Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A970A122C26411EFBEF7D0BC762E951A.roa
File: A970A122C26411EFBEF7D0BC762E951A.roa (raw, json)
Hash identifier: wVjfHGEutb3SiqLrbEYPKcGSk44V3VSK+qanecAHj+Y=
Subject key identifier: E7:D4:D2:F6:1A:36:41:67:34:CB:1A:5D:0F:DA:BC:08:49:83:A4:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0123DA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A970A122C26411EFBEF7D0BC762E951A.roa
Signing time: Wed 25 Dec 2024 02:05:07 +0000
ROA not before: Wed 25 Dec 2024 02:05:03 +0000
ROA not after: Wed 10 Dec 2025 02:05:03 +0000
asID: 984
IP address blocks: 154.199.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74714 (0x123da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 02:05:03 2024 GMT
Not After : Dec 10 02:05:03 2025 GMT
Subject: CN=676b6853-f86c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:90:e8:a4:38:34:f8:3a:2f:57:d0:3f:2d:53:
b4:06:c9:03:82:77:03:3f:34:e5:c0:2f:31:4c:af:
26:d3:ae:fa:cf:3d:ab:19:6b:14:f4:db:a0:27:b9:
70:62:ae:ea:ac:33:d7:42:9e:a7:34:9d:5a:5d:33:
15:ed:8c:9f:17:18:a1:8d:34:b5:16:06:f8:d4:35:
e7:a8:ec:11:23:18:00:f3:3e:1c:e5:8d:aa:0d:43:
50:49:71:50:6c:4d:7d:1b:52:79:50:cb:1a:f5:46:
ec:07:29:25:07:81:14:33:75:9c:4c:1d:59:27:c5:
83:8e:b8:d2:f5:9c:14:ff:77:05:7b:2e:8e:20:b0:
16:83:e5:81:41:d3:da:fb:66:d3:60:2b:45:80:9f:
9c:82:8a:67:a1:42:78:7d:c5:95:b9:0a:3e:c9:15:
4f:96:d3:be:f3:58:ec:3b:7f:4a:a2:c8:c0:75:d1:
95:6f:24:50:60:7a:7b:2e:9c:9d:e5:ac:29:7b:1e:
ee:8b:e5:5b:f6:bd:a4:fb:de:bc:94:39:4b:86:c4:
e1:52:1d:27:f5:19:b4:a7:50:81:5d:7b:37:b5:ee:
8c:c8:46:72:36:13:13:b8:ef:10:65:50:0f:0f:21:
36:35:3d:07:a5:3a:ae:cc:29:fd:f3:89:07:81:e6:
24:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D4:D2:F6:1A:36:41:67:34:CB:1A:5D:0F:DA:BC:08:49:83:A4:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A970A122C26411EFBEF7D0BC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.122.0/24
Signature Algorithm: sha256WithRSAEncryption
28:28:15:81:3b:35:24:94:c9:ec:08:5a:34:a8:cf:be:cf:f7:
05:b6:b0:16:88:16:82:30:74:d9:8b:4b:f6:42:5f:50:85:98:
05:78:1a:d0:3e:52:64:6e:8e:9a:49:7e:e9:42:64:a7:e7:1b:
94:18:b2:86:a4:b5:f0:d5:e3:d7:e0:ed:23:14:4d:22:4d:cc:
0e:57:05:cc:c6:4a:c4:a0:fc:35:04:42:93:c2:84:69:d9:7e:
8b:8d:d9:c5:8b:2e:70:d3:0c:2f:2d:df:f1:6c:95:a1:7b:56:
50:49:a3:08:9b:15:95:da:a9:69:17:4c:08:a3:f5:e0:60:a2:
81:7e:be:60:d2:4f:72:2b:66:67:f1:de:13:e7:46:36:2b:41:
49:e3:4d:63:d3:07:a4:f4:88:52:bf:d3:11:03:6b:0b:11:0d:
40:58:ef:d2:8d:9e:0b:12:fd:1c:fe:bb:e0:91:dd:72:a4:1a:
cb:89:90:3c:37:b8:af:15:36:e0:80:ad:a1:bc:89:3b:1e:88:
59:a2:51:a7:eb:f5:ec:b5:04:82:03:e9:86:2d:68:ac:55:13:
36:6a:92:97:df:31:92:17:c8:2c:bb:4c:58:ad:a9:2b:c7:a9:
73:9b:3a:ae:a5:d7:08:7f:3a:ab:b4:41:d5:ad:95:39:99:e9:
36:77:02:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASPaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDIwNTAzWhcNMjUxMjEwMDIwNTAzWjAYMRYw
FAYDVQQDEw02NzZiNjg1My1mODZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqpDopDg0+DovV9A/LVO0BskDgncDPzTlwC8xTK8m0676zz2rGWsU9Nug
J7lwYq7qrDPXQp6nNJ1aXTMV7YyfFxihjTS1Fgb41DXnqOwRIxgA8z4c5Y2qDUNQ
SXFQbE19G1J5UMsa9UbsByklB4EUM3WcTB1ZJ8WDjrjS9ZwU/3cFey6OILAWg+WB
QdPa+2bTYCtFgJ+cgopnoUJ4fcWVuQo+yRVPltO+81jsO39KosjAddGVbyRQYHp7
Lpyd5awpex7ui+Vb9r2k+968lDlLhsThUh0n9Rm0p1CBXXs3te6MyEZyNhMTuO8Q
ZVAPDyE2NT0HpTquzCn984kHgeYkzQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOfU
0vYaNkFnNMsaXQ/avAhJg6RgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOTcwQTEyMkMyNjQxMUVGQkVGN0QwQkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsd6MA0GCSqGSIb3DQEB
CwUAA4IBAQAoKBWBOzUklMnsCFo0qM++z/cFtrAWiBaCMHTZi0v2Ql9QhZgFeBrQ
PlJkbo6aSX7pQmSn5xuUGLKGpLXw1ePX4O0jFE0iTcwOVwXMxkrEoPw1BEKTwoRp
2X6LjdnFiy5w0wwvLd/xbJWhe1ZQSaMImxWV2qlpF0wIo/XgYKKBfr5g0k9yK2Zn
8d4T50Y2K0FJ401j0wek9IhSv9MRA2sLEQ1AWO/SjZ4LEv0c/rvgkd1ypBrLiZA8
N7ivFTbggK2hvIk7HohZolGn6/XstQSCA+mGLWisVRM2apKX3zGSF8gsu0xYrakr
x6lzmzqupdcIfzqrtEHVrZU5mek2dwJ5
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:36:48 2025 by rpki-client