Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/726A84E2C91A11EFBCC38D63762E951A.roa
File: 726A84E2C91A11EFBCC38D63762E951A.roa (raw, json)
Hash identifier: lbI9Kg3HQ9sI+GRaj9L4Xd/XpzL48zumBhVlBFpEmJA=
Subject key identifier: 95:4A:6A:82:E6:2B:67:2C:9D:93:AE:27:65:EE:D6:EF:5D:05:46:13
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0132F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/726A84E2C91A11EFBCC38D63762E951A.roa
Signing time: Thu 02 Jan 2025 15:01:30 +0000
ROA not before: Thu 02 Jan 2025 15:01:26 +0000
ROA not after: Mon 13 Dec 2027 15:01:26 +0000
asID: 17561
IP address blocks: 154.222.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78581 (0x132f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 15:01:26 2025 GMT
Not After : Dec 13 15:01:26 2027 GMT
Subject: CN=6776aa4a-5c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:77:f7:59:46:82:af:e2:14:41:f5:4b:a0:6d:
01:4b:58:c1:16:a8:59:3e:38:72:e4:4b:4a:b3:b2:
45:9b:48:c2:b7:4c:54:53:e7:2d:e9:45:72:ba:bc:
4f:b7:e0:25:a2:43:73:fa:51:7e:a7:7e:9e:a5:28:
99:8e:83:91:95:d6:aa:93:d3:5c:b0:ba:e8:88:c6:
30:6b:9f:98:57:92:38:c7:13:a6:62:c5:a7:69:04:
12:a3:c5:fb:4d:3e:c1:c5:3f:0d:5f:cf:9b:76:aa:
b5:41:ff:71:aa:b7:b8:93:41:ba:53:bd:df:9e:22:
81:bf:00:5c:ab:7d:f2:d3:74:a4:f5:74:13:40:b3:
f1:69:18:6c:a2:f5:50:65:24:bf:d4:25:ab:13:6e:
62:6c:9b:31:1f:5c:5a:b5:c9:4f:87:7f:23:17:30:
92:a6:78:f6:34:76:70:e2:17:8d:54:8c:35:7a:16:
03:14:13:36:ca:a0:1e:da:85:f4:54:d4:28:0e:02:
0e:b0:d3:d0:6a:3f:21:76:99:61:0b:fa:c7:2c:d8:
5c:eb:ff:0c:cd:39:f2:f6:d4:d8:5e:79:83:c7:9e:
4c:20:08:18:3a:69:00:11:4f:c7:58:67:93:85:13:
48:c8:48:1a:8a:7a:e5:2f:47:32:fb:41:58:28:bf:
52:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4A:6A:82:E6:2B:67:2C:9D:93:AE:27:65:EE:D6:EF:5D:05:46:13
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/726A84E2C91A11EFBCC38D63762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.35.0/24
Signature Algorithm: sha256WithRSAEncryption
23:6b:ba:81:d3:e4:88:62:eb:fe:c0:43:19:7e:e4:e6:cf:42:
de:7b:6c:8d:8d:29:69:18:4c:38:c9:1d:f0:18:e8:6c:cd:03:
68:eb:83:04:ed:77:71:fe:12:a2:88:3a:08:91:49:55:71:c5:
0d:a3:04:e9:f6:3f:25:a5:83:8a:36:27:89:01:97:57:ec:39:
15:af:8e:29:13:ae:e8:00:b7:9f:8b:0c:f9:af:c9:17:d6:1e:
83:a8:9e:21:fb:fe:75:51:d0:45:86:76:e4:5b:63:15:6a:fa:
9a:f7:2d:6d:a8:ad:c3:3b:d7:0f:f9:de:17:cb:ef:c6:24:2c:
31:6c:6a:c9:c5:3b:2c:e9:8a:09:1f:0e:e4:15:7b:84:57:e4:
ea:a9:81:0b:86:7f:47:d9:c7:d4:79:da:61:ff:cf:7a:67:fc:
50:52:48:a9:90:63:c7:7c:23:d5:1d:07:99:77:6a:4b:f1:66:
af:c9:87:a8:72:74:f8:83:38:d4:71:7a:5d:38:0c:b3:25:ef:
64:bb:eb:64:b9:70:ca:47:50:e5:b3:a0:ae:8b:2d:91:da:e0:
9b:e6:91:7e:8d:66:bb:f0:0c:55:ee:e0:01:6a:c7:6a:da:b9:
5e:79:8f:52:e5:95:e1:60:d9:cf:4c:20:56:64:67:96:22:43:
58:af:d5:3b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATL1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTUwMTI2WhcNMjcxMjEzMTUwMTI2WjAYMRYw
FAYDVQQDEw02Nzc2YWE0YS01YzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvXf3WUaCr+IUQfVLoG0BS1jBFqhZPjhy5EtKs7JFm0jCt0xUU+ct6UVy
urxPt+AlokNz+lF+p36epSiZjoORldaqk9NcsLroiMYwa5+YV5I4xxOmYsWnaQQS
o8X7TT7BxT8NX8+bdqq1Qf9xqre4k0G6U73fniKBvwBcq33y03Sk9XQTQLPxaRhs
ovVQZSS/1CWrE25ibJsxH1xatclPh38jFzCSpnj2NHZw4heNVIw1ehYDFBM2yqAe
2oX0VNQoDgIOsNPQaj8hdplhC/rHLNhc6/8MzTny9tTYXnmDx55MIAgYOmkAEU/H
WGeThRNIyEgainrlL0cy+0FYKL9SIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJVK
aoLmK2csnZOuJ2Xu1u9dBUYTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MjZBODRFMkM5MUExMUVGQkNDMzhENjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4jMA0GCSqGSIb3DQEB
CwUAA4IBAQAja7qB0+SIYuv+wEMZfuTmz0Lee2yNjSlpGEw4yR3wGOhszQNo64ME
7Xdx/hKiiDoIkUlVccUNowTp9j8lpYOKNieJAZdX7DkVr44pE67oALefiwz5r8kX
1h6DqJ4h+/51UdBFhnbkW2MVavqa9y1tqK3DO9cP+d4Xy+/GJCwxbGrJxTss6YoJ
Hw7kFXuEV+TqqYELhn9H2cfUedph/896Z/xQUkipkGPHfCPVHQeZd2pL8WavyYeo
cnT4gzjUcXpdOAyzJe9ku+tkuXDKR1Dls6Cuiy2R2uCb5pF+jWa78AxV7uABasdq
2rleeY9S5ZXhYNnPTCBWZGeWIkNYr9U7
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:51 2025 by rpki-client