Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7121C27EBE9011EFAA20228E762E951A.roa
File: 7121C27EBE9011EFAA20228E762E951A.roa (raw, json)
Hash identifier: 4qmYYiuUGqhnkkk9EOxOo0/OlIto1EtDMbP7MmEQabM=
Subject key identifier: 42:27:19:F6:E5:37:F1:2F:A1:B0:47:AF:92:4D:57:E2:4B:9F:50:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011C04
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7121C27EBE9011EFAA20228E762E951A.roa
Signing time: Fri 20 Dec 2024 05:08:25 +0000
ROA not before: Fri 20 Dec 2024 05:08:22 +0000
ROA not after: Wed 10 Dec 2025 05:08:22 +0000
asID: 984
IP address blocks: 154.82.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72708 (0x11c04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 20 05:08:22 2024 GMT
Not After : Dec 10 05:08:22 2025 GMT
Subject: CN=6764fbc9-0ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c4:df:1a:fd:fd:f1:17:27:9e:18:71:3f:5b:
0f:9f:8e:8f:39:fd:49:fe:76:dc:86:0d:5c:07:49:
82:ea:00:16:70:9b:64:dd:20:d9:30:94:d0:fc:88:
a0:31:43:da:62:43:e6:b6:80:88:ae:4a:ca:b9:7b:
43:29:6c:32:1d:32:e5:37:f4:a8:e9:b8:89:4b:7d:
8d:bd:04:41:73:b4:76:60:bc:40:78:0f:af:d6:af:
48:30:3d:db:ad:c7:f9:ba:73:df:16:95:8f:1d:7c:
26:c6:ad:60:57:31:30:6b:a7:48:a8:bc:9e:d8:e6:
9a:24:8e:f9:38:94:ce:cb:6a:ee:05:ad:24:87:45:
62:fc:c0:b3:b4:19:3a:38:c4:5a:5e:0c:40:3c:b5:
47:15:58:6b:67:5d:9b:67:8a:9c:ff:7b:b7:92:02:
bc:47:bb:f5:95:9a:cd:c8:2b:31:8d:36:da:a8:f7:
e3:bc:e0:f6:c8:be:20:2b:bd:3d:ae:5e:90:7d:0c:
67:eb:7c:d5:c6:bc:3b:89:a9:c4:3f:60:62:be:f1:
47:40:fc:de:7b:bc:03:57:12:a3:9f:14:85:8e:41:
16:a4:c7:83:9f:88:3d:bf:d4:8a:07:c5:91:10:80:
45:57:90:84:0f:fb:f5:5d:1a:d4:a8:22:bb:b4:aa:
b5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:27:19:F6:E5:37:F1:2F:A1:B0:47:AF:92:4D:57:E2:4B:9F:50:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7121C27EBE9011EFAA20228E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.175.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:8f:bf:7f:84:42:d7:b5:11:16:22:c0:0f:6f:ab:af:e2:62:
5b:e5:62:04:68:77:08:de:63:ad:5b:2e:3f:ff:38:f3:78:10:
52:02:b2:02:30:12:c1:f7:be:fe:ac:e9:db:8b:38:a8:1d:e5:
78:75:ff:10:56:b2:2f:cc:33:0b:ba:f7:9b:bb:ba:39:02:ea:
cb:5c:88:82:69:ae:cf:6c:f2:1f:7b:27:10:dd:7c:1f:51:df:
be:3f:bc:b1:8f:fd:a1:b6:c6:72:a1:d1:e8:77:03:08:cb:b0:
56:56:f1:79:a0:cb:5a:4d:d8:6b:77:13:b2:cb:c3:a0:5a:ef:
7a:15:fc:86:3c:44:3a:ee:4b:31:e0:8c:89:5c:f4:de:e4:a3:
90:64:54:a4:65:16:ab:9d:53:0b:5c:28:9c:67:e9:b0:cb:04:
6f:71:06:ef:bd:a7:18:2f:ab:96:f9:a4:02:36:5c:7d:53:dc:
00:c3:5b:b7:b3:71:73:48:ca:8f:42:44:46:30:e0:f6:f0:69:
11:c0:e7:af:34:0d:66:75:fe:5e:fc:d1:7a:50:3c:6f:d0:cf:
fa:b3:c4:37:07:38:65:d0:4d:f2:1d:9c:d0:ce:21:62:a4:1e:
98:26:54:f9:ef:3c:72:85:f2:52:5f:d2:47:ad:bf:3a:b2:f5:
e5:13:0a:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARwEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMDUwODIyWhcNMjUxMjEwMDUwODIyWjAYMRYw
FAYDVQQDEw02NzY0ZmJjOS0wZmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAssTfGv398RcnnhhxP1sPn46POf1J/nbchg1cB0mC6gAWcJtk3SDZMJTQ
/IigMUPaYkPmtoCIrkrKuXtDKWwyHTLlN/So6biJS32NvQRBc7R2YLxAeA+v1q9I
MD3brcf5unPfFpWPHXwmxq1gVzEwa6dIqLye2OaaJI75OJTOy2ruBa0kh0Vi/MCz
tBk6OMRaXgxAPLVHFVhrZ12bZ4qc/3u3kgK8R7v1lZrNyCsxjTbaqPfjvOD2yL4g
K709rl6QfQxn63zVxrw7ianEP2BivvFHQPzee7wDVxKjnxSFjkEWpMeDn4g9v9SK
B8WREIBFV5CED/v1XRrUqCK7tKq1UwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEIn
GfblN/EvobBHr5JNV+JLn1AbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MTIxQzI3RUJFOTAxMUVGQUEyMDIyOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlKvMA0GCSqGSIb3DQEB
CwUAA4IBAQC7j79/hELXtREWIsAPb6uv4mJb5WIEaHcI3mOtWy4//zjzeBBSArIC
MBLB977+rOnbizioHeV4df8QVrIvzDMLuvebu7o5AurLXIiCaa7PbPIfeycQ3Xwf
Ud++P7yxj/2htsZyodHodwMIy7BWVvF5oMtaTdhrdxOyy8OgWu96FfyGPEQ67ksx
4IyJXPTe5KOQZFSkZRarnVMLXCicZ+mwywRvcQbvvacYL6uW+aQCNlx9U9wAw1u3
s3FzSMqPQkRGMOD28GkRwOevNA1mdf5e/NF6UDxv0M/6s8Q3Bzhl0E3yHZzQziFi
pB6YJlT57zxyhfJSX9JHrb86svXlEwpM
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:59 2025 by rpki-client