Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CC738CCC5EA11EFAC5E579F762E951A.roa
File: 8CC738CCC5EA11EFAC5E579F762E951A.roa (raw, json)
Hash identifier: nU+D3VlI4TlXKyhccrcDwv3wxx32OI2V4fu335CBq60=
Subject key identifier: 54:96:0A:6C:6A:FA:32:9E:5D:42:B6:DE:E3:80:4D:58:B2:36:58:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012DA0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CC738CCC5EA11EFAC5E579F762E951A.roa
Signing time: Sun 29 Dec 2024 13:41:05 +0000
ROA not before: Sun 29 Dec 2024 13:41:01 +0000
ROA not after: Fri 12 Dec 2025 13:41:01 +0000
asID: 984
IP address blocks: 154.210.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77216 (0x12da0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 13:41:01 2024 GMT
Not After : Dec 12 13:41:01 2025 GMT
Subject: CN=67715171-6535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:42:23:50:1f:ef:60:f7:d8:bb:13:4a:cc:78:
bd:97:28:43:f6:46:62:92:29:e5:63:cb:26:1a:8f:
b3:57:70:b1:6d:83:b3:88:83:5f:ee:1b:49:d1:59:
a8:8a:dd:b3:e4:f0:1b:3c:f8:bc:61:7e:7a:40:7c:
4f:3e:88:ae:a3:f5:f0:dc:f1:82:30:95:c2:44:87:
5c:26:8d:bd:f2:3d:74:86:e4:e5:86:e0:40:3c:75:
90:51:f1:e8:35:0c:02:cd:70:1d:2a:02:ad:7b:d7:
5e:84:5a:02:e4:68:d7:8c:7d:76:bf:5a:14:7c:3c:
4e:8c:a8:d0:ed:00:ca:ea:d8:9a:7d:8f:f5:6d:7f:
88:b6:2f:0c:94:29:3e:79:24:2f:93:a6:df:cb:2f:
18:b8:75:29:6f:a9:e0:d9:80:b8:e9:a5:aa:18:49:
b5:a1:ce:c3:cc:43:da:f1:c6:0b:a5:2c:94:34:4e:
8a:8d:a9:23:c8:d1:da:c4:2d:52:03:b2:a8:35:ba:
de:85:e2:f7:ac:38:53:71:89:49:a1:9a:63:c4:2d:
41:6a:45:d8:51:ab:fc:24:cc:7c:0e:0d:7a:16:02:
0c:60:d3:29:94:41:2e:c3:bb:c5:6e:2b:39:28:e4:
32:1d:19:22:0e:de:8c:d9:fc:9d:4c:bc:66:eb:63:
95:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:96:0A:6C:6A:FA:32:9E:5D:42:B6:DE:E3:80:4D:58:B2:36:58:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CC738CCC5EA11EFAC5E579F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.255.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b0:41:1d:79:6e:9c:2f:0b:c1:01:0d:ce:57:a4:80:67:89:
f1:8b:7a:6b:01:03:f5:be:c4:b4:6b:bb:f7:09:1e:04:1d:15:
cb:33:e1:35:9b:34:11:56:0a:e0:fa:d8:f8:e5:11:15:e0:df:
b7:7e:dd:9a:b4:eb:42:ff:9a:b9:70:4c:76:1d:5f:7e:5e:9a:
62:1f:9d:49:de:10:b4:1b:c9:f5:27:37:fa:de:d7:8d:a3:41:
44:48:60:84:6d:05:58:88:fe:3c:4e:6d:e7:20:05:89:1c:16:
ac:e4:00:86:e6:8c:0e:31:0f:fc:0a:c7:59:e6:4e:51:cd:31:
2f:32:d8:e8:cf:fd:8a:4b:c3:85:31:73:cf:18:cb:47:6b:9e:
63:5f:98:28:80:fa:6d:9d:35:71:4c:a1:76:24:ce:67:7c:32:
0e:ac:8c:ad:9d:69:8b:e1:6a:de:1f:36:97:45:cb:20:76:63:
70:85:2e:57:0a:9d:42:1e:11:86:9e:5c:3d:3b:05:7b:a9:bd:
4d:94:d5:7e:e1:1a:fe:8d:ba:6b:0e:08:3f:79:5f:3d:1f:21:
0c:b5:41:2f:10:87:1c:56:62:0c:2e:a7:91:22:07:ad:e9:b7:
c5:1d:a1:99:25:23:fa:54:e9:18:82:16:fb:48:5e:92:cb:e7:
b2:2f:e8:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS2gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTM0MTAxWhcNMjUxMjEyMTM0MTAxWjAYMRYw
FAYDVQQDEw02NzcxNTE3MS02NTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUIjUB/vYPfYuxNKzHi9lyhD9kZikinlY8smGo+zV3CxbYOziINf7htJ
0Vmoit2z5PAbPPi8YX56QHxPPoiuo/Xw3PGCMJXCRIdcJo298j10huTlhuBAPHWQ
UfHoNQwCzXAdKgKte9dehFoC5GjXjH12v1oUfDxOjKjQ7QDK6tiafY/1bX+Iti8M
lCk+eSQvk6bfyy8YuHUpb6ng2YC46aWqGEm1oc7DzEPa8cYLpSyUNE6KjakjyNHa
xC1SA7KoNbreheL3rDhTcYlJoZpjxC1BakXYUav8JMx8Dg16FgIMYNMplEEuw7vF
bis5KOQyHRkiDt6M2fydTLxm62OV3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFSW
Cmxq+jKeXUK23uOATViyNlgOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84Q0M3MzhDQ0M1RUExMUVGQUM1RTU3OUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtL/MA0GCSqGSIb3DQEB
CwUAA4IBAQAmsEEdeW6cLwvBAQ3OV6SAZ4nxi3prAQP1vsS0a7v3CR4EHRXLM+E1
mzQRVgrg+tj45REV4N+3ft2atOtC/5q5cEx2HV9+XppiH51J3hC0G8n1Jzf63teN
o0FESGCEbQVYiP48Tm3nIAWJHBas5ACG5owOMQ/8CsdZ5k5RzTEvMtjoz/2KS8OF
MXPPGMtHa55jX5gogPptnTVxTKF2JM5nfDIOrIytnWmL4WreHzaXRcsgdmNwhS5X
Cp1CHhGGnlw9OwV7qb1NlNV+4Rr+jbprDgg/eV89HyEMtUEvEIccVmIMLqeRIget
6bfFHaGZJSP6VOkYghb7SF6Sy+eyL+hY
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:37:42 2025 by rpki-client