Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/960070B8C34F11EF9B5C8C96762E951A.roa
File: 960070B8C34F11EF9B5C8C96762E951A.roa (raw, json)
Hash identifier: kiM5JVtwjPHgAYh9piBOUtuuFaUazYUk2uWPyw7vuow=
Subject key identifier: 17:6E:A3:CF:94:8F:B6:97:7C:B8:1A:2D:10:4D:8E:E5:00:DC:AF:F0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012599
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/960070B8C34F11EF9B5C8C96762E951A.roa
Signing time: Thu 26 Dec 2024 06:06:46 +0000
ROA not before: Thu 26 Dec 2024 06:06:42 +0000
ROA not after: Sun 12 Dec 2027 06:06:42 +0000
asID: 17561
IP address blocks: 154.95.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75161 (0x12599)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 06:06:42 2024 GMT
Not After : Dec 12 06:06:42 2027 GMT
Subject: CN=676cf276-5242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:81:fb:34:b2:8a:23:c1:a8:7c:cd:50:37:25:
f3:56:ef:e3:c7:4d:e9:6b:fb:67:47:96:9a:55:4c:
23:d4:c9:82:97:2a:ed:1d:20:f5:0f:6a:40:3a:b8:
13:39:d8:f5:c6:7f:3c:30:65:0a:fa:fc:71:6e:c2:
a8:e3:76:dd:24:db:4d:f2:aa:37:20:fa:7d:3f:0a:
67:b6:02:50:6f:c0:53:1b:e9:12:0f:2c:f6:00:a9:
e2:c7:2a:aa:33:d7:1c:e9:75:75:96:28:0a:60:cd:
ca:a7:eb:19:96:cd:95:22:43:f0:5d:72:01:0c:a6:
07:cd:b6:a2:26:ce:04:c9:a8:4d:8d:3d:8c:59:c5:
8a:0e:78:5b:65:20:c2:c8:5e:14:ff:9f:66:c3:c3:
65:40:79:2f:64:0c:a4:48:d8:78:51:67:3a:71:f9:
2c:9d:82:3f:7f:75:82:39:cb:4d:b1:5a:ba:94:e2:
03:f3:1b:37:1c:12:30:31:f3:2d:84:6e:11:39:58:
0e:aa:f9:80:b2:d1:06:9a:f1:47:9b:90:fc:f2:7c:
20:02:a5:0f:5a:4f:38:d9:32:8f:9c:32:b2:4f:95:
ca:ef:f1:81:03:d4:6e:c6:7a:f9:bf:c1:4b:48:37:
3d:c4:57:12:41:b6:47:4a:21:e7:10:7e:49:d1:73:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6E:A3:CF:94:8F:B6:97:7C:B8:1A:2D:10:4D:8E:E5:00:DC:AF:F0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/960070B8C34F11EF9B5C8C96762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.25.0/24
Signature Algorithm: sha256WithRSAEncryption
37:b7:37:35:a3:d4:a1:20:5d:9f:41:e6:e1:c7:d2:c3:32:6e:
e0:a5:85:96:96:52:55:c8:0f:5a:cf:15:09:4e:72:60:a8:58:
45:d9:db:2b:15:75:ff:8a:5e:2c:99:b1:91:be:fc:8d:33:92:
eb:9b:e9:3d:1d:c4:8d:d0:ea:bf:38:38:bc:ea:d9:83:c5:9c:
61:80:3c:0d:05:91:f7:25:91:a5:15:9b:26:3d:de:ea:72:ca:
12:15:5f:37:f6:ca:79:94:1c:06:05:43:44:c3:c3:20:cd:ee:
45:1e:71:97:c9:0b:86:32:5e:82:33:b1:5e:2a:b3:4d:b8:9f:
09:15:33:ca:48:95:54:b5:e6:59:43:60:30:ee:57:34:bd:10:
47:76:b5:ec:f5:f3:16:7b:80:df:3e:8b:73:e0:e2:db:19:20:
71:f7:4f:90:74:bf:6a:f5:6d:70:9f:6e:96:0e:96:6b:ad:88:
3d:26:c2:2f:d4:64:a6:9b:5c:14:ff:40:2a:27:2a:77:e7:55:
42:2f:fd:ba:0e:77:a4:14:1f:8c:30:2a:95:e0:4b:51:90:38:
33:db:ae:9e:43:2f:37:05:66:d7:ed:46:60:a3:cf:71:b8:47:
5d:24:2d:64:66:b4:d5:8a:f5:9e:45:fc:fe:b4:a1:08:6e:23:
c3:67:3d:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASWZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDYwNjQyWhcNMjcxMjEyMDYwNjQyWjAYMRYw
FAYDVQQDEw02NzZjZjI3Ni01MjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyYH7NLKKI8GofM1QNyXzVu/jx03pa/tnR5aaVUwj1MmClyrtHSD1D2pA
OrgTOdj1xn88MGUK+vxxbsKo43bdJNtN8qo3IPp9PwpntgJQb8BTG+kSDyz2AKni
xyqqM9cc6XV1ligKYM3Kp+sZls2VIkPwXXIBDKYHzbaiJs4EyahNjT2MWcWKDnhb
ZSDCyF4U/59mw8NlQHkvZAykSNh4UWc6cfksnYI/f3WCOctNsVq6lOID8xs3HBIw
MfMthG4ROVgOqvmAstEGmvFHm5D88nwgAqUPWk842TKPnDKyT5XK7/GBA9Ruxnr5
v8FLSDc9xFcSQbZHSiHnEH5J0XMskQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBdu
o8+Uj7aXfLgaLRBNjuUA3K/wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NjAwNzBCOEMzNEYxMUVGOUI1QzhDOTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml8ZMA0GCSqGSIb3DQEB
CwUAA4IBAQA3tzc1o9ShIF2fQebhx9LDMm7gpYWWllJVyA9azxUJTnJgqFhF2dsr
FXX/il4smbGRvvyNM5Lrm+k9HcSN0Oq/ODi86tmDxZxhgDwNBZH3JZGlFZsmPd7q
csoSFV839sp5lBwGBUNEw8Mgze5FHnGXyQuGMl6CM7FeKrNNuJ8JFTPKSJVUteZZ
Q2Aw7lc0vRBHdrXs9fMWe4DfPotz4OLbGSBx90+QdL9q9W1wn26WDpZrrYg9JsIv
1GSmm1wU/0AqJyp351VCL/26DnekFB+MMCqV4EtRkDgz266eQy83BWbX7UZgo89x
uEddJC1kZrTVivWeRfz+tKEIbiPDZz3o
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:25:25 2025 by rpki-client