Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A216595EC5EC11EFAA2C1BAC762E951A.roa
File: A216595EC5EC11EFAA2C1BAC762E951A.roa (raw, json)
Hash identifier: /QC6PAaUmmHW9rRRc4u46FUMzjG3qnjxt8jjqWfEnkE=
Subject key identifier: 28:59:4C:50:A7:37:CF:AE:20:D1:13:D0:22:D8:FF:CB:35:49:24:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012DB2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A216595EC5EC11EFAA2C1BAC762E951A.roa
Signing time: Sun 29 Dec 2024 13:55:59 +0000
ROA not before: Sun 29 Dec 2024 13:55:56 +0000
ROA not after: Sun 12 Dec 2027 13:55:56 +0000
asID: 17561
IP address blocks: 154.211.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77234 (0x12db2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 13:55:56 2024 GMT
Not After : Dec 12 13:55:56 2027 GMT
Subject: CN=677154ef-001a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d8:5d:16:b6:cf:a9:01:c8:73:65:1b:c3:16:
27:aa:3f:8d:8a:a4:69:10:d4:03:aa:28:9b:a0:d3:
09:12:cf:ea:4c:29:09:c3:78:39:46:5b:98:07:09:
39:77:4d:56:1f:44:b3:b6:82:e2:30:05:87:9b:8b:
99:8a:5d:24:de:66:4f:d4:6a:85:ca:0f:6d:00:1d:
62:d3:b2:eb:a8:d3:b5:5e:d3:46:d4:64:20:ae:50:
0f:87:7d:2a:62:e4:11:af:f1:89:01:f9:5b:c6:72:
f8:b3:00:3b:45:a3:9c:1a:71:a1:0c:7a:97:85:91:
71:91:1e:41:99:08:6b:e7:a8:ef:79:0b:d0:e6:4d:
56:ad:d1:90:10:40:5c:29:bc:a4:13:ae:83:83:3e:
39:9d:2f:b6:2a:71:8a:9c:ed:f1:b8:b2:08:f4:b6:
dd:a9:44:5b:4f:09:60:c8:19:a0:92:32:3b:d8:7e:
e4:98:99:75:f9:79:4f:0f:6d:9a:93:56:8c:57:99:
6c:26:b4:06:ce:a6:14:0d:61:a8:23:c1:44:ac:a1:
49:6c:be:44:c3:a0:bd:5f:d2:4b:17:a7:d8:f5:ff:
55:66:f5:66:3e:7d:4b:63:5e:a8:24:6f:e8:94:37:
ab:fc:a7:e1:79:29:15:76:51:90:1e:b2:2f:5b:a6:
d9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:59:4C:50:A7:37:CF:AE:20:D1:13:D0:22:D8:FF:CB:35:49:24:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A216595EC5EC11EFAA2C1BAC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.32.0/24
Signature Algorithm: sha256WithRSAEncryption
af:68:c3:82:e8:3f:11:96:40:a6:da:be:17:fe:96:cc:9b:4e:
28:11:92:51:6a:ee:2f:f3:35:31:f4:dc:8a:d4:d6:7b:76:6a:
42:a3:b5:57:a5:c4:02:5e:da:05:df:75:ab:3e:e2:df:f6:02:
3e:3b:a5:1d:1d:7e:e5:0f:ce:04:14:84:f7:68:6e:13:3f:3e:
0a:bc:7a:19:29:34:e1:05:4b:73:bc:5f:64:b9:9d:8b:84:07:
8f:57:8f:cc:ba:d9:fe:91:41:d6:68:5e:e0:e7:e8:96:a1:5b:
60:bb:6e:59:0c:5c:c0:fb:19:1d:77:88:ea:25:b3:c0:7c:78:
c1:66:6a:92:d4:b6:a3:b1:f1:0a:42:5d:dd:f7:58:c4:28:48:
75:16:e5:91:e7:70:9b:2b:9b:da:e2:5c:d7:71:75:d9:c0:90:
80:82:57:c6:bc:10:ba:60:c2:79:75:33:33:37:3c:df:e9:f5:
23:61:b4:63:be:94:3c:12:cc:a8:50:e1:ac:1b:e6:c0:8b:27:
30:2f:f6:75:65:0d:89:f8:6f:84:5d:22:93:17:43:ff:1f:d7:
99:5e:83:7d:e0:7d:93:f8:d1:ba:5b:86:7c:4b:d6:66:64:cf:
26:04:68:ff:37:08:7c:7b:4e:17:ac:af:60:9c:0f:2f:2a:ea:
b2:f5:1d:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS2yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTM1NTU2WhcNMjcxMjEyMTM1NTU2WjAYMRYw
FAYDVQQDEw02NzcxNTRlZi0wMDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwdhdFrbPqQHIc2UbwxYnqj+NiqRpENQDqiiboNMJEs/qTCkJw3g5RluY
Bwk5d01WH0SztoLiMAWHm4uZil0k3mZP1GqFyg9tAB1i07LrqNO1XtNG1GQgrlAP
h30qYuQRr/GJAflbxnL4swA7RaOcGnGhDHqXhZFxkR5BmQhr56jveQvQ5k1WrdGQ
EEBcKbykE66Dgz45nS+2KnGKnO3xuLII9LbdqURbTwlgyBmgkjI72H7kmJl1+XlP
D22ak1aMV5lsJrQGzqYUDWGoI8FErKFJbL5Ew6C9X9JLF6fY9f9VZvVmPn1LY16o
JG/olDer/KfheSkVdlGQHrIvW6bZvQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFChZ
TFCnN8+uINET0CLY/8s1SSSyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMjE2NTk1RUM1RUMxMUVGQUEyQzFCQUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtMgMA0GCSqGSIb3DQEB
CwUAA4IBAQCvaMOC6D8RlkCm2r4X/pbMm04oEZJRau4v8zUx9NyK1NZ7dmpCo7VX
pcQCXtoF33WrPuLf9gI+O6UdHX7lD84EFIT3aG4TPz4KvHoZKTThBUtzvF9kuZ2L
hAePV4/Mutn+kUHWaF7g5+iWoVtgu25ZDFzA+xkdd4jqJbPAfHjBZmqS1LajsfEK
Ql3d91jEKEh1FuWR53CbK5va4lzXcXXZwJCAglfGvBC6YMJ5dTMzNzzf6fUjYbRj
vpQ8EsyoUOGsG+bAiycwL/Z1ZQ2J+G+EXSKTF0P/H9eZXoN94H2T+NG6W4Z8S9Zm
ZM8mBGj/Nwh8e04XrK9gnA8vKuqy9R0A
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:19:31 2025 by rpki-client