Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97CD678EC35411EF8546B8B5762E951A.roa
File: 97CD678EC35411EF8546B8B5762E951A.roa (raw, json)
Hash identifier: LPvDwRkJDOIm4OY53n/nkK6NQuAvz1PEsFfizYZNZkM=
Subject key identifier: A4:A2:A3:82:9E:19:78:CE:30:FC:B8:1A:ED:63:B8:C3:EA:00:65:6C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0125CF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97CD678EC35411EF8546B8B5762E951A.roa
Signing time: Thu 26 Dec 2024 06:42:36 +0000
ROA not before: Thu 26 Dec 2024 06:42:33 +0000
ROA not after: Fri 12 Dec 2025 06:42:33 +0000
asID: 984
IP address blocks: 154.88.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75215 (0x125cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 06:42:33 2024 GMT
Not After : Dec 12 06:42:33 2025 GMT
Subject: CN=676cfadc-3daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:77:fc:48:e6:c2:fb:45:52:3e:e2:98:06:70:
fd:0d:2c:c5:5f:55:f5:29:0f:73:79:76:03:fa:fd:
a8:68:ed:2d:dd:d1:bc:bf:73:4d:a0:7f:1e:b0:9e:
67:6c:d3:c1:64:5a:44:41:38:68:f9:58:d3:59:b9:
73:05:87:37:be:01:fd:cb:68:bd:d5:21:66:a5:67:
54:f1:04:e0:09:e7:ea:9f:94:18:c6:ea:90:4a:1e:
37:2d:60:24:33:0a:79:fc:54:85:24:5c:c1:18:bb:
9b:c5:55:93:f1:d4:ad:96:81:12:62:fd:22:ad:67:
23:fa:34:ef:75:b7:01:36:2e:21:d0:c8:b6:ee:dd:
7f:5d:7a:2e:cf:8f:2b:df:29:f7:37:29:17:bb:c0:
3f:ec:16:a5:28:2c:94:94:41:d6:34:3e:7c:0c:78:
ee:26:68:cd:35:29:ac:40:bf:07:28:6e:53:2d:c4:
17:32:64:3c:85:68:80:4b:44:c2:de:28:5b:8e:71:
ad:bf:ed:0c:83:30:7e:67:27:d9:bd:5a:89:db:d1:
43:36:bd:e0:0d:14:a4:df:b6:24:dc:14:d4:e8:6a:
a6:60:4d:d0:80:a8:0b:70:92:a5:bc:fc:b1:53:7c:
b9:39:f2:7c:1a:e3:09:97:ca:c8:9e:57:bc:43:37:
86:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A2:A3:82:9E:19:78:CE:30:FC:B8:1A:ED:63:B8:C3:EA:00:65:6C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97CD678EC35411EF8546B8B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.43.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:b4:42:18:3e:fb:7a:7c:e7:2c:81:8b:1e:e8:eb:b0:b7:21:
62:fa:9a:bb:3c:e7:23:08:54:c6:ad:74:ca:fc:36:d7:d2:ec:
7c:06:aa:fe:db:e8:be:0d:33:d9:d6:e9:b6:bd:26:d1:f8:64:
5b:7d:fe:d0:99:83:a9:c0:87:d5:39:ef:6d:33:a0:6d:32:4b:
b6:f9:ab:c6:8e:5f:c8:be:57:b8:db:08:19:a9:e5:82:d7:1c:
34:38:cf:19:b2:5e:9e:42:7b:38:7a:65:9c:47:e4:d2:34:6f:
fd:2c:50:32:da:75:18:5c:48:11:d3:9d:de:bb:b5:0a:8d:78:
f8:b2:7e:ce:91:34:14:55:4b:23:6a:53:a8:e5:1d:16:61:0f:
10:fb:b6:84:39:26:f5:ee:0c:48:18:32:97:2b:87:d8:45:ad:
ea:20:70:b5:5f:5a:e0:94:1e:e9:97:6b:5f:c3:69:47:e1:2e:
4a:e4:e0:a8:41:de:31:35:56:61:f2:28:bd:e7:d5:28:d5:15:
db:c9:71:d0:28:4f:93:9b:04:98:c8:75:e7:8f:e4:93:09:cf:
31:fb:74:a0:cf:13:7e:67:7e:de:0f:2b:68:9a:eb:aa:e1:3e:
07:e8:2c:14:c3:ac:b9:04:4e:cc:3a:ef:f9:e9:f7:92:5a:0c:
77:87:52:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASXPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDY0MjMzWhcNMjUxMjEyMDY0MjMzWjAYMRYw
FAYDVQQDEw02NzZjZmFkYy0zZGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwnf8SObC+0VSPuKYBnD9DSzFX1X1KQ9zeXYD+v2oaO0t3dG8v3NNoH8e
sJ5nbNPBZFpEQTho+VjTWblzBYc3vgH9y2i91SFmpWdU8QTgCefqn5QYxuqQSh43
LWAkMwp5/FSFJFzBGLubxVWT8dStloESYv0irWcj+jTvdbcBNi4h0Mi27t1/XXou
z48r3yn3NykXu8A/7BalKCyUlEHWND58DHjuJmjNNSmsQL8HKG5TLcQXMmQ8hWiA
S0TC3ihbjnGtv+0MgzB+ZyfZvVqJ29FDNr3gDRSk37Yk3BTU6GqmYE3QgKgLcJKl
vPyxU3y5OfJ8GuMJl8rInle8QzeGYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKSi
o4KeGXjOMPy4Gu1juMPqAGVsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85N0NENjc4RUMzNTQxMUVGODU0NkI4QjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlgrMA0GCSqGSIb3DQEB
CwUAA4IBAQDMtEIYPvt6fOcsgYse6OuwtyFi+pq7POcjCFTGrXTK/DbX0ux8Bqr+
2+i+DTPZ1um2vSbR+GRbff7QmYOpwIfVOe9tM6BtMku2+avGjl/Ivle42wgZqeWC
1xw0OM8Zsl6eQns4emWcR+TSNG/9LFAy2nUYXEgR053eu7UKjXj4sn7OkTQUVUsj
alOo5R0WYQ8Q+7aEOSb17gxIGDKXK4fYRa3qIHC1X1rglB7pl2tfw2lH4S5K5OCo
Qd4xNVZh8ii959Uo1RXbyXHQKE+TmwSYyHXnj+STCc8x+3SgzxN+Z37eDytomuuq
4T4H6CwUw6y5BE7MOu/56feSWgx3h1Is
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:27 2025 by rpki-client