Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC38AB80C27211EF984730A0762E951A.roa
File: AC38AB80C27211EF984730A0762E951A.roa (raw, json)
Hash identifier: TuJBoE54gTY/E4lwpi8YfRJ1aUrNCqObOtJW3x7Mqrg=
Subject key identifier: 2F:12:53:8F:EE:B4:F5:76:9B:9E:DB:21:30:C4:4D:AD:0C:DD:93:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012476
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC38AB80C27211EF984730A0762E951A.roa
Signing time: Wed 25 Dec 2024 03:45:24 +0000
ROA not before: Wed 25 Dec 2024 03:45:21 +0000
ROA not after: Wed 10 Dec 2025 03:45:21 +0000
asID: 984
IP address blocks: 154.211.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74870 (0x12476)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 03:45:21 2024 GMT
Not After : Dec 10 03:45:21 2025 GMT
Subject: CN=676b7fd4-b18d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e6:d7:89:5d:ba:61:24:7b:a9:a1:1a:37:89:
c5:c8:6e:7a:26:50:ea:48:74:fe:5f:b7:c6:91:d7:
9d:ab:60:78:3f:27:9f:16:1d:97:9f:6a:ef:fd:45:
45:55:5b:cc:b4:c3:ca:8f:db:e5:84:4a:76:be:77:
75:8d:ea:0d:96:46:89:e7:8c:9a:e0:d7:24:c1:f6:
59:5e:ee:fb:7b:20:f1:76:5d:b5:cc:09:10:28:bc:
37:64:59:db:14:29:63:2c:97:2f:19:02:2c:69:0f:
ff:fa:ed:19:43:c8:a0:6b:fa:03:d3:97:b3:cd:0f:
1d:4e:7a:a2:4e:3a:ed:7c:3d:db:07:39:71:c6:34:
84:c5:6b:d0:c2:6e:89:b2:70:f8:f1:5a:0d:f7:f8:
84:df:c0:45:18:61:74:80:0c:33:31:f2:92:86:eb:
fd:02:a8:07:6d:d9:d9:97:a5:7e:b8:2e:21:5c:12:
19:70:b0:4c:c4:b2:21:45:2e:28:91:2f:0c:6a:8a:
b9:a7:74:e0:fe:a8:0a:a1:14:e7:1f:c5:90:51:e2:
33:73:9d:f1:fd:a7:a8:86:f2:c1:7a:04:97:97:a5:
29:1e:b5:38:93:10:c2:10:ff:b9:ba:ec:75:89:0e:
c4:98:56:1b:b7:cc:ac:f6:56:62:88:b5:e2:63:cf:
dd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:12:53:8F:EE:B4:F5:76:9B:9E:DB:21:30:C4:4D:AD:0C:DD:93:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC38AB80C27211EF984730A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.216.0/24
Signature Algorithm: sha256WithRSAEncryption
72:49:f8:40:a6:09:a4:a2:91:6b:c4:d4:c6:2a:f1:13:52:60:
97:cb:a5:5d:12:0d:12:a5:56:63:37:63:98:a4:75:74:56:4e:
cf:5d:0c:ed:04:7b:e1:57:13:3f:01:ab:b1:c2:49:2f:50:25:
12:42:e7:18:2e:c8:42:7b:b2:4f:1e:1f:5a:79:71:b9:a5:5b:
f9:38:97:b6:3c:9e:19:c6:68:64:6d:e0:90:d7:b7:83:29:e2:
66:90:ca:cd:e4:2e:88:fa:d5:46:46:90:78:01:53:20:19:12:
81:96:6e:8b:2a:02:fa:80:be:a3:a8:77:87:a5:b4:cb:ba:7d:
8a:04:9a:22:34:92:47:38:8c:cc:ef:5c:f4:43:e8:af:86:6f:
38:b4:72:06:bd:40:a0:f5:4b:3f:ef:bb:07:56:f5:79:78:9b:
a8:a8:53:f4:a3:f8:71:6d:2f:27:60:9c:a7:f8:e2:b6:3e:7f:
10:d3:1a:55:8c:e4:60:d8:ac:86:ab:79:ff:1e:c5:c8:69:a3:
e1:c2:de:37:8a:aa:53:a4:2b:7e:b7:6f:35:61:00:ea:92:60:
19:af:df:a7:02:03:35:ab:7a:77:eb:4f:b3:0f:1e:16:43:e3:
04:9c:97:12:97:61:86:dd:35:e9:13:68:45:1c:66:6f:7c:a0:
48:b3:b3:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASR2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDM0NTIxWhcNMjUxMjEwMDM0NTIxWjAYMRYw
FAYDVQQDEw02NzZiN2ZkNC1iMThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwebXiV26YSR7qaEaN4nFyG56JlDqSHT+X7fGkdedq2B4PyefFh2Xn2rv
/UVFVVvMtMPKj9vlhEp2vnd1jeoNlkaJ54ya4NckwfZZXu77eyDxdl21zAkQKLw3
ZFnbFCljLJcvGQIsaQ//+u0ZQ8iga/oD05ezzQ8dTnqiTjrtfD3bBzlxxjSExWvQ
wm6JsnD48VoN9/iE38BFGGF0gAwzMfKShuv9AqgHbdnZl6V+uC4hXBIZcLBMxLIh
RS4okS8Maoq5p3Tg/qgKoRTnH8WQUeIzc53x/aeohvLBegSXl6UpHrU4kxDCEP+5
uux1iQ7EmFYbt8ys9lZiiLXiY8/d+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC8S
U4/utPV2m57bITDETa0M3ZMsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQzM4QUI4MEMyNzIxMUVGOTg0NzMwQTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtPYMA0GCSqGSIb3DQEB
CwUAA4IBAQBySfhApgmkopFrxNTGKvETUmCXy6VdEg0SpVZjN2OYpHV0Vk7PXQzt
BHvhVxM/AauxwkkvUCUSQucYLshCe7JPHh9aeXG5pVv5OJe2PJ4ZxmhkbeCQ17eD
KeJmkMrN5C6I+tVGRpB4AVMgGRKBlm6LKgL6gL6jqHeHpbTLun2KBJoiNJJHOIzM
71z0Q+ivhm84tHIGvUCg9Us/77sHVvV5eJuoqFP0o/hxbS8nYJyn+OK2Pn8Q0xpV
jORg2KyGq3n/HsXIaaPhwt43iqpTpCt+t281YQDqkmAZr9+nAgM1q3p360+zDx4W
Q+MEnJcSl2GG3TXpE2hFHGZvfKBIs7PA
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:04:06 2025 by rpki-client