Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B75E8C08C5FD11EF860F9A96762E951A.roa
File: B75E8C08C5FD11EF860F9A96762E951A.roa (raw, json)
Hash identifier: /k5N+QLFl6MJq/U8/Nokmt0LT5nQrhS+I9s+qqtPo7c=
Subject key identifier: 4F:D1:14:C8:BE:C6:FD:57:43:43:A4:0A:2F:C6:4E:71:44:AE:72:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E42
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B75E8C08C5FD11EF860F9A96762E951A.roa
Signing time: Sun 29 Dec 2024 15:58:17 +0000
ROA not before: Sun 29 Dec 2024 15:58:13 +0000
ROA not after: Sun 12 Dec 2027 15:58:13 +0000
asID: 17561
IP address blocks: 154.217.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77378 (0x12e42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 15:58:13 2024 GMT
Not After : Dec 12 15:58:13 2027 GMT
Subject: CN=67717198-dc28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c0:d3:53:d8:4d:d8:c1:06:3a:7f:eb:a0:64:
09:bd:8e:b7:44:eb:1e:7b:d3:93:8b:8b:c3:98:a1:
36:d6:e6:f4:49:96:db:ac:aa:66:ec:9a:73:ee:4e:
82:ae:b7:f4:2b:e4:91:37:86:46:3b:09:74:19:9a:
55:c5:2f:67:33:b2:6f:d6:96:6b:d9:90:03:67:6f:
df:70:16:31:ee:1f:6b:2b:4d:a3:06:95:3e:f3:66:
fd:d6:0b:3a:de:76:51:b5:4f:e6:bc:1e:5a:a1:ae:
18:b8:5c:13:40:ce:81:b6:d8:7b:f4:bd:ef:fb:56:
44:1c:53:61:d0:dd:8c:a1:ef:f1:d2:21:0e:38:a1:
a0:99:23:35:08:f8:97:9b:f1:36:5f:5a:74:8a:ab:
94:8d:c2:28:5a:bf:4a:39:1f:ea:d7:0d:25:73:9f:
31:58:1b:8f:7c:36:0e:b4:79:cd:c0:fd:db:8c:94:
8a:e9:e2:0c:3a:d1:4a:83:55:f1:10:99:d3:cf:d7:
91:45:fd:31:83:78:e8:67:b5:e7:a9:38:fa:44:9d:
c3:88:2c:72:b6:a4:7b:8f:49:e4:f0:bb:85:c1:66:
34:b5:96:d5:83:e0:53:0f:73:9c:8c:ff:38:af:44:
c2:7a:77:79:07:08:a8:e6:ab:96:36:a2:db:62:7b:
41:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D1:14:C8:BE:C6:FD:57:43:43:A4:0A:2F:C6:4E:71:44:AE:72:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B75E8C08C5FD11EF860F9A96762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.4.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ab:3c:7a:aa:47:e4:53:88:6a:2b:e5:e4:64:e5:46:b7:6a:
16:86:90:0c:7e:6c:45:77:d1:cd:a0:a8:33:36:43:54:c9:18:
54:12:27:fd:2d:9f:b9:b4:dd:f1:8a:fd:07:a3:7d:22:1c:03:
77:49:1e:32:30:8f:fb:93:88:c4:d1:56:38:93:c2:05:34:09:
6d:c1:35:f9:d0:55:9b:3e:99:d7:cb:ca:3d:c5:e4:7f:ae:48:
22:30:82:64:04:cb:10:d6:d0:fb:b9:a3:33:1e:40:ad:4d:ce:
a4:ed:33:9b:55:da:92:cb:64:32:0d:60:83:6b:a6:52:d1:0a:
f9:a8:3f:02:9e:0b:6e:4d:b5:a6:95:c8:96:b0:1b:e9:40:45:
ea:b6:f9:5a:c5:87:4d:a5:c0:ae:60:44:21:fa:a2:c5:0b:a7:
fd:5d:d1:df:73:95:66:22:5b:1b:c4:56:cc:c7:6c:4d:33:14:
f2:04:31:01:42:d7:88:c0:66:c7:04:1d:c4:d0:4d:01:ea:d8:
c3:eb:09:1e:9d:47:aa:c9:1c:42:e1:92:6e:8b:5f:84:ac:90:
3e:87:78:a1:f3:5f:e3:4a:7e:a7:20:13:23:b5:ee:46:38:f9:
d3:af:42:0b:31:0a:96:da:5f:ab:1f:5a:63:bc:1c:96:67:55:
aa:e7:ca:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS5CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTU1ODEzWhcNMjcxMjEyMTU1ODEzWjAYMRYw
FAYDVQQDEw02NzcxNzE5OC1kYzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1sDTU9hN2MEGOn/roGQJvY63ROsee9OTi4vDmKE21ub0SZbbrKpm7Jpz
7k6Crrf0K+SRN4ZGOwl0GZpVxS9nM7Jv1pZr2ZADZ2/fcBYx7h9rK02jBpU+82b9
1gs63nZRtU/mvB5aoa4YuFwTQM6Btth79L3v+1ZEHFNh0N2Moe/x0iEOOKGgmSM1
CPiXm/E2X1p0iquUjcIoWr9KOR/q1w0lc58xWBuPfDYOtHnNwP3bjJSK6eIMOtFK
g1XxEJnTz9eRRf0xg3joZ7XnqTj6RJ3DiCxytqR7j0nk8LuFwWY0tZbVg+BTD3Oc
jP84r0TCend5Bwio5quWNqLbYntBvQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE/R
FMi+xv1XQ0OkCi/GTnFErnLdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNzVFOEMwOEM1RkQxMUVGODYwRjlBOTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtkEMA0GCSqGSIb3DQEB
CwUAA4IBAQBZqzx6qkfkU4hqK+XkZOVGt2oWhpAMfmxFd9HNoKgzNkNUyRhUEif9
LZ+5tN3xiv0Ho30iHAN3SR4yMI/7k4jE0VY4k8IFNAltwTX50FWbPpnXy8o9xeR/
rkgiMIJkBMsQ1tD7uaMzHkCtTc6k7TObVdqSy2QyDWCDa6ZS0Qr5qD8CngtuTbWm
lciWsBvpQEXqtvlaxYdNpcCuYEQh+qLFC6f9XdHfc5VmIlsbxFbMx2xNMxTyBDEB
QteIwGbHBB3E0E0B6tjD6wkenUeqyRxC4ZJui1+ErJA+h3ih81/jSn6nIBMjte5G
OPnTr0ILMQqW2l+rH1pjvByWZ1Wq58ob
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:28 2025 by rpki-client