Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9353B326C26311EFAAB15EB3762E951A.roa
File: 9353B326C26311EFAAB15EB3762E951A.roa (raw, json)
Hash identifier: c5aFaFZqmtOPUuRlx6Y6ShgpfuhQOiYQiiPF4CpgMDI=
Subject key identifier: 36:B4:F0:3C:06:13:57:D3:F2:8B:D1:5C:47:3B:93:C4:44:2E:7D:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0123CE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9353B326C26311EFAAB15EB3762E951A.roa
Signing time: Wed 25 Dec 2024 01:57:20 +0000
ROA not before: Wed 25 Dec 2024 01:57:17 +0000
ROA not after: Wed 10 Dec 2025 01:57:17 +0000
asID: 984
IP address blocks: 154.199.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74702 (0x123ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 01:57:17 2024 GMT
Not After : Dec 10 01:57:17 2025 GMT
Subject: CN=676b6680-5cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e1:68:84:e8:37:a7:09:28:1a:99:39:5f:1e:
d3:ca:47:b0:d3:18:24:a7:08:80:10:4e:39:bf:a1:
b2:46:9a:7a:4b:bf:c2:18:cf:62:1a:1e:08:60:a8:
25:ae:d7:ec:e7:9a:3d:25:0d:d4:7b:3a:3d:03:54:
13:3e:bf:d0:49:2c:2b:9e:2e:37:25:a7:98:71:51:
96:d3:e8:2a:de:01:b5:a7:1d:63:9d:28:d1:81:b7:
f2:31:24:54:7b:48:ea:95:a9:0f:3a:29:bc:71:96:
c7:2f:02:55:f0:91:06:a0:97:f0:0d:95:1f:f5:19:
59:fb:50:c7:9b:13:3c:36:90:6e:7d:65:fa:69:62:
ca:b3:ae:f4:99:65:97:51:9c:ee:98:4f:fc:ca:eb:
44:a3:2b:0f:7d:f8:f7:cf:09:e2:98:1a:be:ae:c6:
17:22:37:9c:35:2b:11:82:d9:3e:c9:e8:3c:ca:52:
dc:f2:6d:76:57:29:0e:55:ff:f0:a3:af:db:c0:08:
6d:99:b3:5d:e1:18:d4:98:6a:7a:6c:b1:8a:5a:2f:
05:7a:85:b0:17:13:2b:38:6a:f1:34:1e:b0:c2:e6:
9d:00:4f:38:43:34:3c:e0:93:04:10:cd:b2:8e:c4:
5b:4a:fd:4f:71:cc:30:7f:ee:17:8e:15:74:74:db:
4f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B4:F0:3C:06:13:57:D3:F2:8B:D1:5C:47:3B:93:C4:44:2E:7D:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9353B326C26311EFAAB15EB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.116.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:87:b9:c3:d4:3f:ed:0b:e5:9a:12:6d:16:19:09:b2:de:c2:
66:91:c6:5a:66:14:00:1e:1c:ba:0f:76:89:dc:92:64:ad:85:
21:2d:0a:4d:4f:81:60:cf:08:2f:37:cb:32:ad:2b:af:df:61:
ff:ef:85:ff:b8:61:77:3f:47:61:f8:30:ec:81:ab:63:25:08:
02:81:30:cf:bd:e9:bd:aa:5f:e5:17:33:7b:24:21:a1:b1:51:
f5:fa:05:c7:1b:b6:8b:57:eb:bc:3a:f5:92:b7:bd:34:d8:fa:
e1:ad:89:6a:89:ae:f3:e5:d2:ea:e8:c2:d7:51:73:71:12:0b:
40:93:8f:de:1c:61:e9:b1:b0:9d:62:a9:b8:f1:27:03:a2:69:
55:bc:98:89:b9:58:5c:2e:17:0c:43:11:40:02:51:9b:dc:f4:
40:e5:b3:72:f3:11:92:3a:44:14:54:04:7e:35:d0:e0:b2:20:
92:36:c0:c1:75:47:e4:37:29:55:94:24:28:49:9d:5c:86:12:
e8:c3:e3:eb:2d:a3:a3:5e:5a:98:20:c9:67:3b:fc:4c:9c:a6:
82:48:61:62:37:ef:48:13:50:09:a8:5f:00:7c:06:f7:fc:dd:
4e:df:95:a1:a2:1a:ae:91:15:22:84:17:5f:b7:ec:4b:96:34:
6a:4f:b8:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASPOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDE1NzE3WhcNMjUxMjEwMDE1NzE3WjAYMRYw
FAYDVQQDEw02NzZiNjY4MC01Y2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7+FohOg3pwkoGpk5Xx7Tykew0xgkpwiAEE45v6GyRpp6S7/CGM9iGh4I
YKglrtfs55o9JQ3Uezo9A1QTPr/QSSwrni43JaeYcVGW0+gq3gG1px1jnSjRgbfy
MSRUe0jqlakPOim8cZbHLwJV8JEGoJfwDZUf9RlZ+1DHmxM8NpBufWX6aWLKs670
mWWXUZzumE/8yutEoysPffj3zwnimBq+rsYXIjecNSsRgtk+yeg8ylLc8m12VykO
Vf/wo6/bwAhtmbNd4RjUmGp6bLGKWi8FeoWwFxMrOGrxNB6wwuadAE84QzQ84JME
EM2yjsRbSv1Pccwwf+4XjhV0dNtPKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDa0
8DwGE1fT8ovRXEc7k8RELn36MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MzUzQjMyNkMyNjMxMUVGQUFCMTVFQjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsd0MA0GCSqGSIb3DQEB
CwUAA4IBAQCoh7nD1D/tC+WaEm0WGQmy3sJmkcZaZhQAHhy6D3aJ3JJkrYUhLQpN
T4FgzwgvN8syrSuv32H/74X/uGF3P0dh+DDsgatjJQgCgTDPvem9ql/lFzN7JCGh
sVH1+gXHG7aLV+u8OvWSt7002PrhrYlqia7z5dLq6MLXUXNxEgtAk4/eHGHpsbCd
Yqm48ScDomlVvJiJuVhcLhcMQxFAAlGb3PRA5bNy8xGSOkQUVAR+NdDgsiCSNsDB
dUfkNylVlCQoSZ1chhLow+PrLaOjXlqYIMlnO/xMnKaCSGFiN+9IE1AJqF8AfAb3
/N1O35WhohqukRUihBdft+xLljRqT7i7
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:11:25 2025 by rpki-client