Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73E98442C53E11EF93CB125B762E951A.roa
File: 73E98442C53E11EF93CB125B762E951A.roa (raw, json)
Hash identifier: 7X1WMAuRttpxnq2HePu87HdG/xy25Ip32MASYcZnZLg=
Subject key identifier: 2F:81:0C:B2:E3:3D:5B:5A:CC:FA:34:98:FD:DC:E5:5B:93:C4:3E:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012C65
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73E98442C53E11EF93CB125B762E951A.roa
Signing time: Sat 28 Dec 2024 17:09:10 +0000
ROA not before: Sat 28 Dec 2024 17:09:06 +0000
ROA not after: Sun 12 Dec 2027 17:09:06 +0000
asID: 17561
IP address blocks: 154.206.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76901 (0x12c65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 17:09:06 2024 GMT
Not After : Dec 12 17:09:06 2027 GMT
Subject: CN=677030b5-fa23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0a:fa:67:ed:e0:2a:18:0b:62:96:88:be:3f:
c8:b2:8b:99:08:df:c4:da:71:05:09:57:0a:9d:3c:
bf:7c:12:1f:3c:cc:db:a3:a4:62:42:1a:3b:3d:c7:
8c:1a:9f:7c:e4:c2:57:ce:df:01:05:b8:b2:85:dd:
7a:ca:e8:56:e4:9a:7f:b9:22:fb:06:d2:a6:63:ea:
30:e0:88:85:f6:28:43:22:3f:c2:79:ba:8d:89:56:
24:ac:d6:0f:5e:55:cc:81:4e:b5:39:30:ce:74:6f:
30:e6:04:3f:c5:e6:8c:a6:65:c4:c1:1f:85:eb:74:
11:c7:d0:4b:f9:fc:f3:ee:58:5e:7b:6b:9e:3d:70:
5e:15:a4:27:9a:06:ee:03:03:c0:57:6f:9f:31:ee:
46:de:57:ab:d4:d9:e3:00:d6:81:62:2c:85:b7:78:
49:93:b7:dc:9c:5a:bf:fa:5d:8d:72:1d:b1:02:e6:
2d:26:eb:7d:f7:fd:af:94:da:6d:74:0f:29:0c:5d:
3a:93:59:a9:d9:f5:92:73:cc:31:a1:64:42:78:ca:
cb:b1:8d:f0:63:c1:47:f1:4d:c8:26:26:1b:d5:7e:
40:76:49:91:20:c7:7e:35:f3:e6:2a:db:e7:89:e9:
7d:c5:55:45:78:cd:85:ee:89:ff:68:0c:74:50:95:
55:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:81:0C:B2:E3:3D:5B:5A:CC:FA:34:98:FD:DC:E5:5B:93:C4:3E:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73E98442C53E11EF93CB125B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.234.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:6e:49:03:9d:8a:21:5c:6d:3e:25:49:8e:80:b4:fc:3b:f6:
e5:98:bb:34:90:5f:9f:54:e6:f0:e5:50:38:76:ba:6f:8b:93:
e6:a8:91:b0:34:00:d9:a2:70:5c:e8:64:57:f0:fa:ac:26:52:
6c:cb:bd:8f:20:1a:e9:4e:00:b4:51:3b:51:2d:5f:42:c9:4d:
35:c9:e2:2b:c4:8a:8b:8a:f6:ed:2c:57:9c:a4:26:a4:fa:be:
8c:21:70:01:25:d9:94:de:50:a9:82:2a:ab:02:53:d9:bb:7f:
25:73:a6:7e:aa:19:48:93:45:88:5c:af:77:3c:27:e4:52:68:
ff:a4:8a:f8:af:11:30:b0:68:08:00:02:f4:9b:e8:d7:2d:28:
bd:dd:3b:1b:a3:d7:a4:b1:6c:a5:98:11:4d:a4:dd:fb:78:1a:
52:ce:27:59:7c:13:55:43:11:90:af:86:4a:d0:3f:21:fd:bd:
fb:44:b5:15:3c:f9:0b:e0:b2:9c:af:43:01:e7:54:4a:d4:34:
6f:df:75:76:90:00:20:95:87:ab:f3:e1:19:36:24:de:b7:4a:
7d:54:4e:24:15:10:9d:f7:c4:4e:31:9d:dc:fa:fc:db:5a:da:
44:28:93:50:a8:c8:e1:7e:b7:17:ac:6c:20:ee:ab:54:f6:68:
56:7f:fb:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASxlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTcwOTA2WhcNMjcxMjEyMTcwOTA2WjAYMRYw
FAYDVQQDEw02NzcwMzBiNS1mYTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1Qr6Z+3gKhgLYpaIvj/IsouZCN/E2nEFCVcKnTy/fBIfPMzbo6RiQho7
PceMGp985MJXzt8BBbiyhd16yuhW5Jp/uSL7BtKmY+ow4IiF9ihDIj/CebqNiVYk
rNYPXlXMgU61OTDOdG8w5gQ/xeaMpmXEwR+F63QRx9BL+fzz7lhee2uePXBeFaQn
mgbuAwPAV2+fMe5G3ler1NnjANaBYiyFt3hJk7fcnFq/+l2Nch2xAuYtJut99/2v
lNptdA8pDF06k1mp2fWSc8wxoWRCeMrLsY3wY8FH8U3IJiYb1X5AdkmRIMd+NfPm
Ktvniel9xVVFeM2F7on/aAx0UJVVqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC+B
DLLjPVtazPo0mP3c5VuTxD5cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83M0U5ODQ0MkM1M0UxMUVGOTNDQjEyNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7qMA0GCSqGSIb3DQEB
CwUAA4IBAQBKbkkDnYohXG0+JUmOgLT8O/blmLs0kF+fVObw5VA4drpvi5PmqJGw
NADZonBc6GRX8PqsJlJsy72PIBrpTgC0UTtRLV9CyU01yeIrxIqLivbtLFecpCak
+r6MIXABJdmU3lCpgiqrAlPZu38lc6Z+qhlIk0WIXK93PCfkUmj/pIr4rxEwsGgI
AAL0m+jXLSi93Tsbo9eksWylmBFNpN37eBpSzidZfBNVQxGQr4ZK0D8h/b37RLUV
PPkL4LKcr0MB51RK1DRv33V2kAAglYer8+EZNiTet0p9VE4kFRCd98ROMZ3c+vzb
WtpEKJNQqMjhfrcXrGwg7qtU9mhWf/uo
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:21:13 2025 by rpki-client