Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9E6963BAC47911EFBE7B467C762E951A.roa
File: 9E6963BAC47911EFBE7B467C762E951A.roa (raw, json)
Hash identifier: x++cT07tolJrprQvZIS+NLvUf793p9EkwAfOac+w/yY=
Subject key identifier: 42:F5:0F:D7:29:D5:80:6E:3C:12:43:3A:52:CA:90:BC:2B:04:98:A1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012AD8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9E6963BAC47911EFBE7B467C762E951A.roa
Signing time: Fri 27 Dec 2024 17:40:10 +0000
ROA not before: Fri 27 Dec 2024 17:40:06 +0000
ROA not after: Fri 09 Jan 2026 17:40:06 +0000
asID: 139057
IP address blocks: 154.85.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76504 (0x12ad8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 17:40:06 2024 GMT
Not After : Jan 9 17:40:06 2026 GMT
Subject: CN=676ee67a-633b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:04:45:06:b5:75:a7:d7:94:c9:fc:3c:49:64:
d8:34:f9:91:93:da:e4:12:01:de:ef:b7:61:a2:02:
d2:93:58:fe:f7:03:a7:12:0f:66:f5:f7:5b:69:6c:
db:2e:b7:51:fe:f6:90:ee:e2:b5:43:9d:dc:ad:56:
8e:ee:00:a7:f9:6c:93:09:94:48:2f:9d:ba:f1:01:
d0:3d:89:e7:20:83:4e:3f:6e:eb:73:47:f4:58:ae:
a6:97:82:7e:f1:71:76:43:ee:ff:93:8d:7e:f5:0b:
ac:06:80:f9:54:3b:ce:57:dd:66:0a:bc:41:83:06:
78:b9:ca:8a:77:3f:72:db:da:55:b4:94:68:dc:93:
89:82:ba:33:b6:eb:a8:2c:46:ec:de:37:9e:3f:da:
a3:5f:40:6a:f5:23:d8:cf:4f:e9:f8:2f:30:b5:47:
71:11:0a:26:7e:e0:eb:ef:35:7a:69:ca:56:96:6c:
2b:98:aa:cf:47:12:d4:0b:3b:a7:b2:34:71:8c:ea:
bc:00:50:be:c0:27:23:76:bf:55:e6:71:33:dc:18:
7b:17:b7:2a:45:19:2a:52:af:ff:d6:22:16:d0:2d:
45:bb:4e:2b:f6:9f:50:8f:c7:a7:47:b9:fa:5c:3c:
3b:85:f2:46:00:85:ed:ba:bc:a2:71:0c:6c:97:02:
89:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F5:0F:D7:29:D5:80:6E:3C:12:43:3A:52:CA:90:BC:2B:04:98:A1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9E6963BAC47911EFBE7B467C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.88.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:e7:0c:c2:be:ff:b7:1c:b6:6a:0f:7e:70:c8:3b:ba:9d:d8:
b5:4a:f0:a3:55:a1:43:4c:b1:2a:c6:4f:ed:3b:1e:5c:93:fd:
14:13:2a:f3:37:d5:8d:59:be:ff:99:61:04:05:0b:e2:a5:cc:
ab:cb:8a:5f:4e:59:36:d1:a9:42:e9:36:f8:75:22:64:dd:c4:
a8:59:b1:e5:c6:78:86:89:65:e1:ba:4f:3a:86:3c:78:1e:de:
2c:9a:5a:59:41:70:60:ca:93:05:08:6b:1d:e9:ea:74:47:f9:
7d:30:48:db:e2:e0:3a:38:dd:4d:48:9c:3e:e8:a9:4f:47:6d:
7b:ce:39:c1:21:29:1d:72:37:83:f8:45:0f:1d:c1:28:80:45:
e1:8a:10:84:82:6d:29:b5:cc:ea:46:03:ee:a4:c3:0c:45:88:
1a:61:fd:49:1a:7c:f6:2d:bf:04:18:1a:88:9a:a4:87:8e:ff:
2b:d8:85:72:6f:be:2d:b8:3e:9d:20:85:de:81:0f:85:a9:d6:
3a:e6:75:d6:14:4b:7a:92:f4:72:66:08:44:0d:65:74:b3:a3:
5a:e9:e4:8c:be:73:71:bc:d0:f5:30:e0:8e:86:12:c6:c8:88:
2a:25:a0:99:4f:c9:ec:9f:da:4c:a3:e2:07:95:45:3c:b9:ee:
64:30:7c:35
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASrYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MTc0MDA2WhcNMjYwMTA5MTc0MDA2WjAYMRYw
FAYDVQQDEw02NzZlZTY3YS02MzNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6QRFBrV1p9eUyfw8SWTYNPmRk9rkEgHe77dhogLSk1j+9wOnEg9m9fdb
aWzbLrdR/vaQ7uK1Q53crVaO7gCn+WyTCZRIL5268QHQPYnnIINOP27rc0f0WK6m
l4J+8XF2Q+7/k41+9QusBoD5VDvOV91mCrxBgwZ4ucqKdz9y29pVtJRo3JOJgroz
tuuoLEbs3jeeP9qjX0Bq9SPYz0/p+C8wtUdxEQomfuDr7zV6acpWlmwrmKrPRxLU
CzunsjRxjOq8AFC+wCcjdr9V5nEz3Bh7F7cqRRkqUq//1iIW0C1Fu04r9p9Qj8en
R7n6XDw7hfJGAIXturyicQxslwKJ9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEL1
D9cp1YBuPBJDOlLKkLwrBJihMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RTY5NjNCQUM0NzkxMUVGQkU3QjQ2N0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlVYMA0GCSqGSIb3DQEB
CwUAA4IBAQBs5wzCvv+3HLZqD35wyDu6ndi1SvCjVaFDTLEqxk/tOx5ck/0UEyrz
N9WNWb7/mWEEBQvipcyry4pfTlk20alC6Tb4dSJk3cSoWbHlxniGiWXhuk86hjx4
Ht4smlpZQXBgypMFCGsd6ep0R/l9MEjb4uA6ON1NSJw+6KlPR217zjnBISkdcjeD
+EUPHcEogEXhihCEgm0ptczqRgPupMMMRYgaYf1JGnz2Lb8EGBqImqSHjv8r2IVy
b74tuD6dIIXegQ+FqdY65nXWFEt6kvRyZghEDWV0s6Na6eSMvnNxvND1MOCOhhLG
yIgqJaCZT8nsn9pMo+IHlUU8ue5kMHw1
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:58:25 2025 by rpki-client