Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C18AD1A2C26811EFB97D225B762E951A.roa
File: C18AD1A2C26811EFB97D225B762E951A.roa (raw, json)
Hash identifier: J2CNGNSVpl9Dei/GMQjaJAmZwGPazOh11PocnjK/whY=
Subject key identifier: 9D:E5:7F:12:41:E9:5B:B8:69:46:3B:1B:6C:25:DB:5E:D1:D6:8E:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012408
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C18AD1A2C26811EFB97D225B762E951A.roa
Signing time: Wed 25 Dec 2024 02:34:25 +0000
ROA not before: Wed 25 Dec 2024 02:34:21 +0000
ROA not after: Wed 10 Dec 2025 02:34:21 +0000
asID: 984
IP address blocks: 154.211.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74760 (0x12408)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 02:34:21 2024 GMT
Not After : Dec 10 02:34:21 2025 GMT
Subject: CN=676b6f31-a14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:11:d2:a1:b0:0f:e6:2a:ce:e3:f4:ce:92:f3:
38:96:24:ee:ae:89:36:4a:29:27:f7:23:80:24:1e:
87:06:4a:5b:4a:f6:4d:44:b1:dd:55:e5:c5:88:b7:
ae:02:39:89:7a:76:35:01:6c:91:57:f5:53:9d:ee:
0c:24:8a:72:d6:96:c8:4a:b5:a2:02:ba:8e:c6:ea:
9d:c7:c7:51:b0:3c:4b:0d:f3:df:3e:eb:cb:fb:81:
16:5a:5c:d8:2c:2f:7a:37:e4:d0:fd:0c:a2:61:4c:
b1:3d:e9:ec:2b:83:a0:9f:a1:ac:10:03:68:6c:33:
fb:39:04:62:8c:22:41:32:ec:04:0d:b5:04:cb:92:
16:bb:48:6b:fa:96:25:70:eb:3e:95:6e:1d:90:e5:
00:7d:c4:12:ec:f6:7c:80:2f:02:01:7e:ff:88:ce:
6e:f7:ba:d4:4a:04:0b:4c:b7:95:78:50:10:ec:62:
38:d7:ce:f1:cf:87:b5:8a:9c:67:a1:5f:ff:49:d3:
d6:f3:80:f3:5c:75:c1:66:8e:5d:ad:6d:de:27:61:
02:e4:62:a2:15:61:93:a2:24:f2:b8:ff:ee:3e:83:
77:53:2d:92:c4:83:f3:12:a8:7b:f5:00:67:7a:6c:
16:fb:50:21:38:2c:38:f3:ad:df:ee:42:62:80:71:
01:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E5:7F:12:41:E9:5B:B8:69:46:3B:1B:6C:25:DB:5E:D1:D6:8E:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C18AD1A2C26811EFB97D225B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.144.0/24
Signature Algorithm: sha256WithRSAEncryption
53:30:36:a1:55:7f:8a:3b:9a:ac:3f:f8:c0:98:2b:46:02:5b:
4d:a3:75:b8:4f:cd:7e:7f:d4:40:86:e4:a7:af:4c:c1:a2:94:
93:2c:54:cc:f9:c4:d1:1b:d5:ab:4e:32:f2:75:67:15:ac:14:
15:55:31:0f:9d:b6:57:26:f5:12:a1:c1:47:1f:4f:12:de:d2:
33:36:4e:d3:0d:e3:bb:72:b0:a1:e9:b5:ac:6b:f6:35:76:97:
66:a3:64:81:bc:8f:db:9c:0f:3e:6f:ab:3c:9a:dc:a1:5d:31:
2e:b4:4a:3d:b3:da:0b:02:10:0e:60:78:94:fd:e3:fe:87:fa:
7a:a7:27:1e:a9:20:65:7c:d1:17:3a:b6:b5:42:00:06:e9:3f:
ab:06:c7:b8:30:93:fe:64:f2:79:f6:77:09:76:ad:e0:c3:65:
20:07:ae:e0:8a:2b:7f:c4:9e:89:1f:bc:73:8b:6c:05:64:ab:
23:28:63:c5:9d:39:d6:34:d7:c4:d9:10:09:37:f1:6a:d3:4b:
4a:04:71:c0:2e:2a:b2:75:03:70:f6:74:c7:e6:20:a1:2b:81:
44:d9:ce:c4:80:1a:24:58:48:b2:83:cf:d5:78:33:e7:a0:b8:
19:f5:40:82:f1:06:9d:8c:a7:7a:43:07:88:10:f6:79:22:e3:
c5:80:28:17
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASQIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDIzNDIxWhcNMjUxMjEwMDIzNDIxWjAYMRYw
FAYDVQQDEw02NzZiNmYzMS1hMTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmxHSobAP5irO4/TOkvM4liTurok2Sikn9yOAJB6HBkpbSvZNRLHdVeXF
iLeuAjmJenY1AWyRV/VTne4MJIpy1pbISrWiArqOxuqdx8dRsDxLDfPfPuvL+4EW
WlzYLC96N+TQ/QyiYUyxPensK4Ogn6GsEANobDP7OQRijCJBMuwEDbUEy5IWu0hr
+pYlcOs+lW4dkOUAfcQS7PZ8gC8CAX7/iM5u97rUSgQLTLeVeFAQ7GI4187xz4e1
ipxnoV//SdPW84DzXHXBZo5drW3eJ2EC5GKiFWGToiTyuP/uPoN3Uy2SxIPzEqh7
9QBnemwW+1AhOCw4863f7kJigHEBXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ3l
fxJB6Vu4aUY7G2wl217R1o7bMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMThBRDFBMkMyNjgxMUVGQjk3RDIyNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtOQMA0GCSqGSIb3DQEB
CwUAA4IBAQBTMDahVX+KO5qsP/jAmCtGAltNo3W4T81+f9RAhuSnr0zBopSTLFTM
+cTRG9WrTjLydWcVrBQVVTEPnbZXJvUSocFHH08S3tIzNk7TDeO7crCh6bWsa/Y1
dpdmo2SBvI/bnA8+b6s8mtyhXTEutEo9s9oLAhAOYHiU/eP+h/p6pyceqSBlfNEX
Ora1QgAG6T+rBse4MJP+ZPJ59ncJdq3gw2UgB67giit/xJ6JH7xzi2wFZKsjKGPF
nTnWNNfE2RAJN/Fq00tKBHHALiqydQNw9nTH5iChK4FE2c7EgBokWEiyg8/VeDPn
oLgZ9UCC8QadjKd6QweIEPZ5IuPFgCgX
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:35:23 2025 by rpki-client