Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74F1C1AAC65211EF9E54BBB5762E951A.roa
File: 74F1C1AAC65211EF9E54BBB5762E951A.roa (raw, json)
Hash identifier: FeHstVeI04ULkgDw7MNWq5eLGDyNoV/Obnk/NVThBBA=
Subject key identifier: A3:9B:A1:1B:14:21:F1:BE:F4:C2:E8:82:22:BF:35:13:E1:2E:C0:12
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013052
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74F1C1AAC65211EF9E54BBB5762E951A.roa
Signing time: Mon 30 Dec 2024 02:04:52 +0000
ROA not before: Mon 30 Dec 2024 02:04:49 +0000
ROA not after: Fri 12 Dec 2025 02:04:49 +0000
asID: 984
IP address blocks: 154.218.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77906 (0x13052)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 30 02:04:49 2024 GMT
Not After : Dec 12 02:04:49 2025 GMT
Subject: CN=6771ffc4-17bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:46:01:70:b7:9a:f7:1a:2e:9a:1c:ed:17:24:
7c:12:16:a1:4f:f1:39:6b:71:c6:de:ba:9d:f5:fc:
63:72:14:8a:05:6d:4c:19:7b:14:b4:b9:33:53:b8:
8d:bb:f0:27:ce:59:f0:95:28:ef:6c:ed:5d:23:da:
22:ce:8c:d6:c6:be:35:dc:01:8a:51:94:59:47:10:
c4:96:78:98:b1:9f:8e:17:85:8d:b6:ee:0e:e0:c7:
cd:61:5f:26:11:7f:b2:38:8c:37:e2:98:76:a1:73:
83:48:81:d1:f5:53:f9:b3:57:91:c0:ec:71:6e:fe:
ae:5d:e1:8a:9f:b9:77:96:c6:ac:94:4d:55:b9:a3:
00:3f:c8:e2:1b:c6:59:ac:38:e7:23:8d:d3:c7:18:
30:4c:ef:30:52:75:1a:d0:1f:9a:6d:df:6d:ea:ee:
34:2b:9b:c0:ad:35:58:aa:5b:8e:a7:68:24:6f:31:
c3:69:5b:d1:35:00:fd:c4:c7:15:de:1e:8d:e0:f7:
df:6b:62:fe:25:67:c4:87:44:a2:95:c9:b8:9a:f2:
c8:fe:b4:58:bb:34:5d:d2:c7:74:81:12:14:8f:5f:
ef:f1:c5:7a:8c:a4:01:dc:d6:4c:f0:a4:71:9b:d4:
6f:f9:06:db:e7:74:ce:bb:8f:2c:44:a2:b3:47:c6:
f8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:9B:A1:1B:14:21:F1:BE:F4:C2:E8:82:22:BF:35:13:E1:2E:C0:12
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74F1C1AAC65211EF9E54BBB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.38.0/24
Signature Algorithm: sha256WithRSAEncryption
69:29:23:8d:fb:66:df:40:60:2f:9e:31:c5:30:03:72:77:aa:
e0:9b:96:32:fa:d4:44:2b:2b:1c:d9:df:31:64:8e:2d:4e:a4:
10:4a:64:06:d8:1e:af:36:d9:27:14:9e:4c:a1:a5:c9:84:da:
ce:da:31:cb:ef:e0:3c:40:bd:09:cd:3a:2c:9e:ef:7f:7e:b1:
97:41:f6:c4:e5:1a:12:33:ba:49:0d:74:ef:91:24:85:d2:13:
bc:69:d2:2d:47:64:49:9c:63:63:a8:c5:8c:53:5a:ba:04:93:
71:f2:d3:87:d7:25:50:48:25:59:aa:de:96:16:d5:6c:27:18:
54:ce:92:13:07:2b:c2:31:d0:88:ab:a6:22:9e:60:5f:2c:ed:
07:be:68:27:86:f1:b4:2b:b9:a1:9f:79:d4:9e:c0:ab:8a:90:
2c:1e:86:2f:2b:75:41:39:96:45:7c:57:16:ee:d6:11:4d:44:
43:ce:7a:24:f2:7c:f9:4c:23:00:90:84:3e:fe:6a:db:67:79:
f7:48:be:09:f9:31:50:29:78:17:85:5c:21:61:98:2e:62:3c:
f8:55:1b:90:4e:3a:ac:7d:24:5f:04:0e:32:22:f6:0e:0b:4e:
a2:cc:8d:ac:d1:ac:1d:96:63:a3:79:1b:27:93:19:73:0a:0a:
08:76:bb:c9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATBSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjMwMDIwNDQ5WhcNMjUxMjEyMDIwNDQ5WjAYMRYw
FAYDVQQDEw02NzcxZmZjNC0xN2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwkYBcLea9xoumhztFyR8EhahT/E5a3HG3rqd9fxjchSKBW1MGXsUtLkz
U7iNu/AnzlnwlSjvbO1dI9oizozWxr413AGKUZRZRxDElniYsZ+OF4WNtu4O4MfN
YV8mEX+yOIw34ph2oXODSIHR9VP5s1eRwOxxbv6uXeGKn7l3lsaslE1VuaMAP8ji
G8ZZrDjnI43TxxgwTO8wUnUa0B+abd9t6u40K5vArTVYqluOp2gkbzHDaVvRNQD9
xMcV3h6N4Pffa2L+JWfEh0Silcm4mvLI/rRYuzRd0sd0gRIUj1/v8cV6jKQB3NZM
8KRxm9Rv+Qbb53TOu48sRKKzR8b4dQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKOb
oRsUIfG+9MLogiK/NRPhLsASMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NEYxQzFBQUM2NTIxMUVGOUU1NEJCQjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtomMA0GCSqGSIb3DQEB
CwUAA4IBAQBpKSON+2bfQGAvnjHFMANyd6rgm5Yy+tREKysc2d8xZI4tTqQQSmQG
2B6vNtknFJ5MoaXJhNrO2jHL7+A8QL0JzTosnu9/frGXQfbE5RoSM7pJDXTvkSSF
0hO8adItR2RJnGNjqMWMU1q6BJNx8tOH1yVQSCVZqt6WFtVsJxhUzpITByvCMdCI
q6YinmBfLO0HvmgnhvG0K7mhn3nUnsCripAsHoYvK3VBOZZFfFcW7tYRTURDznok
8nz5TCMAkIQ+/mrbZ3n3SL4J+TFQKXgXhVwhYZguYjz4VRuQTjqsfSRfBA4yIvYO
C06izI2s0awdlmOjeRsnkxlzCgoIdrvJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:22 2025 by rpki-client