Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD2FE572C36511EFBE659DA3762E951A.roa
File: BD2FE572C36511EFBE659DA3762E951A.roa (raw, json)
Hash identifier: BqG3HCM+nhmlQGWq00pR+TEy3HDL0hdLuODuNGgv/J8=
Subject key identifier: A0:D9:6F:22:CF:94:DA:45:FF:71:19:C1:79:47:5F:B1:3C:E3:D0:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0126B0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD2FE572C36511EFBE659DA3762E951A.roa
Signing time: Thu 26 Dec 2024 08:45:21 +0000
ROA not before: Thu 26 Dec 2024 08:45:17 +0000
ROA not after: Sun 12 Dec 2027 08:45:17 +0000
asID: 17561
IP address blocks: 154.94.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75440 (0x126b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 08:45:17 2024 GMT
Not After : Dec 12 08:45:17 2027 GMT
Subject: CN=676d17a0-78e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2b:6b:b2:0a:c9:bc:5c:46:bb:f1:b3:26:49:
3b:c2:48:d5:98:5d:63:f7:ff:3b:05:8e:78:a7:a4:
e9:92:17:69:6e:1a:34:c0:fe:90:72:ae:9e:cf:60:
3a:ee:dd:ab:6f:ea:c3:14:4e:ba:c3:da:36:c9:cf:
ed:64:d6:46:b2:ce:3e:8e:86:7a:54:0e:56:74:57:
26:c5:6b:82:df:e0:e6:85:4b:a0:b7:df:3e:81:80:
23:db:9b:fa:4f:19:0b:35:ea:51:8e:50:d5:aa:c4:
43:b3:0f:bc:8d:03:a7:69:e2:e0:8b:07:97:b4:3a:
13:fd:43:15:7e:41:74:e2:59:04:ea:69:26:e7:1b:
62:96:5b:9c:01:c2:84:14:9c:a1:bf:97:e9:6b:78:
77:d7:39:00:e0:c9:72:fd:2e:1d:7d:40:86:9f:a0:
fa:a9:90:55:1b:8c:d1:63:30:12:f9:81:09:de:4a:
f0:c6:8d:d2:78:f0:d3:2d:68:c0:b9:0a:7b:47:35:
8b:ca:af:d9:a8:64:c4:20:e2:13:a3:26:bd:17:cc:
8f:20:af:5b:19:57:cf:21:0b:89:12:46:18:63:fb:
54:40:e3:db:ff:15:a1:6a:52:ea:1d:74:ca:75:2e:
8d:3d:ff:df:67:7a:15:69:97:d6:18:62:5f:b9:cf:
e6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D9:6F:22:CF:94:DA:45:FF:71:19:C1:79:47:5F:B1:3C:E3:D0:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD2FE572C36511EFBE659DA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.10.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:37:41:76:41:53:4d:60:c1:15:a3:ca:16:6e:0e:99:b3:d3:
5a:b2:c2:bc:1c:a8:61:d2:66:8b:f8:99:89:3a:df:c7:92:d9:
83:5a:f3:6f:70:55:de:cc:85:5d:23:d4:f7:c4:00:74:0c:2e:
14:4f:16:1b:54:f5:24:cf:02:1f:ed:00:12:4a:58:3c:d0:63:
97:07:34:6c:d6:3e:e9:72:b0:14:59:89:0e:67:82:ee:30:98:
8a:23:02:5e:bd:22:96:9c:b1:f4:c7:32:97:82:19:d9:0f:92:
a4:58:88:61:bd:65:93:7b:c8:61:2c:0f:fe:c3:a3:5e:e2:18:
41:d7:20:bf:00:e9:e0:26:f9:aa:fd:4d:00:6c:5c:9d:0b:f9:
cc:89:47:38:cc:92:01:d7:e3:62:33:f6:e7:cc:31:28:82:75:
96:2f:d9:e9:7f:6e:79:a2:54:6b:2b:f8:ca:c3:9b:e9:64:2f:
64:53:ca:0c:5c:df:ac:6e:a6:c7:df:92:61:65:d2:16:30:05:
13:6d:21:cc:27:94:0f:82:37:f6:f0:b9:1a:db:cd:0d:23:d1:
63:e1:a6:3a:dd:9f:45:f0:4a:09:23:fc:06:e7:57:ca:23:10:
35:c7:47:7c:68:2d:cc:e3:9c:a4:65:be:d2:49:e3:ea:f4:bb:
0e:55:46:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASawMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDg0NTE3WhcNMjcxMjEyMDg0NTE3WjAYMRYw
FAYDVQQDEw02NzZkMTdhMC03OGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwitrsgrJvFxGu/GzJkk7wkjVmF1j9/87BY54p6Tpkhdpbho0wP6Qcq6e
z2A67t2rb+rDFE66w9o2yc/tZNZGss4+joZ6VA5WdFcmxWuC3+DmhUugt98+gYAj
25v6TxkLNepRjlDVqsRDsw+8jQOnaeLgiweXtDoT/UMVfkF04lkE6mkm5xtilluc
AcKEFJyhv5fpa3h31zkA4Mly/S4dfUCGn6D6qZBVG4zRYzAS+YEJ3krwxo3SePDT
LWjAuQp7RzWLyq/ZqGTEIOIToya9F8yPIK9bGVfPIQuJEkYYY/tUQOPb/xWhalLq
HXTKdS6NPf/fZ3oVaZfWGGJfuc/mZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKDZ
byLPlNpF/3EZwXlHX7E849BpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRDJGRTU3MkMzNjUxMUVGQkU2NTlEQTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4KMA0GCSqGSIb3DQEB
CwUAA4IBAQAcN0F2QVNNYMEVo8oWbg6Zs9NassK8HKhh0maL+JmJOt/HktmDWvNv
cFXezIVdI9T3xAB0DC4UTxYbVPUkzwIf7QASSlg80GOXBzRs1j7pcrAUWYkOZ4Lu
MJiKIwJevSKWnLH0xzKXghnZD5KkWIhhvWWTe8hhLA/+w6Ne4hhB1yC/AOngJvmq
/U0AbFydC/nMiUc4zJIB1+NiM/bnzDEognWWL9npf255olRrK/jKw5vpZC9kU8oM
XN+sbqbH35JhZdIWMAUTbSHMJ5QPgjf28Lka280NI9Fj4aY63Z9F8EoJI/wG51fK
IxA1x0d8aC3M45ykZb7SSePq9LsOVUYJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:38:12 2025 by rpki-client