Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7AF4A9491E211EF91E90482762E951A.roa
File: A7AF4A9491E211EF91E90482762E951A.roa (raw, json)
Hash identifier: k5g+BgvoMdEAJGgBpNtW/a2tl2EberTLdi85eirxEjg=
Subject key identifier: B2:76:92:1A:0D:48:45:C4:60:A0:E9:3B:3A:DB:DE:D4:C8:09:A2:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010123
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7AF4A9491E211EF91E90482762E951A.roa
Signing time: Thu 24 Oct 2024 08:33:33 +0000
ROA not before: Thu 24 Oct 2024 08:33:30 +0000
ROA not after: Tue 04 Nov 2025 08:33:30 +0000
asID: 62240
IP address blocks: 154.194.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65827 (0x10123)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Oct 24 08:33:30 2024 GMT
Not After : Nov 4 08:33:30 2025 GMT
Subject: CN=671a065d-5398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a7:3b:5c:97:b8:87:dc:c3:b9:e4:3b:00:9b:
e8:40:c5:7b:40:1d:01:7a:3b:55:a9:da:13:20:c5:
a9:29:e9:d4:bf:4c:3f:c5:c4:17:b6:88:3e:47:b5:
0a:94:ba:19:85:aa:75:1b:21:94:95:d5:e9:48:34:
5e:ef:5b:f8:d2:f7:87:52:62:9e:be:86:50:47:1e:
f5:5e:45:c3:da:4b:d6:63:36:61:f9:d4:6e:bb:d3:
39:d2:0f:88:13:b9:1f:e8:dc:fe:ee:4a:35:49:77:
17:1f:f8:a5:27:a6:6c:00:6e:f8:21:90:d6:b5:d3:
a7:ef:d3:a8:ce:f8:67:a5:ed:93:b7:7c:33:f7:86:
2e:90:98:ef:b3:fb:fb:5d:2f:14:88:79:48:a9:12:
29:62:62:2b:00:63:48:3e:c2:d5:a5:7b:8c:94:52:
5c:29:51:7a:72:4c:34:64:53:b5:77:c2:f7:b7:70:
bb:b1:76:7f:02:6f:51:dc:9f:c7:35:5f:c4:b4:82:
00:f2:8b:3a:2e:35:f3:d8:93:cf:1a:63:67:5b:71:
c3:d7:6f:16:7d:e9:68:82:86:57:8d:6c:73:ea:96:
45:08:3e:52:a2:53:bd:b4:e5:71:50:f3:20:d9:95:
44:98:d5:2d:82:16:31:bf:13:38:0b:ed:bd:1d:f9:
dc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:76:92:1A:0D:48:45:C4:60:A0:E9:3B:3A:DB:DE:D4:C8:09:A2:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7AF4A9491E211EF91E90482762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.37.0/24
Signature Algorithm: sha256WithRSAEncryption
72:1b:56:68:7e:a1:87:c8:11:8f:e5:62:03:47:fe:01:4b:4c:
fa:2c:50:5c:59:2d:3a:93:17:12:91:a7:60:9e:c0:3a:8c:2b:
7b:2b:3b:4c:60:7b:40:37:54:52:85:f5:04:a6:2b:ad:fe:a7:
bf:fc:7e:ec:c7:fa:14:55:b2:5f:5e:28:e0:cc:b5:eb:28:f8:
83:3a:10:5a:5f:93:4f:99:8a:76:89:de:50:ef:7c:e9:9f:61:
e5:73:c9:cf:82:4c:60:79:6c:37:d4:63:a1:d7:75:f4:22:00:
39:ad:f1:f5:07:d9:b8:98:c8:e5:62:7f:28:d0:86:cd:6a:fc:
72:4f:00:ff:f3:14:2c:bf:ea:34:35:92:e7:7b:16:20:b2:95:
46:85:13:28:f2:76:b5:14:d7:06:26:9f:5a:16:91:98:1f:75:
27:a7:75:cb:a2:b9:25:21:9f:28:43:4d:4b:e7:58:bb:26:69:
d3:b7:b2:c4:80:d0:e2:51:b1:13:60:d0:90:64:58:e5:40:e0:
ab:8a:31:b5:a7:12:15:2d:5f:d8:12:87:40:08:9e:d1:a2:94:
84:2d:cb:12:ff:3f:13:ee:57:a2:9a:66:92:8d:ba:f0:21:20:
3f:33:c5:3a:ef:47:a3:52:84:d1:3f:c4:22:aa:cb:a3:f9:ed:
a8:4f:3f:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQEjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDI0MDgzMzMwWhcNMjUxMTA0MDgzMzMwWjAYMRYw
FAYDVQQDEw02NzFhMDY1ZC01Mzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwqc7XJe4h9zDueQ7AJvoQMV7QB0BejtVqdoTIMWpKenUv0w/xcQXtog+
R7UKlLoZhap1GyGUldXpSDRe71v40veHUmKevoZQRx71XkXD2kvWYzZh+dRuu9M5
0g+IE7kf6Nz+7ko1SXcXH/ilJ6ZsAG74IZDWtdOn79Oozvhnpe2Tt3wz94YukJjv
s/v7XS8UiHlIqRIpYmIrAGNIPsLVpXuMlFJcKVF6ckw0ZFO1d8L3t3C7sXZ/Am9R
3J/HNV/EtIIA8os6LjXz2JPPGmNnW3HD128WfelogoZXjWxz6pZFCD5SolO9tOVx
UPMg2ZVEmNUtghYxvxM4C+29HfncwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLJ2
khoNSEXEYKDpOzrb3tTICaJ9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BN0FGNEE5NDkxRTIxMUVGOTFFOTA0ODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIlMA0GCSqGSIb3DQEB
CwUAA4IBAQByG1ZofqGHyBGP5WIDR/4BS0z6LFBcWS06kxcSkadgnsA6jCt7KztM
YHtAN1RShfUEpiut/qe//H7sx/oUVbJfXijgzLXrKPiDOhBaX5NPmYp2id5Q73zp
n2Hlc8nPgkxgeWw31GOh13X0IgA5rfH1B9m4mMjlYn8o0IbNavxyTwD/8xQsv+o0
NZLnexYgspVGhRMo8na1FNcGJp9aFpGYH3Unp3XLorklIZ8oQ01L51i7JmnTt7LE
gNDiUbETYNCQZFjlQOCrijG1pxIVLV/YEodACJ7RopSELcsS/z8T7leimmaSjbrw
ISA/M8U670ejUoTRP8Qiqsuj+e2oTz9u
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:22 2025 by rpki-client