Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BA486A2C42911EF9E1F1387762E951A.roa
File: 7BA486A2C42911EF9E1F1387762E951A.roa (raw, json)
Hash identifier: fLjMUOqjEGCARabDBS93M/+Fq3tPxSfo3mUrQ6aNsVY=
Subject key identifier: CB:10:BF:C3:26:2D:D3:16:83:A8:E7:D1:5C:94:11:30:D4:E4:3C:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012A0F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BA486A2C42911EF9E1F1387762E951A.roa
Signing time: Fri 27 Dec 2024 08:06:32 +0000
ROA not before: Fri 27 Dec 2024 08:06:28 +0000
ROA not after: Sun 12 Dec 2027 08:06:28 +0000
asID: 17561
IP address blocks: 154.202.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76303 (0x12a0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 08:06:28 2024 GMT
Not After : Dec 12 08:06:28 2027 GMT
Subject: CN=676e6008-96eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:16:7f:6a:48:dc:05:33:9d:0c:d9:fb:7c:af:
78:89:3d:68:ca:07:e3:7d:11:da:23:ca:8c:a3:17:
ac:c1:ba:11:e4:5c:7b:33:65:81:bb:1e:2a:a2:d4:
ac:04:05:16:bc:b3:42:89:c1:04:ba:86:7b:3e:bc:
f9:a0:19:76:bb:01:92:bb:a6:8a:85:7a:e7:45:fa:
65:29:f6:d0:fd:07:23:12:31:d0:05:70:07:f4:62:
25:52:a8:86:32:e4:d0:c3:7f:ee:be:7c:df:c1:8d:
a0:9f:e3:f1:db:98:9b:2c:63:4c:54:60:6a:a3:de:
d2:9c:57:8b:33:63:2a:56:44:d9:5d:66:38:17:11:
d3:84:02:0e:dc:00:55:6a:ff:12:57:40:3f:61:c8:
b6:11:60:1d:eb:4b:7d:20:02:4c:42:61:8b:f6:a9:
67:2d:6a:6f:cd:ca:65:b6:b6:3e:85:da:32:2d:13:
b6:a9:11:b4:a6:8c:2b:b1:49:26:8f:00:ef:45:74:
3e:36:5b:a7:cb:ea:eb:29:6b:46:c9:a5:ed:f6:38:
25:ee:f5:22:b4:5d:46:78:8d:c9:51:cf:92:5d:ab:
d6:5d:5d:c7:c2:53:2b:f4:aa:14:b1:b9:11:14:66:
67:4a:a7:fb:97:d8:75:7e:c2:fe:e9:8f:38:37:07:
35:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:10:BF:C3:26:2D:D3:16:83:A8:E7:D1:5C:94:11:30:D4:E4:3C:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BA486A2C42911EF9E1F1387762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.112.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:fa:1b:63:3e:fc:50:fd:66:4c:f3:00:21:40:21:ab:1e:3c:
ae:ae:94:be:cc:ae:e4:20:4b:35:c6:60:52:3c:ba:4e:c7:10:
63:e7:a7:83:19:d8:60:46:4b:6a:6f:ff:30:eb:d5:b2:d9:83:
2a:d2:c9:3d:75:d4:c9:4a:7a:70:92:7f:84:1f:4c:f0:d2:ae:
5f:85:7a:57:60:32:a0:48:81:df:8e:55:87:49:81:37:63:d4:
fa:08:65:b8:93:41:60:19:41:46:fa:1c:ad:36:d7:b9:25:4f:
aa:06:27:cd:eb:e0:de:b8:09:3e:2c:98:36:22:05:e9:38:d5:
0d:31:ed:b3:c8:8e:c5:45:05:d3:d6:26:47:32:dc:65:5c:2e:
ee:5c:6f:1d:13:c0:54:4f:04:8e:b4:29:10:6f:0b:14:51:d2:
35:c6:14:40:56:a5:20:e6:ba:ba:9d:a5:8a:80:44:75:f5:3a:
41:63:0f:72:b8:23:b8:a4:62:07:f3:97:d4:a5:d3:e9:3b:21:
1b:6b:0a:70:8f:4d:7e:e5:13:4f:74:4b:23:76:c9:84:c2:88:
11:66:f7:32:5e:e4:63:4b:1d:73:b8:8d:fd:b8:60:ee:9f:4b:
68:6e:8d:15:04:dc:ff:3b:14:a5:6f:35:2c:14:62:be:7a:95:
fa:a0:c3:f9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASoPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDgwNjI4WhcNMjcxMjEyMDgwNjI4WjAYMRYw
FAYDVQQDEw02NzZlNjAwOC05NmViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxhZ/akjcBTOdDNn7fK94iT1oygfjfRHaI8qMoxeswboR5Fx7M2WBux4q
otSsBAUWvLNCicEEuoZ7Prz5oBl2uwGSu6aKhXrnRfplKfbQ/QcjEjHQBXAH9GIl
UqiGMuTQw3/uvnzfwY2gn+Px25ibLGNMVGBqo97SnFeLM2MqVkTZXWY4FxHThAIO
3ABVav8SV0A/Yci2EWAd60t9IAJMQmGL9qlnLWpvzcpltrY+hdoyLRO2qRG0powr
sUkmjwDvRXQ+Nluny+rrKWtGyaXt9jgl7vUitF1GeI3JUc+SXavWXV3HwlMr9KoU
sbkRFGZnSqf7l9h1fsL+6Y84Nwc1UQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMsQ
v8MmLdMWg6jn0VyUETDU5DxrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QkE0ODZBMkM0MjkxMUVGOUUxRjEzODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmspwMA0GCSqGSIb3DQEB
CwUAA4IBAQB/+htjPvxQ/WZM8wAhQCGrHjyurpS+zK7kIEs1xmBSPLpOxxBj56eD
GdhgRktqb/8w69Wy2YMq0sk9ddTJSnpwkn+EH0zw0q5fhXpXYDKgSIHfjlWHSYE3
Y9T6CGW4k0FgGUFG+hytNte5JU+qBifN6+DeuAk+LJg2IgXpONUNMe2zyI7FRQXT
1iZHMtxlXC7uXG8dE8BUTwSOtCkQbwsUUdI1xhRAVqUg5rq6naWKgER19TpBYw9y
uCO4pGIH85fUpdPpOyEbawpwj01+5RNPdEsjdsmEwogRZvcyXuRjSx1zuI39uGDu
n0tobo0VBNz/OxSlbzUsFGK+epX6oMP5
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:20:50 2025 by rpki-client