Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71021252C0CB11EFA36E3D85762E951A.roa
File: 71021252C0CB11EFA36E3D85762E951A.roa (raw, json)
Hash identifier: Kytl/Vm0GQEnLrSAB87cL0T+eiyAKJi0SDGOcQrQsyQ=
Subject key identifier: E9:4D:95:6B:92:40:52:B8:7A:3B:70:05:AE:23:9F:3A:CF:0F:B0:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011DFE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71021252C0CB11EFA36E3D85762E951A.roa
Signing time: Mon 23 Dec 2024 01:15:48 +0000
ROA not before: Mon 23 Dec 2024 01:15:44 +0000
ROA not after: Wed 10 Dec 2025 01:15:44 +0000
asID: 984
IP address blocks: 154.82.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73214 (0x11dfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 01:15:44 2024 GMT
Not After : Dec 10 01:15:44 2025 GMT
Subject: CN=6768b9c4-4761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:63:7e:0b:b5:50:9a:37:21:b0:1a:21:45:
47:85:74:43:4b:fb:d0:14:31:c7:ef:ef:b0:c7:3d:
f2:54:ba:c7:92:62:83:a0:5b:e9:86:11:38:91:a7:
4f:99:6e:38:40:3f:50:8f:9a:63:29:aa:f7:c0:96:
e2:51:2c:2b:11:3e:df:6e:f4:64:69:77:ad:9d:4a:
d2:24:5e:fe:2b:58:9b:41:34:d8:a2:06:19:d3:19:
4e:f5:81:6d:99:10:fd:39:7e:97:fa:75:3a:7c:e7:
1b:96:bd:eb:88:e3:57:dc:c9:3f:d2:44:33:93:67:
05:e9:c6:a1:1e:8d:f5:bd:a6:4c:07:d5:e9:bf:6c:
bf:7c:52:71:ab:74:3f:3b:25:34:67:0b:09:3c:96:
9a:fa:99:92:93:4b:30:1e:f5:81:37:5d:5d:f5:88:
95:5a:44:4c:2e:c2:13:6b:10:2a:00:2f:33:4d:ed:
4c:a1:0e:4f:59:3b:b0:1d:86:a8:8b:e5:5a:98:b6:
21:00:a0:d8:8e:3c:fd:74:23:56:85:41:d3:81:79:
0e:d5:21:c1:dd:e1:e5:e5:5e:d4:38:0e:19:48:be:
a7:01:8b:52:6f:a4:c0:bc:63:21:15:2c:fc:c1:e3:
c0:4b:44:d0:cd:9b:1c:7f:f4:e5:00:43:5c:d0:fd:
9a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:4D:95:6B:92:40:52:B8:7A:3B:70:05:AE:23:9F:3A:CF:0F:B0:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71021252C0CB11EFA36E3D85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.242.0/24
Signature Algorithm: sha256WithRSAEncryption
16:0b:aa:b9:f0:34:79:03:63:22:8b:da:41:4f:c5:48:fd:bc:
31:4a:3f:e0:2d:30:93:a7:c0:ec:b4:42:ad:82:82:7d:9d:9d:
b7:64:5b:ac:03:21:13:85:13:ec:35:57:e6:42:36:e0:2e:39:
d5:d3:25:db:26:5f:e6:3b:51:c8:aa:3b:ea:13:c0:45:63:ce:
ef:10:82:1a:b9:9a:64:98:37:2b:53:23:4c:40:23:b7:b9:6c:
a7:27:5e:b9:d3:bb:25:34:9d:78:73:aa:02:c3:59:10:ca:a0:
a0:49:39:cf:4b:5e:a5:a1:b2:3b:75:75:89:79:8f:3f:2b:cb:
43:2a:d2:e2:88:3d:67:f9:b8:d0:99:84:c0:b9:86:94:6d:a1:
70:bf:76:54:09:4a:73:a9:90:63:5e:e2:00:21:52:b0:85:2f:
77:6a:19:3e:73:80:20:a2:52:ae:84:3e:a7:94:c6:b6:f7:95:
d2:da:87:68:3a:cd:cd:cb:65:56:1a:13:e7:d8:49:7a:d7:b5:
61:11:6b:3b:54:b1:09:6d:3c:09:f3:f9:ad:ea:31:89:13:31:
05:44:6a:53:bb:98:64:8a:82:71:b4:c4:91:34:b9:1e:15:83:
6b:d3:bb:8f:80:59:02:30:7e:aa:e9:26:fd:cf:81:42:b7:9f:
9b:9c:df:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR3+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDExNTQ0WhcNMjUxMjEwMDExNTQ0WjAYMRYw
FAYDVQQDEw02NzY4YjljNC00NzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwkhjfgu1UJo3IbAaIUVHhXRDS/vQFDHH7++wxz3yVLrHkmKDoFvphhE4
kadPmW44QD9Qj5pjKar3wJbiUSwrET7fbvRkaXetnUrSJF7+K1ibQTTYogYZ0xlO
9YFtmRD9OX6X+nU6fOcblr3riONX3Mk/0kQzk2cF6cahHo31vaZMB9Xpv2y/fFJx
q3Q/OyU0ZwsJPJaa+pmSk0swHvWBN11d9YiVWkRMLsITaxAqAC8zTe1MoQ5PWTuw
HYaoi+VamLYhAKDYjjz9dCNWhUHTgXkO1SHB3eHl5V7UOA4ZSL6nAYtSb6TAvGMh
FSz8wePAS0TQzZscf/TlAENc0P2a+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOlN
lWuSQFK4ejtwBa4jnzrPD7BXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MTAyMTI1MkMwQ0IxMUVGQTM2RTNEODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLyMA0GCSqGSIb3DQEB
CwUAA4IBAQAWC6q58DR5A2Mii9pBT8VI/bwxSj/gLTCTp8DstEKtgoJ9nZ23ZFus
AyEThRPsNVfmQjbgLjnV0yXbJl/mO1HIqjvqE8BFY87vEIIauZpkmDcrUyNMQCO3
uWynJ16507slNJ14c6oCw1kQyqCgSTnPS16lobI7dXWJeY8/K8tDKtLiiD1n+bjQ
mYTAuYaUbaFwv3ZUCUpzqZBjXuIAIVKwhS93ahk+c4AgolKuhD6nlMa295XS2odo
Os3Ny2VWGhPn2El617VhEWs7VLEJbTwJ8/mt6jGJEzEFRGpTu5hkioJxtMSRNLke
FYNr07uPgFkCMH6q6Sb9z4FCt5+bnN9z
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:33:46 2025 by rpki-client