Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C1106CAC1D811EF8E735DB7762E951A.roa
File: 9C1106CAC1D811EF8E735DB7762E951A.roa (raw, json)
Hash identifier: vbOzg6gkqFlPSF3jGlREwYabnX9LrO6OniIkFm4Vy28=
Subject key identifier: FE:2A:88:C6:E1:7D:FB:5F:1B:7C:B1:61:55:2E:AB:51:75:3E:F3:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0122E5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C1106CAC1D811EF8E735DB7762E951A.roa
Signing time: Tue 24 Dec 2024 09:22:35 +0000
ROA not before: Tue 24 Dec 2024 09:22:31 +0000
ROA not after: Wed 10 Dec 2025 09:22:31 +0000
asID: 984
IP address blocks: 154.194.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74469 (0x122e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 09:22:31 2024 GMT
Not After : Dec 10 09:22:31 2025 GMT
Subject: CN=676a7d5b-5cdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ed:82:ee:c1:4e:79:d4:0f:14:59:5e:97:4f:
7f:6b:45:62:3c:c6:c0:f7:c7:02:6c:7a:6a:52:f5:
e1:45:0d:9e:c5:c3:ad:e6:38:d7:63:a4:10:9e:c2:
7a:71:dd:0e:4b:f5:86:e9:dd:d9:1d:54:83:a3:e0:
9c:c1:8a:bb:2a:56:71:a4:c4:01:83:98:fd:b1:cb:
7f:d5:e3:b4:60:8c:62:30:59:0b:2a:c3:cb:25:9e:
22:da:29:90:c8:d4:d8:21:d1:71:64:7b:3a:2a:6f:
27:13:d1:75:1c:32:72:9d:8f:16:29:70:94:2d:fc:
58:73:b1:b5:d5:a6:1c:ae:ec:36:f9:a1:09:eb:2c:
a5:6f:a4:2e:d9:cb:34:12:b1:b6:93:9b:d2:e2:f1:
ba:f3:e6:c3:65:0c:4d:76:ac:d3:e8:e5:9c:c1:4c:
d5:79:88:19:ed:c2:ae:b4:ce:ef:e7:7d:fa:c6:78:
4b:13:1c:32:6e:f3:6f:46:97:38:10:5d:6c:f3:b2:
65:df:c0:dc:17:16:0e:d0:a1:b4:63:5d:a5:3d:c0:
68:83:3f:09:22:6b:3e:01:8c:e8:2e:bb:53:3e:26:
bb:56:ff:bf:f1:46:13:bc:35:c4:6a:3a:74:8e:30:
a3:15:45:78:78:52:08:e0:59:b8:68:73:6c:06:60:
13:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2A:88:C6:E1:7D:FB:5F:1B:7C:B1:61:55:2E:AB:51:75:3E:F3:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C1106CAC1D811EF8E735DB7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.231.0/24
Signature Algorithm: sha256WithRSAEncryption
65:32:67:a3:49:67:ed:8c:56:c5:3f:8b:8d:12:4d:a8:8e:d2:
14:66:49:e7:0c:6a:4e:bb:46:23:2a:d4:a8:82:ec:be:9e:5a:
22:15:44:bc:3b:03:15:02:03:56:31:88:9c:84:5d:d2:b1:bd:
58:5b:c7:8f:37:ab:ab:e4:92:5c:d4:a4:cf:4b:ec:c3:45:87:
7b:48:5c:ea:b5:e1:c7:8c:2a:d0:c6:d5:00:35:86:59:da:d9:
01:bc:24:f5:a3:c0:9c:33:6c:d8:6b:e2:d5:97:f2:4b:15:de:
4d:ec:9f:4f:a3:1e:e6:8f:21:3a:0b:c4:53:a6:ed:47:9e:da:
31:9a:8d:18:06:04:44:a6:6d:d2:bd:96:ee:c5:d9:e4:80:2e:
fd:9a:6b:ff:1a:ca:e0:39:fc:9e:de:76:80:bd:e0:fa:6c:2d:
70:f0:ee:76:2a:bd:12:7e:6e:ac:83:fa:e6:e0:45:cf:69:0d:
f3:5b:be:3d:51:a9:70:01:ef:1f:88:e9:a7:d3:5b:b2:59:0b:
ae:dd:d4:5a:62:c3:e2:31:65:25:00:99:6a:bc:c8:9e:cf:d1:
d5:bf:b2:ec:3b:b1:d9:35:59:c4:1f:d8:15:31:64:a7:7f:8d:
af:aa:5b:98:96:32:4e:0c:68:2f:a1:c0:bd:d1:46:96:46:04:
88:b2:ac:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASLlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDkyMjMxWhcNMjUxMjEwMDkyMjMxWjAYMRYw
FAYDVQQDEw02NzZhN2Q1Yi01Y2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr+2C7sFOedQPFFlel09/a0ViPMbA98cCbHpqUvXhRQ2excOt5jjXY6QQ
nsJ6cd0OS/WG6d3ZHVSDo+CcwYq7KlZxpMQBg5j9sct/1eO0YIxiMFkLKsPLJZ4i
2imQyNTYIdFxZHs6Km8nE9F1HDJynY8WKXCULfxYc7G11aYcruw2+aEJ6yylb6Qu
2cs0ErG2k5vS4vG68+bDZQxNdqzT6OWcwUzVeYgZ7cKutM7v5336xnhLExwybvNv
Rpc4EF1s87Jl38DcFxYO0KG0Y12lPcBogz8JIms+AYzoLrtTPia7Vv+/8UYTvDXE
ajp0jjCjFUV4eFII4Fm4aHNsBmATkwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP4q
iMbhfftfG3yxYVUuq1F1PvNcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QzExMDZDQUMxRDgxMUVGOEU3MzVEQjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsLnMA0GCSqGSIb3DQEB
CwUAA4IBAQBlMmejSWftjFbFP4uNEk2ojtIUZknnDGpOu0YjKtSoguy+nloiFUS8
OwMVAgNWMYichF3Ssb1YW8ePN6ur5JJc1KTPS+zDRYd7SFzqteHHjCrQxtUANYZZ
2tkBvCT1o8CcM2zYa+LVl/JLFd5N7J9Pox7mjyE6C8RTpu1Hntoxmo0YBgREpm3S
vZbuxdnkgC79mmv/GsrgOfye3naAveD6bC1w8O52Kr0Sfm6sg/rm4EXPaQ3zW749
UalwAe8fiOmn01uyWQuu3dRaYsPiMWUlAJlqvMiez9HVv7LsO7HZNVnEH9gVMWSn
f42vqluYljJODGgvocC90UaWRgSIsqzC
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:02 2025 by rpki-client