Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AEE1A80C51D11EFA351BB8B762E951A.roa
File: 7AEE1A80C51D11EFA351BB8B762E951A.roa (raw, json)
Hash identifier: fAqhHtZ6B5yC6Abdv1A9rpvZbyzReUzlDKIqu9umtk8=
Subject key identifier: 5B:E1:2C:89:E2:7A:FE:FB:EF:DE:34:28:AA:1E:43:50:6B:DC:A6:23
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012B37
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AEE1A80C51D11EFA351BB8B762E951A.roa
Signing time: Sat 28 Dec 2024 13:13:08 +0000
ROA not before: Sat 28 Dec 2024 13:13:04 +0000
ROA not after: Sun 12 Dec 2027 13:13:04 +0000
asID: 17561
IP address blocks: 154.203.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76599 (0x12b37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 13:13:04 2024 GMT
Not After : Dec 12 13:13:04 2027 GMT
Subject: CN=676ff964-1737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:60:e0:42:e5:73:99:e5:92:1f:bb:da:27:8e:
f1:ba:18:02:85:2f:78:46:4d:95:39:67:73:4c:c1:
f5:75:b1:62:a8:15:c7:ce:21:63:3e:b7:8b:8f:97:
f3:f7:f5:5b:32:bb:ab:c7:5c:4c:4d:f2:3a:e7:09:
e7:f2:5b:fc:fc:80:53:ee:5e:8d:4f:4a:4a:45:4e:
bf:42:48:a7:20:06:cf:7d:45:10:cb:9e:93:31:0a:
04:8f:4b:4c:f9:36:30:2a:f6:14:9e:53:1e:58:34:
98:2e:37:65:47:c4:9f:81:50:1f:9e:49:ad:12:14:
cf:cb:6c:da:49:e2:98:fa:f1:e8:f9:c4:74:63:d5:
6a:89:c7:2f:b8:e9:2e:91:93:4d:45:0a:79:d0:67:
b5:ce:03:1d:e9:78:d7:df:60:ab:c4:ec:95:b8:93:
6c:14:41:12:b2:c8:20:8f:5c:d3:28:59:cc:5b:94:
4a:4d:64:8f:5e:7d:35:44:93:bc:ff:39:7f:c2:47:
cb:7d:17:f8:4e:f5:bb:1a:52:b7:30:3a:96:c4:fa:
c1:69:18:8a:55:ef:15:58:8a:5f:18:48:31:04:26:
76:4f:ef:66:bf:46:49:fa:04:bb:0c:39:c2:6d:4a:
af:d3:fe:c0:44:90:5d:01:63:81:dc:32:12:eb:65:
41:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E1:2C:89:E2:7A:FE:FB:EF:DE:34:28:AA:1E:43:50:6B:DC:A6:23
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AEE1A80C51D11EFA351BB8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.39.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:e4:02:ff:b7:f9:82:71:ff:d4:5e:d7:aa:51:ea:89:cb:6f:
7c:97:58:1e:a0:2d:a8:05:4f:1f:03:a5:86:f6:05:cd:6e:e8:
ce:e9:2e:ae:d8:8b:32:1d:3f:a9:bb:13:f5:ce:a1:45:20:d8:
37:c5:4b:f6:d9:97:7a:ad:14:1d:10:3a:aa:aa:3b:42:42:c0:
93:d0:c1:3f:2f:c4:80:81:8e:43:bc:4a:26:04:0a:de:14:41:
4c:08:14:b3:20:90:bd:c9:83:c8:1f:1a:c3:e7:61:bd:d7:6f:
0b:bf:fd:1d:7e:df:24:96:87:4d:96:64:8e:cf:3b:8f:f2:ef:
b2:08:9c:d7:d1:d7:ab:25:7e:23:88:dd:d3:b0:19:33:0c:cb:
2c:87:ac:ac:67:ad:50:04:f5:84:8e:a1:a2:27:08:0d:59:e4:
56:68:95:c3:cd:51:9d:c7:49:cf:e6:dd:62:d8:d8:f6:9d:73:
79:4a:3e:6a:d3:9a:8d:4f:3c:5d:3b:c3:8e:7b:cd:11:01:fb:
26:28:9b:fb:0e:9a:1f:da:05:f9:1c:3c:9e:ca:b8:f4:04:04:
3e:29:f6:3a:72:c4:29:36:9b:19:64:63:99:17:3b:6e:81:9c:
ab:fe:4f:ae:71:60:7f:65:9e:57:5b:6b:38:7f:ba:af:15:8f:
88:67:a6:25
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASs3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTMxMzA0WhcNMjcxMjEyMTMxMzA0WjAYMRYw
FAYDVQQDEw02NzZmZjk2NC0xNzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApWDgQuVzmeWSH7vaJ47xuhgChS94Rk2VOWdzTMH1dbFiqBXHziFjPreL
j5fz9/VbMrurx1xMTfI65wnn8lv8/IBT7l6NT0pKRU6/QkinIAbPfUUQy56TMQoE
j0tM+TYwKvYUnlMeWDSYLjdlR8SfgVAfnkmtEhTPy2zaSeKY+vHo+cR0Y9Vqiccv
uOkukZNNRQp50Ge1zgMd6XjX32CrxOyVuJNsFEESssggj1zTKFnMW5RKTWSPXn01
RJO8/zl/wkfLfRf4TvW7GlK3MDqWxPrBaRiKVe8VWIpfGEgxBCZ2T+9mv0ZJ+gS7
DDnCbUqv0/7ARJBdAWOB3DIS62VBjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFvh
LIniev777940KKoeQ1Br3KYjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QUVFMUE4MEM1MUQxMUVGQTM1MUJCOEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmssnMA0GCSqGSIb3DQEB
CwUAA4IBAQCh5AL/t/mCcf/UXteqUeqJy298l1geoC2oBU8fA6WG9gXNbujO6S6u
2IsyHT+puxP1zqFFINg3xUv22Zd6rRQdEDqqqjtCQsCT0ME/L8SAgY5DvEomBAre
FEFMCBSzIJC9yYPIHxrD52G9128Lv/0dft8klodNlmSOzzuP8u+yCJzX0derJX4j
iN3TsBkzDMssh6ysZ61QBPWEjqGiJwgNWeRWaJXDzVGdx0nP5t1i2Nj2nXN5Sj5q
05qNTzxdO8OOe80RAfsmKJv7Dpof2gX5HDyeyrj0BAQ+KfY6csQpNpsZZGOZFztu
gZyr/k+ucWB/ZZ5XW2s4f7qvFY+IZ6Yl
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:42 2025 by rpki-client