Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/872388E4C1DA11EFA990B645762E951A.roa
File: 872388E4C1DA11EFA990B645762E951A.roa (raw, json)
Hash identifier: HgFq2rwzHhFYyc7gvECkW3n8lQIGsTzOAG1OetmmGzM=
Subject key identifier: 7C:36:32:FB:E3:07:91:CE:DD:AA:76:6C:37:0F:59:48:87:A8:5E:22
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0122FB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/872388E4C1DA11EFA990B645762E951A.roa
Signing time: Tue 24 Dec 2024 09:36:19 +0000
ROA not before: Tue 24 Dec 2024 09:36:15 +0000
ROA not after: Wed 10 Dec 2025 09:36:15 +0000
asID: 984
IP address blocks: 154.194.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74491 (0x122fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 09:36:15 2024 GMT
Not After : Dec 10 09:36:15 2025 GMT
Subject: CN=676a8092-6cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:93:98:9a:67:4b:d2:03:87:d6:5c:5b:69:1e:
2d:97:ea:05:1f:a4:1f:73:34:89:c8:ad:ba:2b:ee:
fb:90:b8:f6:42:ea:dd:9b:51:68:dc:a9:91:3e:f0:
7a:59:37:b8:3d:ef:1f:9f:c5:56:c3:4a:7d:0c:16:
37:0f:65:66:ca:8b:21:b5:8c:3c:12:d3:0e:6d:f9:
97:8a:70:2f:51:80:cd:10:b7:12:2e:c3:07:64:a5:
8e:97:5c:b6:c0:06:c0:c4:f2:c2:79:42:c3:7f:1f:
60:1a:60:8e:3d:f5:e4:fe:ea:3c:a6:d3:64:c6:00:
54:13:74:3d:31:9c:c9:0d:e3:1c:a1:9d:b0:02:cd:
c3:f9:16:b8:a1:dc:60:b2:d0:60:0b:0b:79:c6:b9:
be:5a:22:e1:96:d5:de:60:ef:8e:ee:14:b6:e8:bb:
8b:15:67:f6:7c:20:bf:b9:62:56:17:a0:bb:52:a4:
d7:eb:21:85:41:56:af:0d:e3:f5:5b:b9:22:db:8c:
5e:02:b8:8c:74:d6:20:db:0c:43:e5:c4:10:6f:3f:
94:31:4d:36:5e:36:14:c8:0a:fe:0f:57:85:75:30:
02:01:d9:39:50:26:0c:81:5c:f7:db:12:13:7f:07:
d3:c3:bb:8e:09:a5:61:f4:66:e5:6f:5f:2b:5a:c8:
b1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:36:32:FB:E3:07:91:CE:DD:AA:76:6C:37:0F:59:48:87:A8:5E:22
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/872388E4C1DA11EFA990B645762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.242.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:33:5d:f0:47:de:ac:d5:36:52:01:aa:42:a4:e7:0d:d0:fc:
3e:85:c5:e8:8f:07:fd:71:d3:b8:eb:dc:71:be:36:a4:ce:71:
42:be:81:f1:e5:2c:11:6f:37:2a:d6:96:42:c9:f3:51:a3:62:
11:16:8c:50:05:f9:72:67:af:e7:8e:ef:5d:08:75:f9:e0:ea:
26:51:9d:20:7e:c4:fc:c5:e6:3a:a2:8c:6f:39:fb:64:ea:07:
90:2c:bb:1b:fc:78:f1:52:6b:30:de:0b:9d:5f:d8:73:13:ce:
98:35:78:03:2f:37:d7:69:59:f8:6e:86:15:99:59:6b:30:8a:
e7:83:ed:57:08:ad:24:a2:76:e5:49:30:96:f5:e7:9f:70:d6:
00:83:33:59:e7:58:70:5f:d7:96:e6:a4:9d:10:9a:e4:5a:4f:
f8:52:03:fc:47:89:a3:8b:db:4e:d1:b4:6d:82:a7:b5:e1:6d:
6c:61:fb:f3:ab:f2:d3:0f:45:1d:2c:84:c9:46:71:03:49:97:
7f:d3:8d:a0:47:33:76:80:90:26:ac:cf:a8:34:d4:58:04:5c:
29:0d:91:72:33:c3:53:68:79:e7:a0:16:8d:54:89:2d:1b:50:
e7:93:82:f5:7d:b4:eb:81:51:46:f1:d1:33:c6:fd:71:da:b2:
01:b4:00:d9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASL7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDkzNjE1WhcNMjUxMjEwMDkzNjE1WjAYMRYw
FAYDVQQDEw02NzZhODA5Mi02Y2VjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsJOYmmdL0gOH1lxbaR4tl+oFH6QfczSJyK26K+77kLj2Qurdm1Fo3KmR
PvB6WTe4Pe8fn8VWw0p9DBY3D2VmyoshtYw8EtMObfmXinAvUYDNELcSLsMHZKWO
l1y2wAbAxPLCeULDfx9gGmCOPfXk/uo8ptNkxgBUE3Q9MZzJDeMcoZ2wAs3D+Ra4
odxgstBgCwt5xrm+WiLhltXeYO+O7hS26LuLFWf2fCC/uWJWF6C7UqTX6yGFQVav
DeP1W7ki24xeAriMdNYg2wxD5cQQbz+UMU02XjYUyAr+D1eFdTACAdk5UCYMgVz3
2xITfwfTw7uOCaVh9Gblb18rWsixyQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHw2
MvvjB5HO3ap2bDcPWUiHqF4iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NzIzODhFNEMxREExMUVGQTk5MEI2NDU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsLyMA0GCSqGSIb3DQEB
CwUAA4IBAQDVM13wR96s1TZSAapCpOcN0Pw+hcXojwf9cdO469xxvjakznFCvoHx
5SwRbzcq1pZCyfNRo2IRFoxQBflyZ6/nju9dCHX54OomUZ0gfsT8xeY6ooxvOftk
6geQLLsb/HjxUmsw3gudX9hzE86YNXgDLzfXaVn4boYVmVlrMIrng+1XCK0konbl
STCW9eefcNYAgzNZ51hwX9eW5qSdEJrkWk/4UgP8R4mji9tO0bRtgqe14W1sYfvz
q/LTD0UdLITJRnEDSZd/042gRzN2gJAmrM+oNNRYBFwpDZFyM8NTaHnnoBaNVIkt
G1Dnk4L1fbTrgVFG8dEzxv1x2rIBtADZ
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:17:03 2025 by rpki-client