Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABCC008ECDB711EF825CCF44762E951A.roa
File: ABCC008ECDB711EF825CCF44762E951A.roa (raw, json)
Hash identifier: +pTFoIhXMgqoVXneiDyPES1WptXT0HxYCXSvPPJLGzA=
Subject key identifier: 4F:4E:C5:07:8A:81:56:1B:CA:61:AA:7D:51:99:CD:65:4A:DA:B9:A9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136C4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABCC008ECDB711EF825CCF44762E951A.roa
Signing time: Wed 08 Jan 2025 11:57:02 +0000
ROA not before: Wed 08 Jan 2025 11:56:58 +0000
ROA not after: Thu 16 Dec 2027 11:56:58 +0000
asID: 17561
IP address blocks: 154.200.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79556 (0x136c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 11:56:58 2025 GMT
Not After : Dec 16 11:56:58 2027 GMT
Subject: CN=677e680e-4a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:44:23:47:dd:b8:e1:ed:4f:fc:bd:2e:70:1a:
b1:99:03:c9:4a:52:de:d7:98:7f:7b:62:cc:b7:08:
ec:c4:9e:58:b0:d5:d9:48:6f:d2:0a:30:34:88:68:
9f:8a:12:04:c1:c0:36:3c:93:64:a3:a1:09:73:84:
7f:78:f7:b1:d3:e4:aa:5d:99:0d:f0:15:af:a0:3f:
1c:3a:4f:f8:fa:91:22:c9:64:d3:a7:53:06:23:60:
a2:98:5c:f1:43:8d:9a:2b:26:fd:65:c3:52:05:78:
5b:9f:c4:d9:3a:0b:9f:da:25:cf:87:28:8e:0a:80:
0c:47:ec:7c:8b:e8:b8:62:a8:01:41:4e:ff:c7:67:
b7:43:5a:ae:b0:9f:4a:90:69:0e:b8:86:ad:4b:b9:
cb:0f:99:ca:d9:3b:8a:58:ed:97:15:9e:18:40:95:
c5:68:5c:a0:fe:07:cd:ad:71:f4:aa:6a:62:1c:cc:
68:8e:f1:18:97:4f:69:a3:aa:d0:01:a0:ff:d9:ed:
77:14:af:2b:f3:7a:c4:29:7e:52:b5:bb:b4:51:51:
65:90:f0:38:d8:8f:15:05:40:0a:ff:4e:41:29:c6:
d1:e5:bd:63:2a:76:04:3f:94:7a:1f:bb:b1:30:c7:
ae:5c:74:ce:85:34:52:fd:19:1c:f8:cd:5b:89:9a:
f5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:4E:C5:07:8A:81:56:1B:CA:61:AA:7D:51:99:CD:65:4A:DA:B9:A9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABCC008ECDB711EF825CCF44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.171.0/24
Signature Algorithm: sha256WithRSAEncryption
92:9e:3a:f4:8b:19:9f:cc:15:b3:2c:73:4a:01:b0:c7:98:88:
9b:6b:e5:cf:9d:56:81:ee:b2:c0:e7:48:1e:49:94:cf:22:fb:
ea:f8:b1:90:7d:ea:25:45:c8:b1:a7:fe:2f:77:aa:61:02:35:
91:24:ab:d5:33:f6:84:5c:79:72:f5:df:f6:c6:5a:3d:65:90:
a3:e8:96:13:f8:04:c3:30:2f:f7:a7:5d:3b:c0:d5:2e:b0:14:
39:44:9e:d4:34:66:d3:7f:5a:ca:3f:b0:3a:1e:75:b1:55:46:
fa:0a:f4:38:5e:c7:32:b8:9c:85:a0:7c:f3:5a:82:da:58:89:
5d:24:95:78:a1:54:2e:83:70:cb:5a:8d:1b:11:f8:9a:7e:20:
63:07:be:53:3f:a5:ff:85:89:db:ff:63:92:88:e0:c3:3d:b0:
30:c4:ac:32:09:45:1c:2e:8f:00:9c:eb:0a:98:63:65:d7:b3:
52:8e:76:a7:56:f4:55:d6:d6:86:9c:ec:45:05:ed:8f:46:c4:
03:91:79:25:c7:ac:20:a8:6d:5f:8b:75:ee:7d:4f:e1:d3:2d:
1a:42:54:fc:c9:29:c1:77:1a:b0:7f:73:41:52:3f:ce:48:3d:
1c:b3:58:aa:47:9e:75:31:01:71:e0:0b:80:0b:b3:33:3b:17:
84:49:d2:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATbEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTE1NjU4WhcNMjcxMjE2MTE1NjU4WjAYMRYw
FAYDVQQDEw02NzdlNjgwZS00YTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtEQjR9244e1P/L0ucBqxmQPJSlLe15h/e2LMtwjsxJ5YsNXZSG/SCjA0
iGifihIEwcA2PJNko6EJc4R/ePex0+SqXZkN8BWvoD8cOk/4+pEiyWTTp1MGI2Ci
mFzxQ42aKyb9ZcNSBXhbn8TZOguf2iXPhyiOCoAMR+x8i+i4YqgBQU7/x2e3Q1qu
sJ9KkGkOuIatS7nLD5nK2TuKWO2XFZ4YQJXFaFyg/gfNrXH0qmpiHMxojvEYl09p
o6rQAaD/2e13FK8r83rEKX5Stbu0UVFlkPA42I8VBUAK/05BKcbR5b1jKnYEP5R6
H7uxMMeuXHTOhTRS/Rkc+M1biZr1GwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE9O
xQeKgVYbymGqfVGZzWVK2rmpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQkNDMDA4RUNEQjcxMUVGODI1Q0NGNDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsirMA0GCSqGSIb3DQEB
CwUAA4IBAQCSnjr0ixmfzBWzLHNKAbDHmIiba+XPnVaB7rLA50geSZTPIvvq+LGQ
feolRcixp/4vd6phAjWRJKvVM/aEXHly9d/2xlo9ZZCj6JYT+ATDMC/3p107wNUu
sBQ5RJ7UNGbTf1rKP7A6HnWxVUb6CvQ4XscyuJyFoHzzWoLaWIldJJV4oVQug3DL
Wo0bEfiafiBjB75TP6X/hYnb/2OSiODDPbAwxKwyCUUcLo8AnOsKmGNl17NSjnan
VvRV1taGnOxFBe2PRsQDkXklx6wgqG1fi3XufU/h0y0aQlT8ySnBdxqwf3NBUj/O
SD0cs1iqR551MQFx4AuAC7MzOxeESdKk
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:32:49 2025 by rpki-client