Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFE467FAC61911EFA7985C47762E951A.roa
File: BFE467FAC61911EFA7985C47762E951A.roa (raw, json)
Hash identifier: D98OA7EiAuTwlOUCWDXMKl3jWjF1RQe9vi/zSrPOSgg=
Subject key identifier: 90:B3:24:86:07:90:A5:0D:D1:EE:84:9C:C3:FD:D8:7E:A5:8B:E2:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012F30
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFE467FAC61911EFA7985C47762E951A.roa
Signing time: Sun 29 Dec 2024 19:18:57 +0000
ROA not before: Sun 29 Dec 2024 19:18:53 +0000
ROA not after: Sun 12 Dec 2027 19:18:53 +0000
asID: 17561
IP address blocks: 154.217.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77616 (0x12f30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 19:18:53 2024 GMT
Not After : Dec 12 19:18:53 2027 GMT
Subject: CN=6771a0a1-c934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:54:a2:3a:f2:fc:e2:f4:98:71:d1:f5:4a:
83:f2:d8:45:0f:ea:35:5a:fe:75:b4:85:09:30:6b:
d1:02:97:ed:af:2b:92:95:ee:21:ad:ff:e5:5c:da:
43:d6:03:0e:77:40:34:1d:f9:38:62:9b:97:05:52:
e4:f9:e2:3f:f9:b2:0c:ab:77:e2:1d:da:1e:9b:3e:
5a:46:ff:b6:e6:f7:80:87:25:84:45:f1:ec:fd:4b:
a9:22:82:8d:34:d2:a2:f5:36:e3:40:9d:88:95:94:
5e:5a:7d:2e:c5:ae:92:15:62:4e:9a:bb:f9:a2:f3:
e5:08:6f:b6:a9:77:cc:7c:81:bc:8a:5c:34:16:bd:
0a:b9:64:fe:3a:29:94:f1:c8:ce:cf:bd:59:b9:bd:
a9:41:e2:62:8b:c2:48:28:ce:40:f0:12:e6:06:6b:
8f:d3:13:cb:a4:52:4b:b3:15:e4:92:ca:f7:76:80:
ab:42:f3:a1:ff:b1:ee:95:a7:97:0c:98:38:64:e1:
19:c7:72:19:47:98:fb:61:3e:54:5f:3f:95:6a:f0:
3a:da:da:97:d6:c1:16:bd:fe:e8:76:56:3b:1f:e9:
23:8e:29:ea:28:e5:23:af:20:e4:9c:30:d9:b5:fa:
34:08:e0:33:64:85:79:85:87:50:0e:64:3a:e8:c4:
85:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B3:24:86:07:90:A5:0D:D1:EE:84:9C:C3:FD:D8:7E:A5:8B:E2:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFE467FAC61911EFA7985C47762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.123.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:6f:4f:e6:5c:d1:55:a3:bc:83:5f:d5:7e:66:70:ae:1d:41:
3e:6b:d3:ad:4e:3f:39:d0:f5:ac:7a:cc:3a:68:98:fa:a8:c1:
3c:5d:65:e7:85:ad:f8:fc:ac:77:5b:05:58:d4:be:c3:7b:84:
da:16:c9:58:9c:c9:4f:b6:62:0f:3b:02:4f:99:ea:07:58:38:
72:a5:2a:9d:88:a6:f8:59:8b:45:71:2b:e7:d6:cf:2e:0c:97:
49:7d:44:2c:d9:ac:a9:da:ad:b8:e8:27:71:5a:58:4d:50:e8:
57:12:55:6f:ea:24:47:3e:a0:84:da:3a:b0:ed:cc:2b:96:39:
bb:79:46:8e:9b:cd:6e:6a:d2:53:7a:01:f9:5a:40:ad:8b:a9:
af:ac:ee:92:b1:55:a2:36:82:37:1d:30:a7:be:3a:cf:70:4c:
1c:30:bb:b5:fe:33:01:a8:f7:db:20:5b:3b:07:73:5f:b1:82:
ed:28:44:39:f3:9e:41:4e:73:95:c9:af:7a:04:06:1b:e7:0d:
a7:69:22:89:73:62:5f:39:ce:ae:f1:66:28:f0:52:2a:47:88:
db:0c:61:05:ca:c4:13:7b:14:06:aa:4c:da:ed:51:70:ce:44:
53:f3:17:51:f9:ef:6f:e7:eb:ae:7f:c1:02:42:01:cb:cc:62:
94:c0:55:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS8wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTkxODUzWhcNMjcxMjEyMTkxODUzWjAYMRYw
FAYDVQQDEw02NzcxYTBhMS1jOTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq11Uojry/OL0mHHR9UqD8thFD+o1Wv51tIUJMGvRApftryuSle4hrf/l
XNpD1gMOd0A0Hfk4YpuXBVLk+eI/+bIMq3fiHdoemz5aRv+25veAhyWERfHs/Uup
IoKNNNKi9TbjQJ2IlZReWn0uxa6SFWJOmrv5ovPlCG+2qXfMfIG8ilw0Fr0KuWT+
OimU8cjOz71Zub2pQeJii8JIKM5A8BLmBmuP0xPLpFJLsxXkksr3doCrQvOh/7Hu
laeXDJg4ZOEZx3IZR5j7YT5UXz+VavA62tqX1sEWvf7odlY7H+kjjinqKOUjryDk
nDDZtfo0COAzZIV5hYdQDmQ66MSFXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJCz
JIYHkKUN0e6EnMP92H6li+LRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRkU0NjdGQUM2MTkxMUVGQTc5ODVDNDc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtl7MA0GCSqGSIb3DQEB
CwUAA4IBAQCNb0/mXNFVo7yDX9V+ZnCuHUE+a9OtTj850PWsesw6aJj6qME8XWXn
ha34/Kx3WwVY1L7De4TaFslYnMlPtmIPOwJPmeoHWDhypSqdiKb4WYtFcSvn1s8u
DJdJfUQs2ayp2q246CdxWlhNUOhXElVv6iRHPqCE2jqw7cwrljm7eUaOm81uatJT
egH5WkCti6mvrO6SsVWiNoI3HTCnvjrPcEwcMLu1/jMBqPfbIFs7B3NfsYLtKEQ5
855BTnOVya96BAYb5w2naSKJc2JfOc6u8WYo8FIqR4jbDGEFysQTexQGqkza7VFw
zkRT8xdR+e9v5+uuf8ECQgHLzGKUwFWK
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:48:58 2025 by rpki-client