Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/781C9106C5DB11EF91D7E341762E951A.roa
File: 781C9106C5DB11EF91D7E341762E951A.roa (raw, json)
Hash identifier: mOMDiAEmuEClYBCDZbp+U0nlhNXwknNFtehE2nVg5zI=
Subject key identifier: FE:4F:F7:62:11:C1:6A:C8:D2:FB:45:52:2D:67:8D:7B:55:DD:6E:12
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/781C9106C5DB11EF91D7E341762E951A.roa
Signing time: Sun 29 Dec 2024 11:53:08 +0000
ROA not before: Sun 29 Dec 2024 11:53:04 +0000
ROA not after: Fri 12 Dec 2025 11:53:04 +0000
asID: 984
IP address blocks: 154.210.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77084 (0x12d1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 11:53:04 2024 GMT
Not After : Dec 12 11:53:04 2025 GMT
Subject: CN=67713823-cc5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d6:74:75:35:46:30:fe:2b:5e:7d:6b:3c:0c:
af:d0:d9:70:25:ee:b8:0b:33:ff:83:61:89:2b:83:
a9:ba:b2:20:4c:31:f0:4a:70:3c:23:4b:8b:d5:03:
6d:bc:d3:37:98:ee:eb:f8:62:2e:0e:c0:56:5d:18:
22:ca:62:2a:ae:75:32:4d:a9:87:e4:00:b5:97:22:
11:2c:73:fe:d4:5e:ca:5e:e0:9d:1c:bd:67:b7:2c:
ff:c7:82:f7:d5:9e:c7:76:ca:13:59:93:47:2d:31:
17:1a:7b:46:55:c1:de:ff:c8:e9:32:5d:af:4a:9d:
09:43:ee:5f:d8:d7:f6:91:ac:01:3b:c0:e5:07:8c:
a8:de:60:da:7f:64:1d:7a:6f:c1:d9:4b:b4:18:14:
74:04:b1:b6:fe:6e:61:31:d1:55:87:d1:79:ae:fb:
f1:ee:67:d9:d5:b4:2e:07:bc:68:b8:e2:b8:5f:da:
d2:4b:90:d8:76:49:e1:22:b1:f8:44:15:ee:e6:0d:
d8:bc:7a:2e:05:02:4e:e7:7f:60:f9:bd:54:88:6f:
05:45:60:53:9b:ed:d4:60:52:5b:b0:ea:72:44:df:
6d:f9:3f:a6:08:da:50:f4:a6:d9:dc:ff:19:bb:83:
16:0d:d7:4a:fe:54:ad:9b:17:14:13:85:b6:aa:40:
d2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4F:F7:62:11:C1:6A:C8:D2:FB:45:52:2D:67:8D:7B:55:DD:6E:12
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/781C9106C5DB11EF91D7E341762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.76.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:9e:68:c9:34:1f:12:33:62:96:f3:00:64:2b:d0:4a:1d:ab:
43:8d:f2:e5:31:54:73:63:37:62:4a:84:f1:d9:98:03:e0:32:
95:ef:e2:8f:d7:12:77:a9:b0:09:76:8d:3c:2b:29:2f:b7:94:
f1:e0:c5:f2:da:3a:89:4e:25:cc:69:82:bf:e8:bf:f7:fa:a6:
29:72:eb:21:59:d0:39:8e:de:a2:c2:a8:c0:ea:c4:8d:0d:bb:
3a:b2:dc:81:0e:2d:f6:68:eb:4c:ca:33:61:f2:c0:0c:42:15:
08:26:86:f7:36:35:39:0e:8d:ca:0e:6b:9a:45:bb:b3:5e:81:
56:fd:95:06:72:5a:80:a0:a5:34:80:7b:eb:a2:45:52:23:f4:
a0:ad:6d:25:a8:76:61:e6:ac:bc:bf:65:34:b6:87:b3:2f:99:
54:1c:b3:95:4c:88:33:b0:bd:83:df:84:ff:28:02:16:c8:30:
10:75:e7:97:20:41:4c:9c:bd:33:c8:d1:0b:8c:33:98:a0:6a:
b3:29:ee:29:33:92:05:d2:85:bc:d5:44:23:05:5c:47:e6:71:
69:7a:fe:98:b5:e5:0d:17:5a:48:3f:62:52:b8:19:98:32:2f:
9b:d0:fd:62:51:4a:49:b1:78:48:f0:35:b7:c3:5d:21:8e:74:
ce:9c:e5:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS0cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTE1MzA0WhcNMjUxMjEyMTE1MzA0WjAYMRYw
FAYDVQQDEw02NzcxMzgyMy1jYzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwtZ0dTVGMP4rXn1rPAyv0NlwJe64CzP/g2GJK4OpurIgTDHwSnA8I0uL
1QNtvNM3mO7r+GIuDsBWXRgiymIqrnUyTamH5AC1lyIRLHP+1F7KXuCdHL1ntyz/
x4L31Z7HdsoTWZNHLTEXGntGVcHe/8jpMl2vSp0JQ+5f2Nf2kawBO8DlB4yo3mDa
f2Qdem/B2Uu0GBR0BLG2/m5hMdFVh9F5rvvx7mfZ1bQuB7xouOK4X9rSS5DYdknh
IrH4RBXu5g3YvHouBQJO539g+b1UiG8FRWBTm+3UYFJbsOpyRN9t+T+mCNpQ9KbZ
3P8Zu4MWDddK/lStmxcUE4W2qkDStQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP5P
92IRwWrI0vtFUi1njXtV3W4SMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83ODFDOTEwNkM1REIxMUVGOTFEN0UzNDE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJMMA0GCSqGSIb3DQEB
CwUAA4IBAQBfnmjJNB8SM2KW8wBkK9BKHatDjfLlMVRzYzdiSoTx2ZgD4DKV7+KP
1xJ3qbAJdo08Kykvt5Tx4MXy2jqJTiXMaYK/6L/3+qYpcushWdA5jt6iwqjA6sSN
Dbs6styBDi32aOtMyjNh8sAMQhUIJob3NjU5Do3KDmuaRbuzXoFW/ZUGclqAoKU0
gHvrokVSI/SgrW0lqHZh5qy8v2U0toezL5lUHLOVTIgzsL2D34T/KAIWyDAQdeeX
IEFMnL0zyNELjDOYoGqzKe4pM5IF0oW81UQjBVxH5nFpev6YteUNF1pIP2JSuBmY
Mi+b0P1iUUpJsXhI8DW3w10hjnTOnOWV
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:21:14 2025 by rpki-client