Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8272CCD0CDEF11EF8C47E6A3762E951A.roa
File: 8272CCD0CDEF11EF8C47E6A3762E951A.roa (raw, json)
Hash identifier: CLDebiD+GDDmwQ6xLAEZLX2MbYpCvaayPao8Y/Pc/Xk=
Subject key identifier: 21:86:C0:28:D0:52:B3:CE:10:56:76:8D:12:C2:EF:64:CE:BE:72:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01382B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8272CCD0CDEF11EF8C47E6A3762E951A.roa
Signing time: Wed 08 Jan 2025 18:36:44 +0000
ROA not before: Wed 08 Jan 2025 18:36:41 +0000
ROA not after: Mon 03 Jan 2028 18:36:41 +0000
asID: 17561
IP address blocks: 154.197.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79915 (0x1382b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 18:36:41 2025 GMT
Not After : Jan 3 18:36:41 2028 GMT
Subject: CN=677ec5bc-d25b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:eb:2e:28:53:51:19:f4:60:e1:20:20:cb:2d:
17:86:bc:9b:17:da:38:80:ab:df:64:9f:35:e6:09:
38:e3:d0:7a:d9:98:8b:0e:2f:c2:f2:da:dc:03:22:
c8:f1:78:5a:73:b5:eb:f7:2d:c1:d3:92:41:e0:f5:
dc:d1:3a:6d:5b:c0:74:ad:d9:05:8f:1a:4f:1f:64:
45:01:ff:78:23:1b:c3:61:a5:12:25:e1:6e:6c:2b:
9a:3e:06:47:be:fb:5b:b5:00:35:fe:a0:49:9c:dd:
98:0f:49:d7:51:cc:af:4b:fb:55:15:22:7c:3b:51:
eb:69:be:b9:ff:7e:6a:d2:01:10:a5:cb:ec:fa:38:
17:ec:1e:2c:6e:13:a3:e5:f0:6d:2c:cd:1f:7f:68:
63:8e:42:4e:46:a4:ca:97:d9:55:7d:b1:ae:05:cb:
58:08:63:4e:34:9d:06:ad:d2:18:ac:e7:1a:21:f3:
dc:bf:35:d5:17:7b:f5:5e:1b:86:9f:96:14:6f:ef:
0c:9e:8c:ae:36:cb:0d:d6:3d:6d:58:0e:b3:52:99:
f5:ab:ca:08:62:b8:15:3a:d0:35:60:3d:26:bd:a0:
b7:b9:41:18:40:ec:78:4c:fb:48:e2:d7:33:59:d5:
3f:07:2f:7c:92:c0:09:56:87:9f:e2:44:ba:75:46:
35:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:86:C0:28:D0:52:B3:CE:10:56:76:8D:12:C2:EF:64:CE:BE:72:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8272CCD0CDEF11EF8C47E6A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.60.0/24
Signature Algorithm: sha256WithRSAEncryption
31:60:6e:65:9c:6c:4e:7d:8e:4c:15:9e:9b:2c:a2:95:58:71:
ad:6b:0e:2e:91:26:44:9c:eb:b4:2f:cc:55:fc:20:34:dc:f9:
39:65:01:b1:c9:a1:0e:62:a8:12:8a:e6:65:17:69:3a:0b:f8:
ed:dd:3b:34:4f:10:b4:cb:97:25:95:51:51:b0:a7:9e:5a:d9:
ed:1c:0b:21:79:e8:0e:f7:f9:89:f6:89:a5:f3:a8:70:a2:05:
12:dd:c5:d5:b3:bd:8b:1a:71:e0:98:d2:80:a4:7b:58:5c:61:
80:6c:88:0a:85:a5:cf:17:32:f5:6c:a6:c1:3e:ea:db:22:bc:
d1:83:34:fd:bb:4c:08:69:d3:fa:ae:10:ed:fc:e4:2d:75:dc:
5e:c7:c9:44:b8:99:33:07:f9:ad:40:93:6d:3a:9e:c9:be:fa:
c3:a2:ee:a4:98:15:30:fe:8c:83:a2:3a:1d:d9:fd:c1:26:39:
1f:00:50:21:10:fa:23:cb:09:17:41:e8:8c:b7:79:95:c1:ae:
69:8b:48:cf:82:57:cc:1e:09:3c:32:34:1c:2b:b0:ea:32:25:
12:7d:16:98:ef:13:cf:f0:9a:cd:6c:d2:f6:1e:41:fe:e7:29:
fc:af:13:9a:97:da:de:84:c1:bd:9b:cf:d5:7e:bb:d4:26:1a:
0e:df:93:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATgrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTgzNjQxWhcNMjgwMTAzMTgzNjQxWjAYMRYw
FAYDVQQDEw02NzdlYzViYy1kMjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxOsuKFNRGfRg4SAgyy0XhrybF9o4gKvfZJ815gk449B62ZiLDi/C8trc
AyLI8Xhac7Xr9y3B05JB4PXc0TptW8B0rdkFjxpPH2RFAf94IxvDYaUSJeFubCua
PgZHvvtbtQA1/qBJnN2YD0nXUcyvS/tVFSJ8O1Hrab65/35q0gEQpcvs+jgX7B4s
bhOj5fBtLM0ff2hjjkJORqTKl9lVfbGuBctYCGNONJ0GrdIYrOcaIfPcvzXVF3v1
XhuGn5YUb+8MnoyuNssN1j1tWA6zUpn1q8oIYrgVOtA1YD0mvaC3uUEYQOx4TPtI
4tczWdU/By98ksAJVoef4kS6dUY1mwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCGG
wCjQUrPOEFZ2jRLC72TOvnK/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MjcyQ0NEMENERUYxMUVGOEM0N0U2QTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsU8MA0GCSqGSIb3DQEB
CwUAA4IBAQAxYG5lnGxOfY5MFZ6bLKKVWHGtaw4ukSZEnOu0L8xV/CA03Pk5ZQGx
yaEOYqgSiuZlF2k6C/jt3Ts0TxC0y5cllVFRsKeeWtntHAsheegO9/mJ9oml86hw
ogUS3cXVs72LGnHgmNKApHtYXGGAbIgKhaXPFzL1bKbBPurbIrzRgzT9u0wIadP6
rhDt/OQtddxex8lEuJkzB/mtQJNtOp7JvvrDou6kmBUw/oyDojod2f3BJjkfAFAh
EPojywkXQeiMt3mVwa5pi0jPglfMHgk8MjQcK7DqMiUSfRaY7xPP8JrNbNL2HkH+
5yn8rxOal9rehMG9m8/VfrvUJhoO35Nz
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:21:16 2025 by rpki-client