Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC4C4EE2C8B111EFA11AD84D762E951A.roa
File: BC4C4EE2C8B111EFA11AD84D762E951A.roa (raw, json)
Hash identifier: Tlh9RKkFlmFql0zUs5R2FUS6yqZTqCAYt6mIkjwoBDU=
Subject key identifier: 64:EB:19:15:11:CB:08:AE:CE:80:9C:72:26:D5:87:88:A6:F6:5E:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0131AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC4C4EE2C8B111EFA11AD84D762E951A.roa
Signing time: Thu 02 Jan 2025 02:31:57 +0000
ROA not before: Thu 02 Jan 2025 02:31:53 +0000
ROA not after: Mon 13 Dec 2027 02:31:53 +0000
asID: 17561
IP address blocks: 154.220.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78254 (0x131ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 02:31:53 2025 GMT
Not After : Dec 13 02:31:53 2027 GMT
Subject: CN=6775fa9c-c2ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:df:7f:0f:31:6d:4c:24:56:a0:c0:10:75:fb:
eb:4d:b4:ac:9e:af:7f:5b:8b:b0:5c:50:bf:70:a9:
46:7e:37:4f:d1:b5:ce:ec:3c:09:95:1a:09:23:00:
dc:42:09:ba:17:f6:f5:d9:7d:57:9c:ff:6c:08:e4:
57:22:44:e4:75:98:60:d5:a9:b0:32:88:6b:18:18:
ea:ed:57:f4:d7:bb:e0:31:72:35:f0:ef:4e:93:29:
be:a4:fc:8b:a8:59:14:0e:3e:d3:a9:04:b1:16:cd:
1c:f3:0d:cd:50:1d:96:78:cc:e2:dc:29:06:a0:72:
a3:91:a8:c0:ea:db:3b:92:2b:e8:70:ca:36:79:b3:
e0:05:28:b3:47:68:3a:99:17:31:a8:18:33:ae:32:
ae:64:e4:d3:77:10:c4:db:e9:52:fd:af:9c:ef:1e:
5a:b7:a5:ee:09:f0:c2:72:d8:a5:a0:e9:d3:1f:9c:
5d:9d:41:7e:60:92:88:1c:3b:8f:de:57:70:0b:9f:
9f:fd:ef:d3:84:e6:c4:0d:d8:fc:ba:33:f6:03:ac:
f3:87:4c:7d:cb:c3:46:7a:2f:d2:3b:fc:a1:d6:a8:
4c:89:b9:0c:ae:c4:ba:75:3e:a5:66:af:09:2f:75:
4d:40:12:de:2b:8c:63:f1:1d:99:a8:86:35:49:4d:
67:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:EB:19:15:11:CB:08:AE:CE:80:9C:72:26:D5:87:88:A6:F6:5E:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC4C4EE2C8B111EFA11AD84D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.179.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:4b:d8:10:d3:b3:f5:5b:35:46:0e:21:e9:a0:71:e9:9d:d4:
60:0d:34:61:87:bb:38:f0:e6:69:ed:23:60:bc:f7:f6:76:08:
aa:a8:d8:d9:2a:c0:83:f4:cd:ab:ba:26:13:8c:f5:91:95:4c:
b8:f8:3f:d2:f5:2c:bb:99:ec:df:9b:d8:1b:10:d1:14:72:00:
78:c2:8c:e5:fb:77:f7:61:b5:7d:d5:d2:f8:02:55:53:0f:8a:
aa:01:ab:b1:77:5e:ae:cb:9d:80:ee:b8:ca:04:d9:82:dd:80:
8e:e2:f4:e1:24:37:be:e2:7c:48:d6:85:a4:26:17:a9:b6:b5:
b2:a9:e4:1c:8a:ae:25:78:02:00:d7:c8:fa:c8:90:c4:48:19:
5c:97:bd:5e:a2:ff:60:d6:1c:27:fb:d5:bf:69:be:a3:55:fb:
1b:73:02:66:4f:d0:d3:e8:8d:29:31:05:b9:c5:23:9f:41:cc:
d7:c1:1e:56:68:04:af:70:a4:b1:34:42:a0:a9:64:8a:2b:88:
54:04:2f:dc:d9:71:3b:0c:3c:64:6c:45:14:b1:09:95:c7:98:
03:31:a0:9a:d9:76:cb:c3:47:08:1d:fe:23:97:6d:0c:b1:1a:
d3:ec:0c:68:18:e2:9e:98:58:95:32:95:30:56:d2:64:83:20:
5d:6d:2c:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATGuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDIzMTUzWhcNMjcxMjEzMDIzMTUzWjAYMRYw
FAYDVQQDEw02Nzc1ZmE5Yy1jMmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu99/DzFtTCRWoMAQdfvrTbSsnq9/W4uwXFC/cKlGfjdP0bXO7DwJlRoJ
IwDcQgm6F/b12X1XnP9sCORXIkTkdZhg1amwMohrGBjq7Vf017vgMXI18O9Okym+
pPyLqFkUDj7TqQSxFs0c8w3NUB2WeMzi3CkGoHKjkajA6ts7kivocMo2ebPgBSiz
R2g6mRcxqBgzrjKuZOTTdxDE2+lS/a+c7x5at6XuCfDCctiloOnTH5xdnUF+YJKI
HDuP3ldwC5+f/e/ThObEDdj8ujP2A6zzh0x9y8NGei/SO/yh1qhMibkMrsS6dT6l
Zq8JL3VNQBLeK4xj8R2ZqIY1SU1ncQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGTr
GRURywiuzoCccibVh4im9l5qMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQzRDNEVFMkM4QjExMUVGQTExQUQ4NEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtyzMA0GCSqGSIb3DQEB
CwUAA4IBAQC6S9gQ07P1WzVGDiHpoHHpndRgDTRhh7s48OZp7SNgvPf2dgiqqNjZ
KsCD9M2ruiYTjPWRlUy4+D/S9Sy7mezfm9gbENEUcgB4wozl+3f3YbV91dL4AlVT
D4qqAauxd16uy52A7rjKBNmC3YCO4vThJDe+4nxI1oWkJheptrWyqeQciq4leAIA
18j6yJDESBlcl71eov9g1hwn+9W/ab6jVfsbcwJmT9DT6I0pMQW5xSOfQczXwR5W
aASvcKSxNEKgqWSKK4hUBC/c2XE7DDxkbEUUsQmVx5gDMaCa2XbLw0cIHf4jl20M
sRrT7AxoGOKemFiVMpUwVtJkgyBdbSy9
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:59 2025 by rpki-client