Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF3E2BC2C53611EFB876E2A9762E951A.roa
File: AF3E2BC2C53611EFB876E2A9762E951A.roa (raw, json)
Hash identifier: 9N4c7kxf3BcbtuLLwrnIRSHydAlCRMp+BxHjFbamz0c=
Subject key identifier: 3C:3C:C7:E5:4A:30:4D:EF:0F:8F:1B:5A:44:9B:AD:6D:74:87:8D:A3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012C1D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF3E2BC2C53611EFB876E2A9762E951A.roa
Signing time: Sat 28 Dec 2024 16:13:33 +0000
ROA not before: Sat 28 Dec 2024 16:13:29 +0000
ROA not after: Sun 12 Dec 2027 16:13:29 +0000
asID: 17561
IP address blocks: 154.204.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76829 (0x12c1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 16:13:29 2024 GMT
Not After : Dec 12 16:13:29 2027 GMT
Subject: CN=677023ad-abd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fc:4a:2b:13:2c:ff:e3:7b:4a:15:4f:ba:69:
ac:53:bd:c2:8a:3e:2f:c9:a5:ac:4c:56:83:72:a2:
ae:aa:7f:29:31:6c:f9:a5:0a:ba:99:9f:dd:a6:36:
f5:4b:3b:b3:a8:74:54:b4:82:76:8c:62:11:e7:3b:
f3:e3:6a:ca:59:91:48:32:8a:78:c2:e9:5a:46:3a:
2b:bb:d9:a8:1a:c7:3a:13:e8:67:01:47:09:16:9d:
96:3d:8d:cd:a8:0b:c5:24:04:85:4c:0c:0e:8e:54:
da:bc:50:66:67:5d:c2:5e:1a:da:1e:f3:22:17:dd:
9d:fd:3b:d1:43:cd:f2:fd:83:8d:1f:82:ec:5a:c7:
d5:f3:5c:8b:03:2d:a0:0e:9e:1a:86:c6:0d:22:71:
86:3f:b2:5c:6b:e9:cc:77:08:9e:c2:65:ae:2a:f8:
59:66:29:97:f9:78:c4:c8:7e:f7:be:ed:be:bc:e6:
19:1d:29:10:0b:d2:47:5f:6b:0c:16:da:48:c1:67:
3b:6b:7e:01:8d:3c:36:86:12:e9:0a:01:ed:6d:33:
f7:dc:8b:90:06:17:82:51:68:d7:27:57:9d:d5:2b:
1d:27:3a:5d:e2:4b:a7:06:ea:c4:68:f0:79:3f:89:
31:81:9d:4f:1d:96:c8:c2:f3:b4:26:27:23:0f:b0:
2b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3C:C7:E5:4A:30:4D:EF:0F:8F:1B:5A:44:9B:AD:6D:74:87:8D:A3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF3E2BC2C53611EFB876E2A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.119.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bb:26:73:9d:f1:bd:3b:85:88:46:9b:55:02:d1:17:44:d2:
d3:50:69:f0:7a:cd:e2:a6:5f:f4:10:2b:cb:25:8c:70:47:87:
38:a5:64:99:77:7e:6d:c1:b6:0c:8b:d7:6b:9d:ed:1b:93:41:
cd:fa:42:91:0b:ed:26:2e:96:58:7e:f0:6a:77:cb:84:bb:56:
9b:a3:17:77:12:41:d4:73:97:0f:4e:59:35:5d:bb:70:0a:6e:
dc:a0:81:e9:13:76:7e:d3:6a:4c:2a:99:1b:8f:15:c2:05:00:
12:49:b1:63:b6:ae:8d:3b:93:ae:a9:b9:7f:29:a5:ff:f7:8c:
c4:7c:85:2b:06:47:5a:ae:d4:be:c2:01:fb:4a:67:32:32:1d:
e3:58:07:47:3a:c4:34:38:b5:19:ff:e1:d4:a1:32:ce:38:0c:
b9:3d:65:82:17:a8:4a:f1:04:c3:dd:c9:a6:c9:f6:67:f6:0b:
f6:0f:20:f8:7c:21:8a:73:9b:bb:0c:2b:a6:a9:bf:a1:88:ba:
e8:e9:d5:3f:73:3c:9c:ec:d4:9d:7f:a4:f4:5b:1a:3d:d7:d9:
2e:6d:fc:9c:8b:d0:91:47:26:61:3b:e5:1f:3b:8f:14:16:ee:
72:49:93:51:5d:0d:e9:d2:23:ae:7e:8d:73:09:3c:d7:ae:84:
58:6f:62:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASwdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTYxMzI5WhcNMjcxMjEyMTYxMzI5WjAYMRYw
FAYDVQQDEw02NzcwMjNhZC1hYmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0/xKKxMs/+N7ShVPummsU73Cij4vyaWsTFaDcqKuqn8pMWz5pQq6mZ/d
pjb1SzuzqHRUtIJ2jGIR5zvz42rKWZFIMop4wulaRjoru9moGsc6E+hnAUcJFp2W
PY3NqAvFJASFTAwOjlTavFBmZ13CXhraHvMiF92d/TvRQ83y/YONH4LsWsfV81yL
Ay2gDp4ahsYNInGGP7Jca+nMdwiewmWuKvhZZimX+XjEyH73vu2+vOYZHSkQC9JH
X2sMFtpIwWc7a34BjTw2hhLpCgHtbTP33IuQBheCUWjXJ1ed1SsdJzpd4kunBurE
aPB5P4kxgZ1PHZbIwvO0JicjD7AroQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDw8
x+VKME3vD48bWkSbrW10h42jMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjNFMkJDMkM1MzYxMUVGQjg3NkUyQTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsx3MA0GCSqGSIb3DQEB
CwUAA4IBAQAOuyZznfG9O4WIRptVAtEXRNLTUGnwes3ipl/0ECvLJYxwR4c4pWSZ
d35twbYMi9drne0bk0HN+kKRC+0mLpZYfvBqd8uEu1aboxd3EkHUc5cPTlk1Xbtw
Cm7coIHpE3Z+02pMKpkbjxXCBQASSbFjtq6NO5Ouqbl/KaX/94zEfIUrBkdartS+
wgH7SmcyMh3jWAdHOsQ0OLUZ/+HUoTLOOAy5PWWCF6hK8QTD3cmmyfZn9gv2DyD4
fCGKc5u7DCumqb+hiLro6dU/czyc7NSdf6T0Wxo919kubfyci9CRRyZhO+UfO48U
Fu5ySZNRXQ3p0iOufo1zCTzXroRYb2KH
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:53:11 2025 by rpki-client