Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D1AC2B8C38711EF95AE9F76762E951A.roa
File: 8D1AC2B8C38711EF95AE9F76762E951A.roa (raw, json)
Hash identifier: Jk9EOyCXnHccJzOwULtXa7rdH9P1Jyq2rod0CsvD8mk=
Subject key identifier: E4:9B:5F:D2:49:C9:FF:67:9D:8D:34:33:8F:6D:B8:0C:82:DB:10:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0127A2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D1AC2B8C38711EF95AE9F76762E951A.roa
Signing time: Thu 26 Dec 2024 12:47:23 +0000
ROA not before: Thu 26 Dec 2024 12:47:19 +0000
ROA not after: Sun 12 Dec 2027 12:47:19 +0000
asID: 17561
IP address blocks: 154.94.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75682 (0x127a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 12:47:19 2024 GMT
Not After : Dec 12 12:47:19 2027 GMT
Subject: CN=676d505b-1d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:cc:53:ad:e9:bf:ee:e0:b8:e2:f3:97:de:
ce:f5:e6:cc:7b:50:05:a8:6b:10:f4:af:61:b7:da:
6c:16:b1:e9:76:c0:82:46:ef:db:eb:bd:36:eb:84:
cb:71:87:db:e4:79:71:a9:dc:69:e9:87:d5:7e:61:
42:b9:d5:d3:02:47:96:33:70:a6:43:c2:e9:61:b8:
4e:d0:dd:91:70:fb:70:69:39:db:33:cf:eb:b0:ac:
a9:59:db:1e:cc:97:9a:19:2c:6f:3c:1c:96:f5:7b:
13:51:40:56:ed:52:fc:49:a2:63:81:bf:6c:1c:a6:
e4:e1:16:f8:26:9b:92:f1:ef:f6:fe:c2:fb:3a:37:
4a:f9:bd:8f:44:b3:44:4d:ac:00:65:52:03:87:6c:
d5:41:a8:1f:8d:b4:0d:f4:98:bb:6f:78:94:5c:3c:
97:a5:73:16:d9:f1:0d:7f:db:b8:ce:64:29:41:a3:
e8:e5:fc:e6:cc:2e:d8:fc:a7:24:ae:a1:54:6f:78:
ee:60:4c:4b:79:58:77:ad:85:3f:3a:2a:49:00:d1:
2e:ca:94:23:c7:0b:1f:6a:37:ef:68:54:1d:2d:22:
9e:7d:22:c3:9e:c6:10:9c:2b:45:85:c0:0c:51:9c:
c4:0c:95:58:23:c9:3c:6c:1e:51:1f:81:a9:fc:12:
ae:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9B:5F:D2:49:C9:FF:67:9D:8D:34:33:8F:6D:B8:0C:82:DB:10:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D1AC2B8C38711EF95AE9F76762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.245.0/24
Signature Algorithm: sha256WithRSAEncryption
66:31:4d:f1:e6:d1:7b:7b:96:f3:27:58:12:16:be:f0:bf:93:
df:c9:0b:45:b9:b3:42:af:f3:9d:29:39:91:15:8e:e7:a7:4f:
3c:a0:c9:df:14:6a:16:7c:25:5a:14:96:ac:c4:0f:cd:ad:b0:
e6:58:a1:8f:eb:29:4e:41:75:60:18:0c:9d:f7:8e:c9:96:fc:
7c:b3:75:b9:78:f5:3a:e1:77:52:81:f7:fd:f9:a2:68:b7:58:
3b:b3:9e:18:ef:0c:21:d1:08:d2:0f:e2:70:93:e3:77:ec:a8:
83:05:35:de:af:64:12:01:19:55:9a:ea:35:2f:71:f5:3e:f9:
67:75:b1:ca:f8:6e:74:6d:90:60:6c:d2:2c:99:4b:6f:a8:01:
bb:cf:07:f4:9a:d9:f3:b6:7d:e2:69:27:2b:5a:f1:57:15:07:
c0:73:b4:c4:93:ad:b3:c7:68:46:27:7a:37:91:63:92:c9:1b:
50:77:f7:ff:62:e1:29:8f:4a:10:14:38:f3:05:10:44:fc:41:
e0:fe:8c:39:30:ad:ec:03:50:29:01:fd:fe:1b:07:f7:00:e7:
69:29:ed:3d:51:e3:c1:ba:ff:01:23:8f:b4:0b:d1:91:2a:d2:
c5:c7:7b:d2:2d:cf:69:ca:18:4d:85:d9:89:c0:b0:cd:06:03:
a1:7f:89:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASeiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTI0NzE5WhcNMjcxMjEyMTI0NzE5WjAYMRYw
FAYDVQQDEw02NzZkNTA1Yi0xZDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApYXMU63pv+7guOLzl97O9ebMe1AFqGsQ9K9ht9psFrHpdsCCRu/b6702
64TLcYfb5Hlxqdxp6YfVfmFCudXTAkeWM3CmQ8LpYbhO0N2RcPtwaTnbM8/rsKyp
WdsezJeaGSxvPByW9XsTUUBW7VL8SaJjgb9sHKbk4Rb4JpuS8e/2/sL7OjdK+b2P
RLNETawAZVIDh2zVQagfjbQN9Ji7b3iUXDyXpXMW2fENf9u4zmQpQaPo5fzmzC7Y
/KckrqFUb3juYExLeVh3rYU/OipJANEuypQjxwsfajfvaFQdLSKefSLDnsYQnCtF
hcAMUZzEDJVYI8k8bB5RH4Gp/BKuJQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOSb
X9JJyf9nnY00M49tuAyC2xAzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RDFBQzJCOEMzODcxMUVGOTVBRTlGNzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml71MA0GCSqGSIb3DQEB
CwUAA4IBAQBmMU3x5tF7e5bzJ1gSFr7wv5PfyQtFubNCr/OdKTmRFY7np088oMnf
FGoWfCVaFJasxA/NrbDmWKGP6ylOQXVgGAyd947Jlvx8s3W5ePU64XdSgff9+aJo
t1g7s54Y7wwh0QjSD+Jwk+N37KiDBTXer2QSARlVmuo1L3H1PvlndbHK+G50bZBg
bNIsmUtvqAG7zwf0mtnztn3iaScrWvFXFQfAc7TEk62zx2hGJ3o3kWOSyRtQd/f/
YuEpj0oQFDjzBRBE/EHg/ow5MK3sA1ApAf3+Gwf3AOdpKe09UePBuv8BI4+0C9GR
KtLFx3vSLc9pyhhNhdmJwLDNBgOhf4kV
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:08:04 2025 by rpki-client