Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9894240AC36D11EFBA162B56762E951A.roa
File: 9894240AC36D11EFBA162B56762E951A.roa (raw, json)
Hash identifier: FpSjXjGC+5UWuLg++Qd/TlEoi33UP9OQe7vVb2ZjLTk=
Subject key identifier: DF:0C:B8:5C:80:B2:AE:7B:44:72:E0:83:F0:87:EF:2E:01:6B:E0:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012706
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9894240AC36D11EFBA162B56762E951A.roa
Signing time: Thu 26 Dec 2024 09:41:35 +0000
ROA not before: Thu 26 Dec 2024 09:41:31 +0000
ROA not after: Sun 12 Dec 2027 09:41:31 +0000
asID: 17561
IP address blocks: 154.94.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75526 (0x12706)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 09:41:31 2024 GMT
Not After : Dec 12 09:41:31 2027 GMT
Subject: CN=676d24cf-ff6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a0:01:9b:ba:0a:78:df:71:59:73:4d:2a:3f:
4a:ee:46:29:0a:f1:df:c1:25:9f:bc:f4:5d:b5:a1:
5e:a1:db:fb:bb:f1:65:11:69:d5:5c:59:3f:c8:24:
76:af:a4:4d:56:73:59:8c:bf:71:91:2c:94:82:da:
51:4b:cc:b1:e5:3d:ce:38:92:c8:81:3f:42:50:2a:
b2:64:0a:7c:73:3b:b1:fd:45:82:73:3b:5f:ac:ac:
e3:86:4c:be:97:e9:00:22:7c:5d:58:06:c1:9a:5f:
2f:f2:46:7a:2c:9e:e5:23:6c:a5:f7:bf:27:5b:98:
62:46:26:9e:39:ac:24:ba:fa:59:b9:9b:7c:8f:75:
dc:79:c7:dc:e8:87:5a:66:f7:02:67:1c:3d:f4:1c:
9c:1c:e4:b2:63:7b:a7:4e:09:f0:c6:4e:99:7a:3b:
18:4a:83:af:14:33:18:29:de:05:5b:dc:c3:93:bf:
0c:98:9e:1d:ba:f9:0f:3c:29:d1:49:f7:71:87:a6:
7e:c3:9e:81:c5:66:79:b2:90:8c:ec:41:27:5e:46:
d1:62:df:99:a4:23:5a:ea:ac:86:c4:d6:40:23:1c:
f9:cc:b2:51:7c:b9:bb:fa:01:7f:e4:9a:37:4b:e9:
db:80:65:1f:e4:c6:84:5a:9c:57:02:48:a5:63:1a:
a2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:0C:B8:5C:80:B2:AE:7B:44:72:E0:83:F0:87:EF:2E:01:6B:E0:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9894240AC36D11EFBA162B56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.154.0/24
Signature Algorithm: sha256WithRSAEncryption
06:44:94:ad:3b:4f:2d:b2:31:b2:2e:14:7c:dd:11:d8:96:d0:
62:cf:40:ac:df:65:9a:4a:0e:f1:9b:a8:98:bf:3e:ca:5f:39:
1f:82:0b:1c:46:15:05:7f:87:2a:04:5e:75:58:e0:1f:ce:1b:
7b:4e:45:50:ca:f0:1b:b1:4f:52:51:1d:7b:a5:d1:57:e1:f6:
40:45:9d:52:14:20:7c:95:8c:78:4a:e7:6e:f8:92:37:3d:41:
c2:df:ff:99:6a:23:33:7d:79:82:52:70:39:a5:06:d6:08:a7:
9c:44:0b:ec:79:71:7d:27:58:9c:43:a1:44:64:c1:7f:bd:aa:
3d:4a:03:ff:8c:4b:c7:69:cd:5c:97:a9:d9:13:1f:9b:95:06:
17:3b:fb:4e:00:78:12:1a:ac:93:72:f5:09:68:aa:67:1a:46:
bb:2c:57:d4:bc:29:47:f5:85:69:6d:6d:85:0b:08:86:33:50:
74:fd:79:02:91:09:5c:4f:e9:0c:e3:5d:cd:c2:82:c6:9b:b4:
c6:ed:14:0e:39:37:68:9d:a3:91:9d:ca:a9:26:0c:a0:0e:f7:
a1:40:3e:e1:c7:53:60:46:f5:24:86:1f:d8:0b:b1:ed:f5:dd:
af:51:4f:bb:f1:08:09:fe:48:8c:48:a2:da:02:f4:14:7d:6f:
c9:84:e5:0e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAScGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDk0MTMxWhcNMjcxMjEyMDk0MTMxWjAYMRYw
FAYDVQQDEw02NzZkMjRjZi1mZjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApqABm7oKeN9xWXNNKj9K7kYpCvHfwSWfvPRdtaFeodv7u/FlEWnVXFk/
yCR2r6RNVnNZjL9xkSyUgtpRS8yx5T3OOJLIgT9CUCqyZAp8czux/UWCcztfrKzj
hky+l+kAInxdWAbBml8v8kZ6LJ7lI2yl978nW5hiRiaeOawkuvpZuZt8j3Xcecfc
6IdaZvcCZxw99BycHOSyY3unTgnwxk6ZejsYSoOvFDMYKd4FW9zDk78MmJ4duvkP
PCnRSfdxh6Z+w56BxWZ5spCM7EEnXkbRYt+ZpCNa6qyGxNZAIxz5zLJRfLm7+gF/
5Jo3S+nbgGUf5MaEWpxXAkilYxqiqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN8M
uFyAsq57RHLgg/CH7y4Ba+AzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85ODk0MjQwQUMzNkQxMUVGQkExNjJCNTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml6aMA0GCSqGSIb3DQEB
CwUAA4IBAQAGRJStO08tsjGyLhR83RHYltBiz0Cs32WaSg7xm6iYvz7KXzkfggsc
RhUFf4cqBF51WOAfzht7TkVQyvAbsU9SUR17pdFX4fZARZ1SFCB8lYx4Sudu+JI3
PUHC3/+ZaiMzfXmCUnA5pQbWCKecRAvseXF9J1icQ6FEZMF/vao9SgP/jEvHac1c
l6nZEx+blQYXO/tOAHgSGqyTcvUJaKpnGka7LFfUvClH9YVpbW2FCwiGM1B0/XkC
kQlcT+kM413NwoLGm7TG7RQOOTdonaORncqpJgygDvehQD7hx1NgRvUkhh/YC7Ht
9d2vUU+78QgJ/kiMSKLaAvQUfW/JhOUO
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:21 2025 by rpki-client