Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9159066EC53A11EF84A62843762E951A.roa
File: 9159066EC53A11EF84A62843762E951A.roa (raw, json)
Hash identifier: RCf3vpyt0x7AZUXn5ts9ZMsjNv1Mo+fv3bh0hpSdnD0=
Subject key identifier: 38:16:39:ED:AB:9D:C1:87:36:02:C9:E2:93:66:49:38:48:AB:05:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012C41
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9159066EC53A11EF84A62843762E951A.roa
Signing time: Sat 28 Dec 2024 16:41:21 +0000
ROA not before: Sat 28 Dec 2024 16:41:17 +0000
ROA not after: Sun 12 Dec 2027 16:41:17 +0000
asID: 17561
IP address blocks: 154.205.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76865 (0x12c41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 16:41:17 2024 GMT
Not After : Dec 12 16:41:17 2027 GMT
Subject: CN=67702a31-1df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4f:73:23:f6:e0:49:62:c3:1b:2f:9b:07:ac:
c2:be:ea:49:0c:5e:2b:9c:8c:c3:99:da:1c:f3:30:
ae:b2:7d:9e:cf:8f:4b:1c:2f:1f:ae:38:dc:6d:ff:
d8:c1:88:9a:db:ea:14:b2:44:99:9e:d4:b7:37:a3:
f7:47:17:f7:c9:4e:2a:9a:61:d6:0e:a8:79:eb:8d:
b9:8c:4c:10:8a:b0:d1:42:5f:3d:86:04:e1:0c:00:
b9:ec:5e:5a:48:89:7f:72:3a:0b:08:89:5c:11:76:
22:2d:c3:6a:dc:37:58:51:64:9f:9c:9a:2f:c5:b1:
b5:d5:1c:74:46:d0:cd:6b:06:57:63:68:96:f0:ba:
83:e5:a7:77:52:2c:9b:5c:b0:04:c1:de:3c:90:48:
73:d6:85:61:b3:d1:bc:45:5a:e4:df:7a:e3:99:00:
35:97:8b:2b:67:ba:f4:0a:ee:54:ba:7d:5d:51:2c:
28:c0:cf:a8:18:1c:5f:1f:89:33:0c:b8:89:0a:15:
e2:4f:01:9b:59:e0:6f:e5:7d:52:ff:4f:27:d5:59:
8a:18:3d:d8:72:6b:8a:d2:b9:bc:72:fb:71:b8:4a:
18:d1:d6:0c:38:92:81:ad:f2:c2:f8:4b:98:89:1e:
fb:76:64:59:e5:27:72:5f:f9:19:61:4d:0e:0b:17:
12:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:16:39:ED:AB:9D:C1:87:36:02:C9:E2:93:66:49:38:48:AB:05:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9159066EC53A11EF84A62843762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.41.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:33:f6:1b:23:9c:b0:19:1d:f6:0d:d4:2a:30:93:00:3b:69:
b6:4e:fa:9a:be:82:4f:50:89:43:d3:68:38:43:e2:d1:41:29:
d6:44:b4:73:87:26:bb:93:c4:74:c9:66:b0:9b:96:d9:f6:cf:
5e:8b:a0:2a:27:9d:1e:2c:21:fb:36:11:b5:fa:5b:f3:60:bd:
cc:8c:df:aa:e6:45:8e:ba:53:20:ca:78:d1:5f:d7:84:7f:f8:
c1:fc:e3:db:6e:dc:c9:20:1a:e5:67:c5:f8:f2:da:c0:c0:50:
40:bb:65:a0:21:5b:1b:5f:e0:57:ca:7c:6f:95:b8:18:fd:82:
3a:86:4f:dc:b4:b2:fc:5f:8c:87:d3:78:ff:34:9b:1a:9b:37:
51:6a:ba:8c:8c:d4:eb:5b:ba:e6:65:18:98:48:9b:af:55:ff:
75:d1:45:b7:b4:c2:3d:fb:85:5f:fe:95:bc:e3:40:a0:32:d7:
90:b3:c8:43:81:2c:9a:61:14:d3:b4:4f:65:ab:17:39:ac:b8:
5d:9c:fb:73:69:73:57:f8:2c:12:ed:7e:3e:66:58:04:02:bc:
41:4d:72:db:e2:99:88:c1:e7:3a:92:28:b1:68:a6:6d:4c:e6:
1a:8f:33:b1:1f:f9:10:f1:ed:4f:d1:c6:2d:54:11:87:e6:ff:
4c:f6:85:83
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASxBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTY0MTE3WhcNMjcxMjEyMTY0MTE3WjAYMRYw
FAYDVQQDEw02NzcwMmEzMS0xZGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1E9zI/bgSWLDGy+bB6zCvupJDF4rnIzDmdoc8zCusn2ez49LHC8frjjc
bf/YwYia2+oUskSZntS3N6P3Rxf3yU4qmmHWDqh56425jEwQirDRQl89hgThDAC5
7F5aSIl/cjoLCIlcEXYiLcNq3DdYUWSfnJovxbG11Rx0RtDNawZXY2iW8LqD5ad3
UiybXLAEwd48kEhz1oVhs9G8RVrk33rjmQA1l4srZ7r0Cu5Uun1dUSwowM+oGBxf
H4kzDLiJChXiTwGbWeBv5X1S/08n1VmKGD3YcmuK0rm8cvtxuEoY0dYMOJKBrfLC
+EuYiR77dmRZ5SdyX/kZYU0OCxcSMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDgW
Oe2rncGHNgLJ4pNmSThIqwVIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MTU5MDY2RUM1M0ExMUVGODRBNjI4NDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms0pMA0GCSqGSIb3DQEB
CwUAA4IBAQDPM/YbI5ywGR32DdQqMJMAO2m2TvqavoJPUIlD02g4Q+LRQSnWRLRz
hya7k8R0yWawm5bZ9s9ei6AqJ50eLCH7NhG1+lvzYL3MjN+q5kWOulMgynjRX9eE
f/jB/OPbbtzJIBrlZ8X48trAwFBAu2WgIVsbX+BXynxvlbgY/YI6hk/ctLL8X4yH
03j/NJsamzdRarqMjNTrW7rmZRiYSJuvVf910UW3tMI9+4Vf/pW840CgMteQs8hD
gSyaYRTTtE9lqxc5rLhdnPtzaXNX+CwS7X4+ZlgEArxBTXLb4pmIwec6kiixaKZt
TOYajzOxH/kQ8e1P0cYtVBGH5v9M9oWD
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:58 2025 by rpki-client