOFTh8cPv0kvoFWfE1
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:05 2025 by rpki-client