Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91C4F3EAC91511EF94C94C45762E951A.roa
File: 91C4F3EAC91511EF94C94C45762E951A.roa (raw, json)
Hash identifier: eY1IcczcMBQFv1onJe/POElM3ElZ4jo3xmv2ceTzyNw=
Subject key identifier: 4E:DB:29:DD:57:78:3A:3B:3F:47:4E:2E:EA:86:4D:D1:0E:A8:B3:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0132CD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91C4F3EAC91511EF94C94C45762E951A.roa
Signing time: Thu 02 Jan 2025 14:26:35 +0000
ROA not before: Thu 02 Jan 2025 14:26:31 +0000
ROA not after: Mon 13 Dec 2027 14:26:31 +0000
asID: 17561
IP address blocks: 154.221.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78541 (0x132cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 14:26:31 2025 GMT
Not After : Dec 13 14:26:31 2027 GMT
Subject: CN=6776a21b-4e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d6:70:50:ac:18:8c:2f:66:6f:ae:6a:41:33:
44:9a:9f:30:8e:2c:ed:f6:43:d2:2e:c7:da:0e:fe:
da:9d:ef:79:6d:39:46:07:ee:af:ef:25:6d:f8:6e:
28:27:16:4a:2b:14:c4:9d:b5:80:e7:28:e3:c0:7f:
77:df:f4:f8:92:95:ce:ca:5a:c3:b5:e0:ba:39:57:
84:25:cb:97:08:bb:cc:ec:01:3b:75:f3:e5:d6:06:
71:e6:25:bb:81:36:52:2a:14:3a:40:e9:2c:66:f3:
f4:26:17:6e:d7:0f:cd:8e:b2:eb:35:c4:cb:3e:c9:
d4:85:1b:68:27:21:18:f2:f4:09:a3:46:a0:bd:55:
a2:83:9c:70:81:62:be:66:e3:00:1a:68:43:4b:dc:
e1:0e:80:91:bf:72:83:1c:41:ad:5c:a8:d6:05:cb:
a7:c8:90:34:b3:a4:90:67:9e:04:d5:cb:08:e0:db:
12:6e:47:7d:67:d3:54:a5:a2:de:47:e9:8c:98:61:
7c:79:ca:df:31:8f:e1:e3:a9:d6:a9:0d:cc:bb:3a:
d1:62:3b:b2:8f:34:30:de:6f:72:26:ab:7c:9f:ff:
75:b1:3a:8d:35:6c:c8:50:ea:17:b0:81:32:eb:f9:
80:08:ef:92:72:98:ef:ab:ae:ef:31:04:11:3d:fc:
6c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DB:29:DD:57:78:3A:3B:3F:47:4E:2E:EA:86:4D:D1:0E:A8:B3:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91C4F3EAC91511EF94C94C45762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.243.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:78:03:02:05:75:c1:6f:79:93:9e:22:24:73:1b:fd:52:0a:
1e:d1:5b:7b:66:67:52:a1:42:78:12:74:5f:96:a7:7e:5f:d2:
bc:46:2d:74:28:07:98:c8:d0:a8:00:7b:20:33:46:3d:b3:5c:
59:bd:a2:38:fb:c7:d8:9f:77:39:e6:f5:8c:f1:d2:a2:f6:69:
c6:9e:4c:4c:19:cf:b1:4a:c3:d3:ac:3a:a6:91:44:35:44:94:
ed:32:1f:69:b4:b6:cc:e5:af:a3:26:02:e8:36:51:d7:96:4f:
1d:70:8c:f4:04:c1:39:79:55:19:fb:57:4d:07:8f:a9:d1:dd:
0b:c9:0f:06:43:e1:41:40:6f:cc:62:00:47:d9:40:ba:74:a7:
de:4d:cd:d2:6d:39:d9:43:1e:cf:13:c1:df:45:df:13:7e:77:
af:e6:50:22:b1:99:9f:79:a7:4e:4d:ed:06:58:2b:2b:2f:ec:
29:64:e2:33:9a:ce:75:2e:6c:62:b5:51:4a:a1:e5:e1:50:d8:
02:a5:60:37:78:fc:50:10:b9:ec:8e:39:49:ff:e4:1b:d1:fd:
6d:e7:7d:4a:15:68:89:11:65:c9:5a:74:77:91:6b:f6:cd:f7:
c0:6e:96:e8:7d:01:a7:c6:35:cc:1f:bc:20:fa:ea:64:b4:de:
e7:c3:55:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATLNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTQyNjMxWhcNMjcxMjEzMTQyNjMxWjAYMRYw
FAYDVQQDEw02Nzc2YTIxYi00ZTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu9ZwUKwYjC9mb65qQTNEmp8wjizt9kPSLsfaDv7ane95bTlGB+6v7yVt
+G4oJxZKKxTEnbWA5yjjwH933/T4kpXOylrDteC6OVeEJcuXCLvM7AE7dfPl1gZx
5iW7gTZSKhQ6QOksZvP0Jhdu1w/NjrLrNcTLPsnUhRtoJyEY8vQJo0agvVWig5xw
gWK+ZuMAGmhDS9zhDoCRv3KDHEGtXKjWBcunyJA0s6SQZ54E1csI4NsSbkd9Z9NU
paLeR+mMmGF8ecrfMY/h46nWqQ3MuzrRYjuyjzQw3m9yJqt8n/91sTqNNWzIUOoX
sIEy6/mACO+Scpjvq67vMQQRPfxsQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE7b
Kd1XeDo7P0dOLuqGTdEOqLNCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MUM0RjNFQUM5MTUxMUVGOTRDOTRDNDU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3zMA0GCSqGSIb3DQEB
CwUAA4IBAQDIeAMCBXXBb3mTniIkcxv9Ugoe0Vt7ZmdSoUJ4EnRflqd+X9K8Ri10
KAeYyNCoAHsgM0Y9s1xZvaI4+8fYn3c55vWM8dKi9mnGnkxMGc+xSsPTrDqmkUQ1
RJTtMh9ptLbM5a+jJgLoNlHXlk8dcIz0BME5eVUZ+1dNB4+p0d0LyQ8GQ+FBQG/M
YgBH2UC6dKfeTc3SbTnZQx7PE8HfRd8Tfnev5lAisZmfeadOTe0GWCsrL+wpZOIz
ms51LmxitVFKoeXhUNgCpWA3ePxQELnsjjlJ/+Qb0f1t531KFWiJEWXJWnR3kWv2
zffAbpbofQGnxjXMH7wg+upktN7nw1Vw
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:48 2025 by rpki-client