Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9107DA08D57211EFA24F7EA5762E951A.roa
File: 9107DA08D57211EFA24F7EA5762E951A.roa (raw, json)
Hash identifier: 6p5qdq7ukhudSqMD88mjTHgI8JpWWHXnLnc2GsvG2to=
Subject key identifier: 75:C5:03:06:09:88:0E:30:3C:73:3D:23:F9:0D:EF:25:DF:2D:98:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013DB6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9107DA08D57211EFA24F7EA5762E951A.roa
Signing time: Sat 18 Jan 2025 08:02:31 +0000
ROA not before: Sat 18 Jan 2025 08:02:27 +0000
ROA not after: Sat 22 Feb 2025 08:02:27 +0000
asID: 400619
IP address blocks: 154.217.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 11:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81334 (0x13db6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 18 08:02:27 2025 GMT
Not After : Feb 22 08:02:27 2025 GMT
Subject: CN=678b6017-6ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ab:a4:47:25:00:3e:df:89:cb:d8:4d:b0:82:
18:14:c0:64:de:6b:aa:85:8c:24:b8:54:d2:dc:f5:
89:01:4d:26:a9:33:9b:14:5d:f5:40:73:51:e9:cb:
ea:27:40:02:38:31:ff:6e:08:9c:91:24:be:a9:30:
48:ce:8e:a3:f3:ef:00:72:32:24:5f:87:d6:ed:4a:
00:59:5e:f7:fb:10:da:b1:04:53:75:58:cf:a2:0d:
8d:ba:24:48:df:8c:c3:79:b5:eb:d5:5b:bc:ee:05:
21:80:8c:66:56:71:42:5c:19:19:70:e0:b4:3e:1e:
df:c5:4c:bc:37:0c:94:ce:40:30:c5:16:5d:33:08:
81:74:77:33:5b:39:7a:c9:db:cd:d7:66:6f:5b:65:
89:c1:82:1f:4e:8b:74:50:ed:cf:d7:ed:84:06:bc:
e2:b5:33:43:c2:8d:d4:c5:c4:47:8b:8c:f2:67:3c:
db:ff:12:62:01:f3:d5:fc:7f:b6:ea:67:32:ad:08:
83:2b:92:ca:05:71:dc:69:83:3f:6f:63:7b:9e:34:
e6:72:33:73:bf:89:1c:88:06:8a:4b:d4:97:43:af:
eb:4c:f0:1c:d5:ed:b9:3d:d5:21:7f:54:6a:b2:4c:
66:33:f5:4c:56:2d:cc:9e:35:00:0a:88:93:7e:af:
01:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C5:03:06:09:88:0E:30:3C:73:3D:23:F9:0D:EF:25:DF:2D:98:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9107DA08D57211EFA24F7EA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.234.0/23
Signature Algorithm: sha256WithRSAEncryption
31:d8:b8:46:c6:4a:72:3a:e4:bc:77:02:1a:87:ae:74:ed:a2:
87:83:fa:1e:ec:b4:d2:2a:4a:9c:46:9b:94:c7:a4:96:f1:ee:
c7:9b:e6:0b:d5:94:c8:dd:cc:67:44:24:ac:62:0f:12:33:f7:
fb:27:db:a5:9d:a4:b9:59:45:b8:7f:47:21:ac:f8:71:1e:48:
25:1a:d1:01:15:ed:b3:91:39:b0:08:0e:42:c6:b7:b3:24:72:
6f:55:de:f8:6d:84:9e:eb:87:29:69:6e:f2:cc:cf:34:8a:42:
6d:39:b4:b4:bc:b0:0f:b1:6b:9e:bf:b0:bd:bb:2c:16:92:ae:
39:3c:c4:38:fd:29:0f:2e:ec:dc:96:90:64:ca:14:36:9b:7f:
4e:36:13:18:f1:70:ee:cd:cb:4d:de:77:46:c3:e9:33:90:d0:
67:f8:03:1f:ad:d3:a6:fd:cf:c4:79:1f:97:9e:11:e1:59:7d:
8d:29:0c:f8:a3:a9:33:99:23:52:ee:db:f9:d4:1b:d6:fc:f6:
e4:3a:21:9c:ba:36:ad:48:35:7a:06:b8:cd:2b:38:a7:74:1b:
5f:46:76:d1:5a:62:6e:f4:c2:da:e0:31:a4:de:b6:bd:28:fa:
e0:06:bf:bd:d6:5b:bf:2d:ce:18:01:73:95:0a:1c:21:8e:70:
94:e1:c1:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT22MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDgwMjI3WhcNMjUwMjIyMDgwMjI3WjAYMRYw
FAYDVQQDEw02NzhiNjAxNy02YWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoqukRyUAPt+Jy9hNsIIYFMBk3muqhYwkuFTS3PWJAU0mqTObFF31QHNR
6cvqJ0ACODH/bgickSS+qTBIzo6j8+8AcjIkX4fW7UoAWV73+xDasQRTdVjPog2N
uiRI34zDebXr1Vu87gUhgIxmVnFCXBkZcOC0Ph7fxUy8NwyUzkAwxRZdMwiBdHcz
Wzl6ydvN12ZvW2WJwYIfTot0UO3P1+2EBrzitTNDwo3UxcRHi4zyZzzb/xJiAfPV
/H+26mcyrQiDK5LKBXHcaYM/b2N7njTmcjNzv4kciAaKS9SXQ6/rTPAc1e25PdUh
f1RqskxmM/VMVi3MnjUACoiTfq8BPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHXF
AwYJiA4wPHM9I/kN7yXfLZj+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MTA3REEwOEQ1NzIxMUVGQTI0RjdFQTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtnqMA0GCSqGSIb3DQEB
CwUAA4IBAQAx2LhGxkpyOuS8dwIah6507aKHg/oe7LTSKkqcRpuUx6SW8e7Hm+YL
1ZTI3cxnRCSsYg8SM/f7J9ulnaS5WUW4f0chrPhxHkglGtEBFe2zkTmwCA5Cxrez
JHJvVd74bYSe64cpaW7yzM80ikJtObS0vLAPsWuev7C9uywWkq45PMQ4/SkPLuzc
lpBkyhQ2m39ONhMY8XDuzctN3ndGw+kzkNBn+AMfrdOm/c/EeR+XnhHhWX2NKQz4
o6kzmSNS7tv51BvW/PbkOiGcujatSDV6BrjNKzindBtfRnbRWmJu9MLa4DGk3ra9
KPrgBr+91lu/Lc4YAXOVChwhjnCU4cHu
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:46:12 2025 by rpki-client