Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8880A000C52C11EF8C5DB46A762E951A.roa
File: 8880A000C52C11EF8C5DB46A762E951A.roa (raw, json)
Hash identifier: JRFiFubjxD+wd4YHpmmz2hJWy3hXkE09GuKiatYcdsQ=
Subject key identifier: 9D:A0:1B:D9:2E:94:E3:D4:8C:E4:BA:A3:15:F4:55:17:BC:77:7A:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012BC3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8880A000C52C11EF8C5DB46A762E951A.roa
Signing time: Sat 28 Dec 2024 15:00:53 +0000
ROA not before: Sat 28 Dec 2024 15:00:50 +0000
ROA not after: Sun 12 Dec 2027 15:00:50 +0000
asID: 17561
IP address blocks: 154.204.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76739 (0x12bc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 15:00:50 2024 GMT
Not After : Dec 12 15:00:50 2027 GMT
Subject: CN=677012a5-cbdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:25:81:15:99:0a:51:27:d4:a9:18:88:a3:11:
a1:52:e1:36:68:5c:80:97:5a:3e:3d:e7:55:3a:b9:
35:55:7f:d4:15:f9:f6:36:05:73:1d:14:20:68:09:
bd:c7:9a:ba:d7:48:5a:2b:6f:ad:79:26:64:f7:f0:
fa:70:db:e5:00:bb:11:f7:de:b7:53:e0:86:39:55:
ef:33:dd:c0:f0:12:33:4e:80:fb:5f:cb:47:4b:e2:
b6:7e:3d:7f:13:f0:7c:f6:ff:6a:56:9d:84:11:18:
93:1e:26:af:66:00:d4:44:8f:25:86:07:88:ce:37:
1b:77:fd:90:20:2c:61:7c:e6:69:76:9a:a5:9f:c2:
93:88:7c:af:30:1c:87:cc:6b:c7:5d:85:74:cf:db:
6c:20:18:37:70:7b:18:ee:3a:a1:fc:5f:37:b8:95:
cd:0f:26:90:46:30:b3:08:61:29:8c:38:41:ef:02:
14:6c:01:cd:78:9c:23:83:9c:fb:4b:be:bf:5b:81:
7c:fd:b2:64:11:51:b7:b4:60:b6:88:21:2f:db:df:
3e:a6:cf:6c:8c:01:4c:3d:7f:28:89:db:43:61:9b:
27:54:46:b1:2c:be:70:50:eb:22:b8:b0:f2:48:9b:
7f:27:bf:0f:73:c5:24:cd:c6:63:c3:8b:b7:29:a5:
76:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A0:1B:D9:2E:94:E3:D4:8C:E4:BA:A3:15:F4:55:17:BC:77:7A:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8880A000C52C11EF8C5DB46A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.74.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:8d:f6:92:6a:ff:c6:c5:2f:1e:f8:12:4f:f6:9b:f0:57:da:
43:e5:07:d4:0c:15:07:9b:6e:03:cb:73:4d:97:e3:64:65:d4:
3a:e3:40:7d:e2:6b:24:08:29:b8:c7:7d:26:4a:7c:4e:d6:9b:
fd:45:d6:50:1e:0b:f0:71:d2:e9:4b:52:f3:2c:7b:a3:2e:3f:
52:f2:15:57:4a:5d:2e:53:d7:4e:2e:15:f8:0e:60:c3:94:7d:
d1:d5:7b:cc:cf:6a:82:d0:1a:70:37:ff:46:f8:f0:d6:2e:39:
ee:a2:40:ee:21:cb:51:5e:2d:9c:65:ef:79:e2:b6:52:70:3f:
20:a9:42:aa:96:2e:aa:9a:b9:e7:4d:28:ac:d3:99:49:1f:ab:
6b:1b:11:f4:cf:42:26:b9:bd:b5:5a:68:e5:97:21:97:d5:4a:
3a:42:4f:40:53:ab:d4:36:39:55:f9:90:3c:13:f2:29:25:d2:
6c:50:e5:fe:5c:e4:be:2b:ac:18:18:5d:28:ea:39:fb:29:8d:
e4:a6:33:2b:ff:b1:2f:1e:f5:be:77:bd:83:4e:ff:e7:58:ba:
7a:e9:f2:44:3d:46:2c:1b:b4:fc:44:7a:fd:b2:2e:a2:d4:5f:
15:0a:f4:e3:37:6c:f8:bb:ba:36:d7:09:31:90:1c:f4:da:3a:
60:e7:47:11
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASvDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTUwMDUwWhcNMjcxMjEyMTUwMDUwWjAYMRYw
FAYDVQQDEw02NzcwMTJhNS1jYmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwSWBFZkKUSfUqRiIoxGhUuE2aFyAl1o+PedVOrk1VX/UFfn2NgVzHRQg
aAm9x5q610haK2+teSZk9/D6cNvlALsR9963U+CGOVXvM93A8BIzToD7X8tHS+K2
fj1/E/B89v9qVp2EERiTHiavZgDURI8lhgeIzjcbd/2QICxhfOZpdpqln8KTiHyv
MByHzGvHXYV0z9tsIBg3cHsY7jqh/F83uJXNDyaQRjCzCGEpjDhB7wIUbAHNeJwj
g5z7S76/W4F8/bJkEVG3tGC2iCEv298+ps9sjAFMPX8oidtDYZsnVEaxLL5wUOsi
uLDySJt/J78Pc8UkzcZjw4u3KaV2owIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ2g
G9kulOPUjOS6oxX0VRe8d3rXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODgwQTAwMEM1MkMxMUVGOEM1REI0NkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsxKMA0GCSqGSIb3DQEB
CwUAA4IBAQDJjfaSav/GxS8e+BJP9pvwV9pD5QfUDBUHm24Dy3NNl+NkZdQ640B9
4mskCCm4x30mSnxO1pv9RdZQHgvwcdLpS1LzLHujLj9S8hVXSl0uU9dOLhX4DmDD
lH3R1XvMz2qC0BpwN/9G+PDWLjnuokDuIctRXi2cZe954rZScD8gqUKqli6qmrnn
TSis05lJH6trGxH0z0Imub21WmjllyGX1Uo6Qk9AU6vUNjlV+ZA8E/IpJdJsUOX+
XOS+K6wYGF0o6jn7KY3kpjMr/7EvHvW+d72DTv/nWLp66fJEPUYsG7T8RHr9si6i
1F8VCvTjN2z4u7o21wkxkBz02jpg50cR
-----END CERTIFICATE-----
Generated at Fri Apr 11 00:17:45 2025 by rpki-client