Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB2EE998C63611EF9EF5097C762E951A.roa
File: BB2EE998C63611EF9EF5097C762E951A.roa (raw, json)
Hash identifier: egMsddbiJSOrkeItx03kWAbp3TpYi0lAt9iqK1ivFNI=
Subject key identifier: 4A:9F:D7:6D:4F:36:C3:C4:1C:AA:D8:A0:FE:C9:F7:86:EB:9B:AE:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013021
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB2EE998C63611EF9EF5097C762E951A.roa
Signing time: Sun 29 Dec 2024 22:46:24 +0000
ROA not before: Sun 29 Dec 2024 22:46:21 +0000
ROA not after: Sun 12 Dec 2027 22:46:21 +0000
asID: 17561
IP address blocks: 154.217.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77857 (0x13021)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 22:46:21 2024 GMT
Not After : Dec 12 22:46:21 2027 GMT
Subject: CN=6771d140-063d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d5:bc:5d:13:bc:9d:e7:6e:4e:5c:3e:4f:06:
58:b8:c8:a0:7c:db:dd:53:fa:60:d4:4c:6f:1d:e6:
a4:c2:aa:2d:b2:30:8f:68:e3:b5:a3:ac:70:49:0c:
eb:6b:44:33:49:ef:48:e2:1e:25:42:63:c0:e7:38:
17:ba:62:07:9a:81:e7:f7:91:6b:87:7e:13:2a:1f:
d3:4a:bd:62:82:20:08:5f:5f:15:fb:ae:3c:6e:c2:
a7:7e:fa:37:82:5f:34:7b:2c:fe:de:25:82:d7:8a:
42:b3:3b:ae:6f:e8:c1:4c:74:aa:0e:b9:77:59:74:
08:d4:7c:c6:39:ab:af:a8:99:c1:90:e7:7c:c5:62:
bc:9b:43:81:61:f3:ac:39:29:44:19:a2:fd:ff:11:
41:3f:49:e3:b5:56:86:39:c8:ea:c9:8b:7c:2b:8d:
fa:af:32:b3:4b:cc:c7:cd:6e:f5:fd:d2:4d:5f:6f:
e9:f4:a3:6c:dc:9b:8e:b6:74:53:a8:68:37:c6:b2:
1d:6e:a9:39:57:64:ec:0b:88:37:15:91:f0:81:c3:
04:8d:e6:42:6d:95:54:1f:24:fb:ad:0d:35:68:ec:
71:ae:75:d9:29:62:1f:1c:ae:44:0b:b7:b5:d1:a2:
da:8a:41:eb:57:ee:54:3c:f3:03:b7:b0:b7:ca:6d:
14:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:9F:D7:6D:4F:36:C3:C4:1C:AA:D8:A0:FE:C9:F7:86:EB:9B:AE:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB2EE998C63611EF9EF5097C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.244.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:2d:c7:f8:9a:99:32:59:c9:90:92:40:33:9f:9f:1f:f1:36:
b8:16:5e:1f:be:65:0c:42:02:33:f0:d5:4e:15:0b:bb:32:f0:
30:04:f8:25:e1:41:c0:6c:bc:12:27:e4:23:f4:de:0b:37:e9:
3f:14:b6:22:87:39:7e:b1:1a:af:18:70:6c:ad:12:93:f3:ee:
75:84:d0:e3:ab:bb:b8:65:c3:82:95:13:6d:bb:6e:ab:b8:17:
01:a8:fe:21:e2:e6:53:b2:72:a6:09:08:65:0e:85:73:21:9e:
d5:1a:37:9c:a0:d0:31:4e:b7:b3:f7:ca:53:19:ee:3d:8a:68:
aa:d5:de:35:71:e5:cd:33:64:35:a6:8e:bc:51:de:89:71:ea:
9e:9f:08:b7:8e:e4:48:60:98:1e:a7:d9:88:0a:92:b8:6a:74:
3c:27:4a:1e:be:c9:f0:f5:10:66:1d:39:c9:28:f8:71:05:14:
ee:bb:96:d8:f3:1a:bd:3b:0e:1d:42:9e:28:49:bc:0a:b8:b0:
73:38:29:d2:2d:15:bd:6a:d8:3f:ea:9d:b8:17:1e:68:7b:d4:
15:1f:ef:e0:1d:6d:9e:d2:27:9d:d1:ff:c3:35:26:bc:56:4a:
e8:f6:c1:c1:26:33:34:75:b8:c6:ef:a1:ce:0f:72:d4:74:f6:
81:20:b4:83
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATAhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjI0NjIxWhcNMjcxMjEyMjI0NjIxWjAYMRYw
FAYDVQQDEw02NzcxZDE0MC0wNjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxdW8XRO8neduTlw+TwZYuMigfNvdU/pg1ExvHeakwqotsjCPaOO1o6xw
SQzra0QzSe9I4h4lQmPA5zgXumIHmoHn95Frh34TKh/TSr1igiAIX18V+648bsKn
fvo3gl80eyz+3iWC14pCszuub+jBTHSqDrl3WXQI1HzGOauvqJnBkOd8xWK8m0OB
YfOsOSlEGaL9/xFBP0njtVaGOcjqyYt8K436rzKzS8zHzW71/dJNX2/p9KNs3JuO
tnRTqGg3xrIdbqk5V2TsC4g3FZHwgcMEjeZCbZVUHyT7rQ01aOxxrnXZKWIfHK5E
C7e10aLaikHrV+5UPPMDt7C3ym0UOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEqf
121PNsPEHKrYoP7J94brm67iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQjJFRTk5OEM2MzYxMUVGOUVGNTA5N0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtn0MA0GCSqGSIb3DQEB
CwUAA4IBAQBLLcf4mpkyWcmQkkAzn58f8Ta4Fl4fvmUMQgIz8NVOFQu7MvAwBPgl
4UHAbLwSJ+Qj9N4LN+k/FLYihzl+sRqvGHBsrRKT8+51hNDjq7u4ZcOClRNtu26r
uBcBqP4h4uZTsnKmCQhlDoVzIZ7VGjecoNAxTrez98pTGe49imiq1d41ceXNM2Q1
po68Ud6Jceqenwi3juRIYJgep9mICpK4anQ8J0oevsnw9RBmHTnJKPhxBRTuu5bY
8xq9Ow4dQp4oSbwKuLBzOCnSLRW9atg/6p24Fx5oe9QVH+/gHW2e0ied0f/DNSa8
Vkro9sHBJjM0dbjG76HOD3LUdPaBILSD
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:14 2025 by rpki-client