Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB1842DCD2E411EF8E24768F762E951A.roa
File: BB1842DCD2E411EF8E24768F762E951A.roa (raw, json)
Hash identifier: eSnD/rkO5CTXSt1AqViR+OmGEU25ZY2VL3Hj09Qsdgo=
Subject key identifier: 50:74:9A:E6:55:D2:E4:F5:93:C1:2C:E0:00:7E:0D:37:30:5C:35:35
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B88
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB1842DCD2E411EF8E24768F762E951A.roa
Signing time: Wed 15 Jan 2025 02:02:11 +0000
ROA not before: Wed 15 Jan 2025 02:02:07 +0000
ROA not after: Mon 03 Jan 2028 02:02:07 +0000
asID: 17561
IP address blocks: 154.222.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80776 (0x13b88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 02:02:07 2025 GMT
Not After : Jan 3 02:02:07 2028 GMT
Subject: CN=67871722-5423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:1e:e3:db:71:5d:0a:71:9f:e9:d2:e4:0b:b5:
08:6d:d4:55:92:a6:5a:6d:33:89:8f:08:94:4a:bc:
8d:8d:92:38:a4:ef:25:84:70:ad:ac:f7:39:9f:8a:
2d:32:81:3a:da:42:3c:a7:94:a3:c6:9e:c8:0e:9b:
7b:64:5c:5b:a3:33:8b:0c:4c:b9:64:f2:b7:13:be:
e9:69:a8:ef:0a:fe:8b:ca:e0:b3:07:37:45:e7:30:
01:30:3b:e9:ae:c7:4d:dc:d5:7e:62:e6:da:5b:e8:
b7:59:89:7a:95:16:26:bb:d0:7a:79:57:6f:8b:6d:
67:3d:57:4e:52:85:98:16:81:0f:6c:ef:d4:cd:5c:
b2:6f:a1:11:61:77:59:86:39:6b:87:97:48:4a:e4:
ea:bd:27:86:39:82:3c:b7:92:7d:d9:ff:e3:56:51:
ee:f7:76:51:4a:01:dc:94:c6:b3:00:55:c5:24:55:
b9:87:1c:3c:30:6f:1c:44:76:da:27:43:70:ac:a1:
f0:6e:ec:18:11:20:f1:53:ac:8f:9a:93:82:c9:2b:
08:ad:e0:3e:a1:d1:8e:c9:12:d4:f7:54:fe:15:ad:
3f:5c:da:9a:67:f7:d1:f0:15:e5:cc:78:d6:8f:54:
d5:f5:18:84:5e:ce:d7:5e:16:04:38:56:4f:e5:9e:
5a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:74:9A:E6:55:D2:E4:F5:93:C1:2C:E0:00:7E:0D:37:30:5C:35:35
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB1842DCD2E411EF8E24768F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.91.0/24
Signature Algorithm: sha256WithRSAEncryption
be:a8:5c:41:4b:eb:4c:44:68:c8:21:df:c5:9c:b3:53:8e:10:
51:b8:83:31:a5:c6:4e:71:22:af:cd:bf:5b:e5:77:7e:cf:f9:
62:ed:a8:51:ca:8e:34:77:7a:bc:ac:bc:de:99:64:2b:b8:c8:
6b:74:6e:b5:f2:f9:38:41:bb:94:15:4c:6d:6d:07:1f:f4:da:
53:be:a7:9d:23:5e:32:af:d6:73:ce:40:f3:bd:28:d1:e0:4b:
bb:c5:af:6e:1c:bf:cd:a8:5c:a7:2f:dc:7c:12:90:08:c2:f3:
f1:4b:90:41:2c:fc:e0:b9:a5:b1:00:eb:ef:55:aa:dc:39:1c:
bc:b3:08:5c:6f:ba:77:97:f0:f4:6b:7f:e7:c2:e8:68:fd:97:
39:43:e4:d7:1d:63:82:1f:83:41:0d:97:33:6d:44:48:1e:1d:
2b:14:76:45:f9:92:b0:b0:b0:09:2b:2e:1a:00:2e:61:93:47:
7f:25:87:c6:7d:bb:2f:1a:fe:9f:30:d7:70:3d:3e:d0:ee:0c:
27:d9:13:3e:4f:a3:81:02:63:f1:9c:9e:73:4b:0a:02:c1:0c:
c9:f5:59:f0:4c:54:84:e1:aa:c9:f4:7b:1b:28:28:37:3c:19:
6b:61:3d:88:e6:24:ed:fa:f4:87:65:c8:06:d1:86:d1:5e:50:
f6:88:aa:a7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATuIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDIwMjA3WhcNMjgwMTAzMDIwMjA3WjAYMRYw
FAYDVQQDEw02Nzg3MTcyMi01NDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8h7j23FdCnGf6dLkC7UIbdRVkqZabTOJjwiUSryNjZI4pO8lhHCtrPc5
n4otMoE62kI8p5Sjxp7IDpt7ZFxbozOLDEy5ZPK3E77paajvCv6LyuCzBzdF5zAB
MDvprsdN3NV+YubaW+i3WYl6lRYmu9B6eVdvi21nPVdOUoWYFoEPbO/UzVyyb6ER
YXdZhjlrh5dISuTqvSeGOYI8t5J92f/jVlHu93ZRSgHclMazAFXFJFW5hxw8MG8c
RHbaJ0NwrKHwbuwYESDxU6yPmpOCySsIreA+odGOyRLU91T+Fa0/XNqaZ/fR8BXl
zHjWj1TV9RiEXs7XXhYEOFZP5Z5a9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFB0
muZV0uT1k8Es4AB+DTcwXDU1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQjE4NDJEQ0QyRTQxMUVGOEUyNDc2OEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5bMA0GCSqGSIb3DQEB
CwUAA4IBAQC+qFxBS+tMRGjIId/FnLNTjhBRuIMxpcZOcSKvzb9b5Xd+z/li7ahR
yo40d3q8rLzemWQruMhrdG618vk4QbuUFUxtbQcf9NpTvqedI14yr9ZzzkDzvSjR
4Eu7xa9uHL/NqFynL9x8EpAIwvPxS5BBLPzguaWxAOvvVarcORy8swhcb7p3l/D0
a3/nwuho/Zc5Q+TXHWOCH4NBDZczbURIHh0rFHZF+ZKwsLAJKy4aAC5hk0d/JYfG
fbsvGv6fMNdwPT7Q7gwn2RM+T6OBAmPxnJ5zSwoCwQzJ9VnwTFSE4arJ9HsbKCg3
PBlrYT2I5iTt+vSHZcgG0YbRXlD2iKqn
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:04 2025 by rpki-client