Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95C4306EC61311EFB46DF9A0762E951A.roa
File: 95C4306EC61311EFB46DF9A0762E951A.roa (raw, json)
Hash identifier: pMyOwQmysZsl+mnlFHjnA1X/kNzUZ6x7mz5KNrEPnSQ=
Subject key identifier: FE:EF:8A:CE:8C:71:1C:F3:61:25:D1:DA:7F:26:36:F0:F7:BB:A4:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012EFC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95C4306EC61311EFB46DF9A0762E951A.roa
Signing time: Sun 29 Dec 2024 18:34:49 +0000
ROA not before: Sun 29 Dec 2024 18:34:46 +0000
ROA not after: Sun 12 Dec 2027 18:34:46 +0000
asID: 17561
IP address blocks: 154.217.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77564 (0x12efc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 18:34:46 2024 GMT
Not After : Dec 12 18:34:46 2027 GMT
Subject: CN=67719649-b480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4f:2c:b5:52:08:cd:48:14:88:b5:ae:a0:13:
e6:41:b2:08:2f:50:f3:c3:97:62:e7:f5:01:da:61:
93:93:09:f7:f3:c2:df:ec:61:25:8b:b2:54:48:fa:
0d:04:16:9c:ca:ed:c3:14:0c:73:79:c8:a8:37:f1:
4e:02:5f:ad:49:24:fb:8e:f3:fb:ee:38:d5:44:42:
81:d0:f6:06:2e:c3:56:c5:47:bc:3b:9f:ba:e9:54:
86:d4:06:f7:f6:bd:61:57:53:01:18:79:68:97:44:
bb:3b:30:3b:be:35:ff:33:f9:6c:eb:a4:99:f9:ff:
67:00:89:e6:84:15:09:ba:8c:fe:c9:6f:17:8a:0a:
05:d7:d3:f0:58:4f:19:19:46:ec:ea:41:fb:8f:5b:
80:47:71:5c:c1:6d:e6:3f:9f:30:ff:e4:fa:ec:79:
d5:f7:3d:f1:ec:ca:73:e9:d8:27:fa:ed:15:3a:ac:
6a:66:5c:80:19:5d:d6:5b:34:4f:06:40:5f:df:cf:
84:49:f0:b4:a6:d4:11:cd:1f:89:ac:b8:92:f7:2d:
95:12:25:77:7f:ad:92:55:a1:bc:49:9d:4b:a2:dd:
ff:d0:e1:b7:18:db:fc:3e:14:ab:fb:6e:8f:8e:f1:
88:eb:05:16:40:e0:07:0a:a5:a7:1c:90:69:3a:cd:
c4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:EF:8A:CE:8C:71:1C:F3:61:25:D1:DA:7F:26:36:F0:F7:BB:A4:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95C4306EC61311EFB46DF9A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.97.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:de:c3:d5:73:20:0c:de:2b:fb:19:fa:99:c4:06:31:8c:27:
56:56:58:6b:90:84:81:ae:93:5c:ca:b5:a5:4c:e8:3a:f5:21:
06:6d:38:61:b0:79:98:ae:70:6b:18:b9:4e:29:79:60:7c:bd:
0c:cc:54:2c:a7:24:19:ee:b4:fb:9a:75:61:e9:37:1c:93:a9:
86:63:9f:ce:0e:c7:e3:b6:3c:39:9b:f0:a3:ef:9b:78:2a:cc:
5d:34:cb:8b:4e:0c:e9:f1:a4:a8:7e:f5:76:19:0d:db:72:65:
21:6f:14:ab:53:b8:5e:09:57:eb:ee:a8:4f:8f:30:4f:73:ea:
12:56:23:e4:e7:2a:f9:9d:36:b3:d6:9f:89:11:11:b4:f9:ea:
24:cd:6e:3b:4e:3c:b7:f3:ee:ce:7e:32:23:d8:09:f5:71:1f:
93:a7:19:b6:64:63:55:56:05:01:f8:2a:d7:5a:1e:76:5d:18:
d8:92:36:a4:88:74:2e:8d:50:23:5f:92:62:c9:9c:48:40:56:
b7:53:a2:82:e7:5b:7e:d5:1c:ac:bb:56:1a:db:be:96:4f:02:
8f:83:54:d3:de:6a:ac:1e:fd:69:d6:91:1a:8f:37:6e:9d:36:
5a:60:a1:38:c2:e6:fc:d6:33:1f:c1:90:41:8b:48:7d:f5:8e:
fe:c8:f7:d7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS78MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTgzNDQ2WhcNMjcxMjEyMTgzNDQ2WjAYMRYw
FAYDVQQDEw02NzcxOTY0OS1iNDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8E8stVIIzUgUiLWuoBPmQbIIL1Dzw5di5/UB2mGTkwn388Lf7GEli7JU
SPoNBBacyu3DFAxzecioN/FOAl+tSST7jvP77jjVREKB0PYGLsNWxUe8O5+66VSG
1Ab39r1hV1MBGHlol0S7OzA7vjX/M/ls66SZ+f9nAInmhBUJuoz+yW8XigoF19Pw
WE8ZGUbs6kH7j1uAR3FcwW3mP58w/+T67HnV9z3x7Mpz6dgn+u0VOqxqZlyAGV3W
WzRPBkBf38+ESfC0ptQRzR+JrLiS9y2VEiV3f62SVaG8SZ1Lot3/0OG3GNv8PhSr
+26PjvGI6wUWQOAHCqWnHJBpOs3EYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP7v
is6McRzzYSXR2n8mNvD3u6SwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NUM0MzA2RUM2MTMxMUVGQjQ2REY5QTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtlhMA0GCSqGSIb3DQEB
CwUAA4IBAQB63sPVcyAM3iv7GfqZxAYxjCdWVlhrkISBrpNcyrWlTOg69SEGbThh
sHmYrnBrGLlOKXlgfL0MzFQspyQZ7rT7mnVh6Tcck6mGY5/ODsfjtjw5m/Cj75t4
KsxdNMuLTgzp8aSofvV2GQ3bcmUhbxSrU7heCVfr7qhPjzBPc+oSViPk5yr5nTaz
1p+JERG0+eokzW47Tjy38+7OfjIj2An1cR+Tpxm2ZGNVVgUB+CrXWh52XRjYkjak
iHQujVAjX5JiyZxIQFa3U6KC51t+1Rysu1Ya276WTwKPg1TT3mqsHv1p1pEajzdu
nTZaYKE4wub81jMfwZBBi0h99Y7+yPfX
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:37 2025 by rpki-client