Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CCEFA54C40911EF8CDA8CBD762E951A.roa
File: 8CCEFA54C40911EF8CDA8CBD762E951A.roa (raw, json)
Hash identifier: cHrvaPxMmFxQWEwSK4iUTfpMmuq0gAMz7CpaFtr8/jA=
Subject key identifier: B8:F0:81:71:B5:EC:A3:93:19:C6:DF:4C:82:AC:EC:14:EC:89:33:50
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012905
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CCEFA54C40911EF8CDA8CBD762E951A.roa
Signing time: Fri 27 Dec 2024 04:17:57 +0000
ROA not before: Fri 27 Dec 2024 04:17:53 +0000
ROA not after: Sun 12 Dec 2027 04:17:53 +0000
asID: 17561
IP address blocks: 154.196.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76037 (0x12905)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 04:17:53 2024 GMT
Not After : Dec 12 04:17:53 2027 GMT
Subject: CN=676e2a75-38ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6e:27:b9:0d:5e:91:1b:d8:33:40:3f:e9:55:
eb:a0:02:80:fb:56:7a:a8:70:a1:16:5e:49:ae:a4:
11:e2:b2:25:60:07:59:a9:d0:f5:11:61:79:85:23:
6c:22:da:69:57:8a:23:75:e2:48:6f:9b:4d:65:f3:
61:f5:e8:a2:57:6d:6e:c7:cb:70:4b:e3:b8:fd:88:
3f:12:f4:e6:29:23:42:55:ab:fb:60:c1:fd:51:9d:
3b:3f:80:79:bc:5a:b1:74:8b:86:2a:bf:fb:47:6d:
51:74:19:81:e1:cc:27:3f:b7:f8:c1:4c:96:df:c8:
f0:3b:43:26:1a:e1:a0:3d:70:25:ff:a1:8f:d4:70:
e0:38:7e:f2:5b:2f:11:6d:76:2e:f5:61:5d:22:16:
c1:6e:63:b0:d8:57:6d:32:5b:78:b4:1e:3b:86:10:
74:69:1f:d1:14:23:96:68:f3:df:bf:47:78:e8:31:
e0:eb:c9:bc:f0:06:c2:f5:1d:2b:bf:a2:81:20:ed:
50:a7:f1:cc:59:44:12:4f:f4:d8:7d:76:3b:34:da:
76:33:50:b3:86:28:c0:4b:c1:05:29:a9:72:9d:d0:
a8:6d:a8:76:4a:ef:b9:98:ce:d0:7e:7b:e4:34:90:
57:5c:68:a0:c7:36:7c:79:b4:84:0f:21:58:98:3a:
93:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F0:81:71:B5:EC:A3:93:19:C6:DF:4C:82:AC:EC:14:EC:89:33:50
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CCEFA54C40911EF8CDA8CBD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.14.0/24
Signature Algorithm: sha256WithRSAEncryption
22:93:af:e6:97:6c:89:c6:09:3b:a1:4c:06:02:f0:86:98:2b:
c5:1b:db:5b:74:de:c5:26:9e:b2:10:05:26:1b:29:55:ae:a0:
d0:c9:7d:f7:f2:dd:61:63:5e:c7:ee:f5:67:56:8e:90:b5:49:
dc:18:46:e2:6c:b0:d8:e5:70:e0:62:c1:05:a6:de:b8:61:d9:
01:b0:98:af:6d:73:bf:db:3b:72:67:c4:1a:bf:29:53:eb:b8:
b7:56:60:e2:97:f5:03:a8:f2:c4:8f:50:c0:ce:40:e4:ae:4e:
bb:66:d6:5c:60:ed:90:36:65:23:66:ee:5e:aa:76:8c:ed:b7:
ad:b7:ea:c0:6e:2b:31:a8:83:5c:9c:77:5d:53:1b:d5:1d:dc:
b7:f3:5a:41:88:e3:d1:d1:7b:dc:ae:d2:f6:07:3d:ab:9e:27:
8f:c5:cc:f8:6f:db:c7:ce:84:9b:61:10:52:d1:57:15:46:ba:
cd:91:7b:9f:3f:67:80:37:a4:f5:a6:75:15:81:99:c9:bd:e0:
e1:cb:eb:27:a9:0f:22:60:29:e9:9c:1f:46:42:4d:13:b0:53:
c5:c6:e7:d7:16:7a:23:9f:57:80:3b:26:13:76:80:76:94:27:
3d:52:93:3c:92:65:43:87:c5:25:19:75:f7:02:f4:52:18:3b:
d4:81:d4:e4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASkFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDQxNzUzWhcNMjcxMjEyMDQxNzUzWjAYMRYw
FAYDVQQDEw02NzZlMmE3NS0zOGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzW4nuQ1ekRvYM0A/6VXroAKA+1Z6qHChFl5JrqQR4rIlYAdZqdD1EWF5
hSNsItppV4ojdeJIb5tNZfNh9eiiV21ux8twS+O4/Yg/EvTmKSNCVav7YMH9UZ07
P4B5vFqxdIuGKr/7R21RdBmB4cwnP7f4wUyW38jwO0MmGuGgPXAl/6GP1HDgOH7y
Wy8RbXYu9WFdIhbBbmOw2FdtMlt4tB47hhB0aR/RFCOWaPPfv0d46DHg68m88AbC
9R0rv6KBIO1Qp/HMWUQST/TYfXY7NNp2M1CzhijAS8EFKalyndCobah2Su+5mM7Q
fnvkNJBXXGigxzZ8ebSEDyFYmDqTlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLjw
gXG17KOTGcbfTIKs7BTsiTNQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84Q0NFRkE1NEM0MDkxMUVGOENEQThDQkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQOMA0GCSqGSIb3DQEB
CwUAA4IBAQAik6/ml2yJxgk7oUwGAvCGmCvFG9tbdN7FJp6yEAUmGylVrqDQyX33
8t1hY17H7vVnVo6QtUncGEbibLDY5XDgYsEFpt64YdkBsJivbXO/2ztyZ8QavylT
67i3VmDil/UDqPLEj1DAzkDkrk67ZtZcYO2QNmUjZu5eqnaM7bett+rAbisxqINc
nHddUxvVHdy381pBiOPR0XvcrtL2Bz2rniePxcz4b9vHzoSbYRBS0VcVRrrNkXuf
P2eAN6T1pnUVgZnJveDhy+snqQ8iYCnpnB9GQk0TsFPFxufXFnojn1eAOyYTdoB2
lCc9UpM8kmVDh8UlGXX3AvRSGDvUgdTk
-----END CERTIFICATE-----
Generated at Thu Apr 10 07:23:40 2025 by rpki-client