Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7CC2ED50C27411EFA29FF6AB762E951A.roa
File: 7CC2ED50C27411EFA29FF6AB762E951A.roa (raw, json)
Hash identifier: tgNB8BLemppUp3Thfj403/1i5miASCOe7sIrmr9GHqE=
Subject key identifier: 69:3B:5B:7D:ED:12:F3:02:BB:B5:40:09:D0:1B:A0:BA:7E:A1:E3:58
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01248A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7CC2ED50C27411EFA29FF6AB762E951A.roa
Signing time: Wed 25 Dec 2024 03:58:24 +0000
ROA not before: Wed 25 Dec 2024 03:58:20 +0000
ROA not after: Wed 10 Dec 2025 03:58:20 +0000
asID: 984
IP address blocks: 154.211.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74890 (0x1248a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 03:58:20 2024 GMT
Not After : Dec 10 03:58:20 2025 GMT
Subject: CN=676b82e0-e4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:89:fc:a4:c9:61:9b:fb:cd:73:3d:d2:63:10:
26:fa:53:19:24:ce:99:b1:45:ea:ff:51:8c:59:11:
7b:8a:31:e5:6c:6d:79:72:bb:8a:21:dd:58:09:6d:
2c:26:89:83:5f:56:1e:d7:5c:a5:b1:25:a9:6f:9c:
4e:89:b6:50:be:c7:eb:36:d9:04:ce:f4:e3:3b:ea:
fe:88:e8:79:7d:cf:3c:e6:c5:c8:22:a7:64:eb:a1:
13:2f:db:c9:80:92:62:03:fb:1a:95:63:f3:4d:ff:
7e:53:cd:44:c8:1d:f7:79:2a:f1:e8:88:0e:e6:4d:
5c:c0:15:f1:71:c8:a1:7b:2d:e6:10:58:e5:ad:27:
56:02:a8:44:23:9d:53:5b:f1:27:d0:e9:bc:40:84:
96:a5:25:91:b1:33:00:1e:2b:d9:83:e2:17:50:6e:
4c:1b:3b:59:85:c5:22:2d:b7:0f:a9:37:82:bd:26:
79:3f:06:89:e5:65:61:ec:b1:bf:2a:3f:b0:5c:0b:
48:8d:fe:b0:61:6a:3b:5a:70:be:5c:0a:9f:ba:3a:
57:1b:b0:b8:f8:30:24:6d:df:06:69:01:2e:47:c8:
f8:24:f6:6e:6d:6f:e1:d9:ec:af:1f:b7:71:21:ce:
06:f8:18:fa:82:7d:d9:10:c0:ea:e5:3d:a1:b5:f5:
44:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3B:5B:7D:ED:12:F3:02:BB:B5:40:09:D0:1B:A0:BA:7E:A1:E3:58
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7CC2ED50C27411EFA29FF6AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.226.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:5c:35:81:a7:50:18:14:58:ac:f6:1c:32:6c:a4:13:d0:f9:
79:df:d9:e0:72:3d:ad:fc:ee:28:f6:db:eb:c1:85:70:1a:66:
c0:2a:be:0f:b7:4f:00:31:8d:a1:f2:f0:ed:44:77:2a:eb:54:
9f:34:35:b7:46:da:07:45:22:29:3e:61:57:13:da:11:73:39:
37:4a:e5:6d:c2:fc:a4:c5:ef:c1:7d:d4:4b:3a:b0:e2:7c:fa:
bd:36:3f:a9:e1:a3:0b:f8:7e:41:0e:76:a4:dc:f8:00:e0:55:
77:f0:01:65:36:dc:b8:68:07:16:45:14:28:41:b3:cf:07:e5:
6a:c8:f6:a0:9f:1b:ac:a4:1e:96:e0:39:d1:76:12:e7:00:e7:
b6:00:16:2c:28:9d:78:b7:d8:91:65:f8:b8:74:73:60:05:3a:
3c:0f:19:7f:35:6d:01:b7:b2:d7:94:77:00:b8:2e:5c:fe:86:
fd:44:a7:54:d7:db:38:8e:ab:12:c1:26:04:93:36:dd:22:0c:
7a:e4:06:97:b3:28:45:d5:89:0c:a7:45:f4:4b:b8:77:d8:85:
4f:46:03:81:a0:c2:f6:01:bd:f6:33:34:22:db:7e:34:64:ac:
02:ff:ee:ae:19:34:ab:17:fd:a5:6f:8b:b0:04:f5:55:03:40:
c8:89:a4:54
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASSKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDM1ODIwWhcNMjUxMjEwMDM1ODIwWjAYMRYw
FAYDVQQDEw02NzZiODJlMC1lNGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApYn8pMlhm/vNcz3SYxAm+lMZJM6ZsUXq/1GMWRF7ijHlbG15cruKId1Y
CW0sJomDX1Ye11ylsSWpb5xOibZQvsfrNtkEzvTjO+r+iOh5fc885sXIIqdk66ET
L9vJgJJiA/salWPzTf9+U81EyB33eSrx6IgO5k1cwBXxccihey3mEFjlrSdWAqhE
I51TW/En0Om8QISWpSWRsTMAHivZg+IXUG5MGztZhcUiLbcPqTeCvSZ5PwaJ5WVh
7LG/Kj+wXAtIjf6wYWo7WnC+XAqfujpXG7C4+DAkbd8GaQEuR8j4JPZubW/h2eyv
H7dxIc4G+Bj6gn3ZEMDq5T2htfVEfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGk7
W33tEvMCu7VACdAboLp+oeNYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83Q0MyRUQ1MEMyNzQxMUVGQTI5RkY2QUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtPiMA0GCSqGSIb3DQEB
CwUAA4IBAQBPXDWBp1AYFFis9hwybKQT0Pl539ngcj2t/O4o9tvrwYVwGmbAKr4P
t08AMY2h8vDtRHcq61SfNDW3RtoHRSIpPmFXE9oRczk3SuVtwvykxe/BfdRLOrDi
fPq9Nj+p4aML+H5BDnak3PgA4FV38AFlNty4aAcWRRQoQbPPB+VqyPagnxuspB6W
4DnRdhLnAOe2ABYsKJ14t9iRZfi4dHNgBTo8Dxl/NW0Bt7LXlHcAuC5c/ob9RKdU
19s4jqsSwSYEkzbdIgx65AaXsyhF1YkMp0X0S7h32IVPRgOBoML2Ab32MzQi2340
ZKwC/+6uGTSrF/2lb4uwBPVVA0DIiaRU
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:20:37 2025 by rpki-client