Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA9BDE44C3DB11EF8FD95388762E951A.roa
File: BA9BDE44C3DB11EF8FD95388762E951A.roa (raw, json)
Hash identifier: sF4CQmn7ehsKVDybj1WxvVk3icPbQEj44f/cP2O9mjE=
Subject key identifier: 5A:61:8F:3D:25:38:06:FD:13:38:A0:76:A6:B3:16:38:16:4C:58:4C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0128AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA9BDE44C3DB11EF8FD95388762E951A.roa
Signing time: Thu 26 Dec 2024 22:49:57 +0000
ROA not before: Thu 26 Dec 2024 22:49:53 +0000
ROA not after: Sun 12 Dec 2027 22:49:53 +0000
asID: 17561
IP address blocks: 154.85.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 10:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75948 (0x128ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 22:49:53 2024 GMT
Not After : Dec 12 22:49:53 2027 GMT
Subject: CN=676ddd95-76cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:41:cd:54:67:21:57:f5:15:32:b0:a0:1e:ea:
40:65:fb:d6:55:f7:61:a3:a2:8a:d7:f9:44:33:b1:
d3:8f:7f:c2:96:a6:64:75:11:61:2f:7a:26:3a:20:
4f:eb:03:60:53:3c:90:98:62:ae:fb:cc:60:5a:84:
90:a7:9d:e3:cc:c1:14:ae:41:b4:7a:db:3b:76:72:
f2:15:5d:d1:df:ed:44:b3:71:95:89:e4:66:35:d1:
2c:3d:49:bf:70:af:81:93:15:73:56:71:f8:a4:18:
35:87:3a:f0:e0:16:98:4f:3f:2a:c6:5d:10:2f:85:
19:bb:30:cf:04:33:28:7a:80:47:25:a5:99:d0:bb:
50:5c:2a:12:b0:8a:d6:60:b8:a2:c6:d5:87:04:33:
3e:ab:a1:eb:e6:98:4a:95:d7:27:bd:a3:2b:cf:74:
0a:a6:d7:2c:cd:e2:22:3a:ef:c7:dc:34:7a:34:5c:
97:4a:c0:51:10:7c:f0:c4:3f:48:f8:a4:3d:e2:f9:
6e:d6:15:c3:92:af:f3:77:e5:fa:39:0e:2c:3f:46:
e4:e1:43:51:d5:b9:98:9e:7b:20:83:28:99:08:7b:
d6:e8:28:d1:58:ca:8b:e7:82:c6:62:27:a4:d2:43:
6a:4e:11:c8:73:56:72:98:0b:65:5f:ff:63:56:67:
66:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:61:8F:3D:25:38:06:FD:13:38:A0:76:A6:B3:16:38:16:4C:58:4C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA9BDE44C3DB11EF8FD95388762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.97.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:37:94:05:8e:3a:52:14:71:b9:f3:58:f2:a8:9b:5b:ec:51:
a7:85:01:91:21:22:fd:a4:b7:c0:14:4e:5f:8b:0a:c0:f3:5a:
c2:86:12:b3:89:27:f2:8a:23:b0:70:0e:e6:90:a7:57:56:59:
42:c7:bb:d4:a6:cc:c5:1d:c1:a4:2b:a4:bc:22:bc:18:a3:b2:
f7:6e:31:f2:58:12:bb:2c:21:79:d2:78:46:c5:4e:f1:4e:82:
b5:4f:40:ed:41:0f:77:e0:25:fd:93:79:4e:b7:fa:fe:fc:5a:
73:00:8d:3b:72:92:ba:63:e1:fb:af:56:ff:07:c3:e1:dc:63:
8a:f2:4f:37:ed:08:e3:1a:98:bd:26:11:f0:a7:92:19:dd:5c:
23:7e:4b:44:ac:3b:9a:70:48:40:4e:f0:f3:e5:28:16:82:e5:
d5:4f:55:27:2f:05:91:09:68:7d:52:ea:45:75:51:3b:19:91:
ea:7b:18:51:e9:6e:ef:5f:ca:28:cc:59:74:65:31:e0:3f:22:
54:2d:be:3a:f9:5b:85:45:4c:d3:a3:0e:32:0a:df:fe:d6:75:
9f:08:05:64:04:54:8a:ab:f9:ee:d9:fa:3f:34:d4:f7:52:e7:
c5:ca:67:89:36:b0:0a:f6:1c:cc:30:3a:62:dc:21:2d:ba:ca:
1f:ea:10:d0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASisMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjI0OTUzWhcNMjcxMjEyMjI0OTUzWjAYMRYw
FAYDVQQDEw02NzZkZGQ5NS03NmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4kHNVGchV/UVMrCgHupAZfvWVfdho6KK1/lEM7HTj3/ClqZkdRFhL3om
OiBP6wNgUzyQmGKu+8xgWoSQp53jzMEUrkG0ets7dnLyFV3R3+1Es3GVieRmNdEs
PUm/cK+BkxVzVnH4pBg1hzrw4BaYTz8qxl0QL4UZuzDPBDMoeoBHJaWZ0LtQXCoS
sIrWYLiixtWHBDM+q6Hr5phKldcnvaMrz3QKptcszeIiOu/H3DR6NFyXSsBREHzw
xD9I+KQ94vlu1hXDkq/zd+X6OQ4sP0bk4UNR1bmYnnsggyiZCHvW6CjRWMqL54LG
Yiek0kNqThHIc1ZymAtlX/9jVmdmhQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFph
jz0lOAb9EzigdqazFjgWTFhMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQTlCREU0NEMzREIxMUVGOEZEOTUzODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlVhMA0GCSqGSIb3DQEB
CwUAA4IBAQC3N5QFjjpSFHG581jyqJtb7FGnhQGRISL9pLfAFE5fiwrA81rChhKz
iSfyiiOwcA7mkKdXVllCx7vUpszFHcGkK6S8IrwYo7L3bjHyWBK7LCF50nhGxU7x
ToK1T0DtQQ934CX9k3lOt/r+/FpzAI07cpK6Y+H7r1b/B8Ph3GOK8k837QjjGpi9
JhHwp5IZ3VwjfktErDuacEhATvDz5SgWguXVT1UnLwWRCWh9UupFdVE7GZHqexhR
6W7vX8oozFl0ZTHgPyJULb46+VuFRUzTow4yCt/+1nWfCAVkBFSKq/nu2fo/NNT3
UufFymeJNrAK9hzMMDpi3CEtusof6hDQ
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:50:25 2025 by rpki-client