Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3BDFAEEC61A11EFA454ED4D762E951A.roa
File: B3BDFAEEC61A11EFA454ED4D762E951A.roa (raw, json)
Hash identifier: cL0zZJDxK96j4dktWyId9CZ2nx95f/NXmOU5iX/6tLc=
Subject key identifier: EA:D3:F6:E5:0C:1D:F7:83:62:C8:53:42:18:E6:9A:64:BA:76:D2:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012F38
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3BDFAEEC61A11EFA454ED4D762E951A.roa
Signing time: Sun 29 Dec 2024 19:25:46 +0000
ROA not before: Sun 29 Dec 2024 19:25:42 +0000
ROA not after: Sun 12 Dec 2027 19:25:42 +0000
asID: 17561
IP address blocks: 154.217.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77624 (0x12f38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 19:25:42 2024 GMT
Not After : Dec 12 19:25:42 2027 GMT
Subject: CN=6771a23a-5361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:af:41:b3:dc:eb:8e:24:50:64:7b:9a:86:cc:
58:be:8f:09:91:91:3e:0c:4d:1e:fc:f4:c9:e1:8f:
99:0b:aa:b5:8e:dc:3f:a1:79:cc:4e:da:9f:c3:62:
9c:79:03:e6:df:18:65:e3:bd:58:37:72:3f:e0:a9:
06:0e:22:a4:48:b0:ef:55:02:2c:a8:35:a7:23:ea:
37:32:2d:c8:97:3b:4a:d8:0a:1a:5b:4a:56:69:67:
33:1d:19:27:1e:30:46:39:89:94:95:05:99:1a:39:
f3:11:59:de:6f:7b:69:c9:ef:dd:bd:a7:20:e3:e6:
8c:f1:fd:3c:0b:e0:e7:c2:83:68:b7:52:a0:9e:8c:
ed:87:ec:aa:4a:ba:51:32:8b:0f:43:c4:9a:66:b3:
13:1c:52:7a:81:e4:54:2b:7f:19:ac:84:88:f2:ba:
21:19:58:00:37:01:b3:1b:70:02:7e:e8:d6:ab:6e:
87:49:0a:e7:25:7d:fe:b5:04:21:cc:4f:22:33:d1:
9a:ee:08:77:af:6a:4c:9d:35:9b:86:f3:8c:a2:af:
b8:a0:f8:45:80:f8:51:e8:79:92:e3:26:23:7c:44:
04:ef:2b:82:66:18:e5:dd:3f:9e:90:91:1b:62:0b:
b7:42:17:3c:96:cb:3d:69:1d:fd:39:5b:51:f1:38:
5f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D3:F6:E5:0C:1D:F7:83:62:C8:53:42:18:E6:9A:64:BA:76:D2:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3BDFAEEC61A11EFA454ED4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.127.0/24
Signature Algorithm: sha256WithRSAEncryption
22:9b:f6:79:fa:06:66:73:af:0e:f0:43:8f:f0:0d:0c:d3:ac:
f2:6f:43:ab:fc:83:db:3e:31:64:c9:bd:d0:2d:62:7c:0a:61:
76:14:a1:88:0b:7c:d2:13:47:53:ab:ba:dc:33:63:05:49:16:
55:3c:ba:28:f1:b8:42:7d:13:46:f3:72:c1:a3:ab:72:83:f9:
c1:f1:3c:a8:6c:41:3f:d4:71:e5:94:18:f5:51:3c:93:ec:e3:
29:6d:37:d5:09:f2:b1:d5:29:eb:98:1b:aa:b1:aa:66:7d:e4:
2a:23:92:9c:c3:8b:f1:c1:ac:05:2f:b2:40:37:6d:0b:fa:2a:
2a:83:78:e0:29:5e:a5:5c:eb:1b:28:73:97:95:1f:0f:52:7f:
b9:8a:65:1e:15:4e:cb:85:f9:3a:05:8f:df:48:68:b1:43:5b:
fe:54:cc:68:6a:3e:b6:56:3d:d5:72:4e:fa:29:32:13:ad:78:
b8:56:8f:3f:3c:ec:d2:cc:37:96:76:80:e9:b0:c1:3c:b4:47:
66:24:27:79:53:f4:63:9d:28:b4:2e:11:34:c9:79:4b:1d:c7:
74:b8:2e:45:90:df:ea:22:df:af:9f:d9:a0:70:67:d1:e0:a0:
46:09:30:57:bb:21:a7:58:d9:f5:54:46:44:16:06:28:f8:c1:
29:16:f0:5c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS84MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTkyNTQyWhcNMjcxMjEyMTkyNTQyWjAYMRYw
FAYDVQQDEw02NzcxYTIzYS01MzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuK9Bs9zrjiRQZHuahsxYvo8JkZE+DE0e/PTJ4Y+ZC6q1jtw/oXnMTtqf
w2KceQPm3xhl471YN3I/4KkGDiKkSLDvVQIsqDWnI+o3Mi3IlztK2AoaW0pWaWcz
HRknHjBGOYmUlQWZGjnzEVneb3tpye/dvacg4+aM8f08C+DnwoNot1Kgnozth+yq
SrpRMosPQ8SaZrMTHFJ6geRUK38ZrISI8rohGVgANwGzG3ACfujWq26HSQrnJX3+
tQQhzE8iM9Ga7gh3r2pMnTWbhvOMoq+4oPhFgPhR6HmS4yYjfEQE7yuCZhjl3T+e
kJEbYgu3Qhc8lss9aR39OVtR8ThffwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOrT
9uUMHfeDYshTQhjmmmS6dtKPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CM0JERkFFRUM2MUExMUVGQTQ1NEVENEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtl/MA0GCSqGSIb3DQEB
CwUAA4IBAQAim/Z5+gZmc68O8EOP8A0M06zyb0Or/IPbPjFkyb3QLWJ8CmF2FKGI
C3zSE0dTq7rcM2MFSRZVPLoo8bhCfRNG83LBo6tyg/nB8TyobEE/1HHllBj1UTyT
7OMpbTfVCfKx1SnrmBuqsapmfeQqI5Kcw4vxwawFL7JAN20L+ioqg3jgKV6lXOsb
KHOXlR8PUn+5imUeFU7Lhfk6BY/fSGixQ1v+VMxoaj62Vj3Vck76KTITrXi4Vo8/
POzSzDeWdoDpsME8tEdmJCd5U/RjnSi0LhE0yXlLHcd0uC5FkN/qIt+vn9mgcGfR
4KBGCTBXuyGnWNn1VEZEFgYo+MEpFvBc
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:24:58 2025 by rpki-client