Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C16E01FCC1CE11EF96E54E7A762E951A.roa
File: C16E01FCC1CE11EF96E54E7A762E951A.roa (raw, json)
Hash identifier: vYsHWH6PpVa5mFTEOBtH4kJlOrMoQl0gvE7jHCGsJs4=
Subject key identifier: DC:FD:B5:E2:F5:AD:BD:36:EB:85:44:6F:F7:1A:7D:0F:02:25:CE:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012287
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C16E01FCC1CE11EF96E54E7A762E951A.roa
Signing time: Tue 24 Dec 2024 08:12:02 +0000
ROA not before: Tue 24 Dec 2024 08:11:59 +0000
ROA not after: Wed 10 Dec 2025 08:11:59 +0000
asID: 984
IP address blocks: 154.193.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74375 (0x12287)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 08:11:59 2024 GMT
Not After : Dec 10 08:11:59 2025 GMT
Subject: CN=676a6cd2-c26f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6c:1f:01:96:68:28:c2:88:ab:da:6f:4e:e2:
5a:6f:26:bc:7e:e0:10:4d:4d:6a:d4:94:6e:7a:15:
db:53:ea:54:76:f0:bb:88:4f:3a:f8:9a:7a:39:8f:
83:62:de:bc:08:0d:fc:12:51:7e:2f:3a:47:c2:00:
a1:06:a2:8e:02:05:a9:cc:ed:58:c1:6e:81:66:b0:
58:ce:0c:b3:ac:1e:26:2e:bb:8a:13:3a:59:cb:24:
42:8e:11:b3:fe:69:c2:7b:97:4a:4f:c6:e5:eb:94:
a9:c2:fa:ed:18:7e:e4:23:d7:cf:01:a3:59:c7:e3:
c2:c2:bb:c2:e4:e1:7f:9c:61:3f:83:3c:94:46:c9:
0c:25:89:7d:e1:18:cd:10:75:3c:97:1f:65:8d:0f:
55:55:b1:58:f5:99:e4:d0:21:73:83:c4:4c:eb:54:
d9:9b:af:23:26:97:a9:9d:84:65:ce:5b:c9:cc:6c:
97:6b:e6:5e:c2:18:c8:be:ea:08:7b:1b:5c:c6:fa:
47:5e:59:62:ce:40:f2:f5:66:b5:53:3c:34:ab:5e:
f9:37:08:48:7e:90:8b:6a:68:56:2b:07:bb:6b:fa:
ab:54:3f:5a:df:95:aa:1a:fb:16:ea:e3:ed:aa:7e:
5f:7e:26:7f:97:55:34:a1:5b:a2:2c:dc:2f:6f:e9:
96:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FD:B5:E2:F5:AD:BD:36:EB:85:44:6F:F7:1A:7D:0F:02:25:CE:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C16E01FCC1CE11EF96E54E7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.227.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:6c:da:61:4b:09:14:91:78:c2:0c:d4:cd:b8:f2:44:39:56:
b8:9c:2c:87:11:d2:bd:b3:cf:29:30:b4:b0:54:1f:d1:f5:d6:
d0:13:13:3f:50:68:1a:34:22:80:54:0c:54:39:40:7a:bd:60:
b5:b1:f3:00:9c:98:e9:12:0c:34:94:9f:7d:00:65:d6:cf:67:
a2:42:4e:a1:0d:ae:90:fe:18:dc:16:dd:71:c2:ae:e5:98:81:
f5:dd:26:38:20:ee:30:49:4e:ea:74:53:fd:cc:01:04:b6:4f:
a3:91:9a:ae:e9:bc:17:b9:c9:30:9e:71:6d:cb:81:48:9e:3c:
09:e5:c7:fe:2d:07:ad:92:4d:2a:1e:3e:84:4d:fb:17:96:57:
d2:3c:a4:71:16:ce:61:0b:43:96:2e:3a:78:21:2a:19:ac:e3:
82:80:33:c8:98:cf:83:21:fe:56:36:80:c3:6e:44:41:a1:51:
75:53:d3:8f:98:8d:86:d9:72:26:3c:fd:35:22:21:b8:45:47:
1e:79:26:0c:be:0e:8f:54:95:9c:c4:35:2a:3c:c0:d4:cf:3c:
a2:cc:c4:48:12:f9:c5:ab:02:76:3a:07:d4:26:5f:51:05:1e:
cb:97:a8:63:ca:95:ff:90:12:f9:ea:f5:5c:b6:bb:c7:bd:a1:
b1:52:66:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASKHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDgxMTU5WhcNMjUxMjEwMDgxMTU5WjAYMRYw
FAYDVQQDEw02NzZhNmNkMi1jMjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwmwfAZZoKMKIq9pvTuJabya8fuAQTU1q1JRuehXbU+pUdvC7iE86+Jp6
OY+DYt68CA38ElF+LzpHwgChBqKOAgWpzO1YwW6BZrBYzgyzrB4mLruKEzpZyyRC
jhGz/mnCe5dKT8bl65SpwvrtGH7kI9fPAaNZx+PCwrvC5OF/nGE/gzyURskMJYl9
4RjNEHU8lx9ljQ9VVbFY9Znk0CFzg8RM61TZm68jJpepnYRlzlvJzGyXa+ZewhjI
vuoIextcxvpHXllizkDy9Wa1Uzw0q175NwhIfpCLamhWKwe7a/qrVD9a35WqGvsW
6uPtqn5ffiZ/l1U0oVuiLNwvb+mWRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNz9
teL1rb0264VEb/cafQ8CJc6EMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMTZFMDFGQ0MxQ0UxMUVGOTZFNTRFN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsHjMA0GCSqGSIb3DQEB
CwUAA4IBAQArbNphSwkUkXjCDNTNuPJEOVa4nCyHEdK9s88pMLSwVB/R9dbQExM/
UGgaNCKAVAxUOUB6vWC1sfMAnJjpEgw0lJ99AGXWz2eiQk6hDa6Q/hjcFt1xwq7l
mIH13SY4IO4wSU7qdFP9zAEEtk+jkZqu6bwXuckwnnFty4FInjwJ5cf+LQetkk0q
Hj6ETfsXllfSPKRxFs5hC0OWLjp4ISoZrOOCgDPImM+DIf5WNoDDbkRBoVF1U9OP
mI2G2XImPP01IiG4RUceeSYMvg6PVJWcxDUqPMDUzzyizMRIEvnFqwJ2OgfUJl9R
BR7Ll6hjypX/kBL56vVctrvHvaGxUmYc
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:08:39 2025 by rpki-client