Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEF92D40C63711EFA7295082762E951A.roa
File: AEF92D40C63711EFA7295082762E951A.roa (raw, json)
Hash identifier: wkPAgKjOOnA/pAownV+ptqcmMYkwM+nvduJ5e3/C4T0=
Subject key identifier: 4B:BE:EB:BA:89:30:F4:31:DD:DE:03:9D:55:C5:29:DF:AC:25:73:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013029
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEF92D40C63711EFA7295082762E951A.roa
Signing time: Sun 29 Dec 2024 22:53:13 +0000
ROA not before: Sun 29 Dec 2024 22:53:10 +0000
ROA not after: Sun 12 Dec 2027 22:53:10 +0000
asID: 17561
IP address blocks: 154.217.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77865 (0x13029)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 22:53:10 2024 GMT
Not After : Dec 12 22:53:10 2027 GMT
Subject: CN=6771d2d9-95ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a7:2b:71:2e:bf:be:a7:db:75:ea:1a:d9:3a:
18:83:75:86:e0:b1:6f:48:c6:86:11:10:85:7b:62:
46:2a:ec:c6:08:43:b0:df:2a:3f:1c:a5:c3:9f:59:
19:a4:33:e7:28:d3:4c:b9:a5:96:d1:71:64:7b:c6:
a4:b9:0d:b1:0f:ae:26:c3:11:44:e8:64:bb:c2:c4:
23:54:4b:ca:8a:5e:d2:f8:5b:22:49:01:7f:aa:aa:
d2:c2:79:09:52:ba:05:71:ad:eb:05:33:71:e0:58:
0d:78:0d:07:e5:ac:62:de:db:00:bd:45:c6:69:cc:
0c:98:bf:f4:c6:bd:69:d5:61:9a:45:51:15:84:95:
af:5a:54:9a:ff:05:11:50:50:9d:de:18:cc:cd:55:
d8:6b:13:31:f6:05:eb:aa:3b:30:d5:ca:84:8e:bd:
bd:2f:eb:9e:e4:6e:5f:43:da:f2:63:eb:f2:8a:2c:
d3:95:f8:31:07:22:e5:05:58:d0:56:a2:c2:aa:a1:
99:ca:0d:8a:47:b6:97:6b:4b:23:ad:29:3b:22:41:
5e:cf:92:07:cd:da:e0:22:ac:12:b0:42:e9:4b:51:
ad:9f:b1:83:f8:9c:b8:06:40:30:95:cb:3c:16:78:
8a:1a:d3:50:fb:1f:09:4f:2d:30:91:c9:cf:dd:a6:
7a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:BE:EB:BA:89:30:F4:31:DD:DE:03:9D:55:C5:29:DF:AC:25:73:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEF92D40C63711EFA7295082762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.248.0/24
Signature Algorithm: sha256WithRSAEncryption
03:35:ce:3e:2b:1c:9d:b6:f7:32:b5:2b:ce:04:30:71:1d:19:
b9:fc:20:19:c1:29:f0:e2:33:d1:76:1b:33:c2:da:d7:55:9c:
52:75:6c:3d:6c:1e:24:9d:20:23:21:32:57:c8:3a:b5:1d:bc:
34:9f:e9:4c:5a:29:5f:b4:12:fa:2c:7c:16:45:c9:90:32:51:
38:ab:2c:81:5c:79:5f:81:32:5e:f2:77:36:1e:0b:55:20:4e:
60:fc:40:cf:5b:d9:bb:f9:c5:e4:eb:c0:50:1d:f1:32:73:3e:
81:7c:da:f8:98:e7:48:64:a8:4b:b2:da:cf:cf:1c:d3:fd:ee:
c1:d6:c1:b6:4c:ed:8d:0a:c2:0e:bc:30:46:53:e2:61:5d:7b:
2b:80:2c:71:49:8c:e0:9a:07:39:d5:42:0b:a8:9e:11:48:7a:
d6:ea:4e:60:e2:6e:c1:1a:7d:50:30:9b:e7:01:ea:4c:b0:51:
f1:a1:30:40:d5:82:34:cf:d0:1d:29:d0:97:80:b5:0e:9b:ca:
8b:25:0c:78:6b:10:7a:72:a0:25:0c:ce:60:ee:0c:47:18:fb:
63:01:25:d2:cb:e6:58:dd:02:7c:70:d8:02:14:80:1c:dc:89:
1e:b4:f5:02:8a:fa:2d:b7:38:85:11:c7:67:f6:f7:91:be:ab:
19:35:84:5e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATApMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjI1MzEwWhcNMjcxMjEyMjI1MzEwWjAYMRYw
FAYDVQQDEw02NzcxZDJkOS05NWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1acrcS6/vqfbdeoa2ToYg3WG4LFvSMaGERCFe2JGKuzGCEOw3yo/HKXD
n1kZpDPnKNNMuaWW0XFke8akuQ2xD64mwxFE6GS7wsQjVEvKil7S+FsiSQF/qqrS
wnkJUroFca3rBTNx4FgNeA0H5axi3tsAvUXGacwMmL/0xr1p1WGaRVEVhJWvWlSa
/wURUFCd3hjMzVXYaxMx9gXrqjsw1cqEjr29L+ue5G5fQ9ryY+vyiizTlfgxByLl
BVjQVqLCqqGZyg2KR7aXa0sjrSk7IkFez5IHzdrgIqwSsELpS1Gtn7GD+Jy4BkAw
lcs8FniKGtNQ+x8JTy0wkcnP3aZ6bQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEu+
67qJMPQx3d4DnVXFKd+sJXMbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRUY5MkQ0MEM2MzcxMUVGQTcyOTUwODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtn4MA0GCSqGSIb3DQEB
CwUAA4IBAQADNc4+KxydtvcytSvOBDBxHRm5/CAZwSnw4jPRdhszwtrXVZxSdWw9
bB4knSAjITJXyDq1Hbw0n+lMWilftBL6LHwWRcmQMlE4qyyBXHlfgTJe8nc2HgtV
IE5g/EDPW9m7+cXk68BQHfEycz6BfNr4mOdIZKhLstrPzxzT/e7B1sG2TO2NCsIO
vDBGU+JhXXsrgCxxSYzgmgc51UILqJ4RSHrW6k5g4m7BGn1QMJvnAepMsFHxoTBA
1YI0z9AdKdCXgLUOm8qLJQx4axB6cqAlDM5g7gxHGPtjASXSy+ZY3QJ8cNgCFIAc
3IketPUCivottziFEcdn9veRvqsZNYRe
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:51 2025 by rpki-client