Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E20DFA0C27911EFB44ACD4B762E951A.roa
File: 6E20DFA0C27911EFB44ACD4B762E951A.roa (raw, json)
Hash identifier: K52xw87Tm50QpYl1xvejAS08xx1rlpVPNdXXXVyDE7Q=
Subject key identifier: 7B:C6:2D:D0:95:C9:FE:4D:4C:BF:09:95:DE:F0:76:9E:5E:26:1C:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0124C0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E20DFA0C27911EFB44ACD4B762E951A.roa
Signing time: Wed 25 Dec 2024 04:33:47 +0000
ROA not before: Wed 25 Dec 2024 04:33:43 +0000
ROA not after: Wed 10 Dec 2025 04:33:43 +0000
asID: 984
IP address blocks: 154.211.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74944 (0x124c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 04:33:43 2024 GMT
Not After : Dec 10 04:33:43 2025 GMT
Subject: CN=676b8b2b-be4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6a:1f:67:9a:e7:da:90:a9:6b:93:c3:1c:98:
9a:6f:eb:ef:c8:21:77:88:be:2b:f5:b1:75:d2:6a:
b2:f8:72:d4:49:a8:7b:1f:15:2a:a4:1b:c3:7c:c3:
7d:46:78:dd:59:4b:a9:81:49:10:b5:1a:fd:e9:ed:
2a:1e:b1:8c:84:75:61:c0:da:e8:c4:4b:b2:e0:ec:
73:fd:1e:97:72:e9:72:6d:32:38:51:23:51:e0:56:
42:15:98:3e:c5:f5:ae:69:eb:aa:09:70:05:66:2b:
fc:2b:d8:af:e2:ee:4b:10:a6:42:3d:92:36:bf:bc:
ee:bc:d9:30:3f:bb:ec:c3:2e:a6:e5:57:cc:3f:08:
0d:1c:cf:f1:be:a9:c7:1c:aa:e9:5b:ab:3c:b4:79:
ab:09:38:ea:03:56:54:85:5e:01:39:9d:10:df:98:
a0:4c:f9:25:f5:dd:96:6b:46:3f:1c:fa:4e:ba:15:
1c:29:2b:69:8b:7e:b4:c4:0b:5d:b5:ce:58:6f:59:
dc:73:f3:41:10:34:f8:95:e7:61:7c:11:2a:bc:b6:
5b:95:6e:9f:3b:8a:8b:e5:91:b1:35:21:9d:ff:b5:
21:5d:c9:03:1c:14:de:d9:5a:8d:9b:83:96:e2:2b:
19:e3:0c:ba:a3:b0:9b:a3:20:c3:83:38:eb:5f:2f:
34:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C6:2D:D0:95:C9:FE:4D:4C:BF:09:95:DE:F0:76:9E:5E:26:1C:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E20DFA0C27911EFB44ACD4B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.253.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:d0:13:bd:19:8f:65:9b:9b:8d:ed:aa:f9:59:fc:b1:b0:d9:
de:69:1f:41:b2:2d:13:a0:8c:d4:f6:f2:a4:c1:df:3a:bb:04:
1a:d6:d3:6c:ad:a0:dc:be:c0:8f:a9:ff:2e:1d:33:5d:e5:d3:
20:d2:3c:30:6f:95:d8:52:2e:41:80:5b:9d:1d:3d:a0:20:94:
7e:50:9e:33:53:fe:e8:4f:92:85:7d:8e:ab:0b:fb:1d:3d:e4:
0c:4b:ed:a0:e1:c4:73:cc:3d:b8:b8:73:27:b2:4e:cd:7f:06:
a7:17:bc:f3:08:f6:1f:91:0a:71:5c:68:1d:37:62:e0:ea:de:
2b:25:50:10:c0:94:7c:46:24:6c:19:94:18:62:1d:a0:f5:6d:
76:58:20:55:dd:ee:5b:68:92:9f:fa:b5:e8:62:ab:b4:c6:79:
0a:87:18:d0:70:98:00:a5:c6:4c:b9:e1:5f:17:30:35:94:30:
ce:e2:3a:31:0c:c4:6b:94:1f:28:1b:7d:6e:b5:6a:c3:df:76:
30:66:be:4d:fd:aa:69:cb:7c:67:49:6a:a7:c4:56:bc:e5:7b:
3d:d2:f4:82:4d:0f:6f:3b:08:ef:18:43:01:07:29:80:86:8d:
44:f0:63:47:df:47:0a:84:b8:0e:dc:d3:33:76:eb:79:70:86:
3b:0f:7d:db
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASTAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDQzMzQzWhcNMjUxMjEwMDQzMzQzWjAYMRYw
FAYDVQQDEw02NzZiOGIyYi1iZTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA42ofZ5rn2pCpa5PDHJiab+vvyCF3iL4r9bF10mqy+HLUSah7HxUqpBvD
fMN9RnjdWUupgUkQtRr96e0qHrGMhHVhwNroxEuy4Oxz/R6XculybTI4USNR4FZC
FZg+xfWuaeuqCXAFZiv8K9iv4u5LEKZCPZI2v7zuvNkwP7vswy6m5VfMPwgNHM/x
vqnHHKrpW6s8tHmrCTjqA1ZUhV4BOZ0Q35igTPkl9d2Wa0Y/HPpOuhUcKStpi360
xAtdtc5Yb1ncc/NBEDT4ledhfBEqvLZblW6fO4qL5ZGxNSGd/7UhXckDHBTe2VqN
m4OW4isZ4wy6o7CboyDDgzjrXy803QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHvG
LdCVyf5NTL8Jld7wdp5eJhxpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RTIwREZBMEMyNzkxMUVGQjQ0QUNENEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtP9MA0GCSqGSIb3DQEB
CwUAA4IBAQDV0BO9GY9lm5uN7ar5WfyxsNneaR9Bsi0ToIzU9vKkwd86uwQa1tNs
raDcvsCPqf8uHTNd5dMg0jwwb5XYUi5BgFudHT2gIJR+UJ4zU/7oT5KFfY6rC/sd
PeQMS+2g4cRzzD24uHMnsk7NfwanF7zzCPYfkQpxXGgdN2Lg6t4rJVAQwJR8RiRs
GZQYYh2g9W12WCBV3e5baJKf+rXoYqu0xnkKhxjQcJgApcZMueFfFzA1lDDO4jox
DMRrlB8oG31utWrD33YwZr5N/appy3xnSWqnxFa85Xs90vSCTQ9vOwjvGEMBBymA
ho1E8GNH30cKhLgO3NMzdut5cIY7D33b
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:25 2025 by rpki-client