Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3D95B06D57111EF9BC7CEA0762E951A.roa
File: C3D95B06D57111EF9BC7CEA0762E951A.roa (raw, json)
Hash identifier: 5kDz4UWiYtP7zbZIAJCySDurKN+q2Ahz/ZctEa7kqYY=
Subject key identifier: E5:34:C4:1E:30:8C:CD:FC:5F:A7:9D:A9:71:33:4A:6D:C9:2F:65:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013DB0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3D95B06D57111EF9BC7CEA0762E951A.roa
Signing time: Sat 18 Jan 2025 07:56:47 +0000
ROA not before: Sat 18 Jan 2025 07:56:43 +0000
ROA not after: Sat 22 Feb 2025 07:56:43 +0000
asID: 400619
IP address blocks: 154.202.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 11:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81328 (0x13db0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 18 07:56:43 2025 GMT
Not After : Feb 22 07:56:43 2025 GMT
Subject: CN=678b5ebe-557e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a7:1c:62:a0:58:71:dd:1d:02:af:0a:03:af:
79:c0:e3:84:b9:a0:43:60:10:f1:3f:8c:e9:b3:e5:
da:d8:ef:83:61:0d:c1:70:bb:7a:b4:20:55:87:32:
38:5f:5c:ff:69:5f:c0:1c:f7:cd:58:3e:c1:b2:37:
a4:2c:42:62:41:ff:51:08:85:43:be:42:25:e5:20:
cc:97:ae:00:47:43:65:0b:96:39:e8:70:ba:40:c9:
cf:4d:d8:b2:24:65:53:6b:09:6d:84:86:f8:5b:93:
17:40:0c:e0:53:77:83:89:11:b4:a3:91:47:e6:20:
af:b3:cc:d8:ea:d5:a7:cc:99:e7:79:b6:e8:4c:a9:
c2:b1:32:fb:9c:6a:20:ca:6d:d4:d2:5a:7f:18:1a:
9b:93:27:01:f1:6d:a3:9c:79:e5:60:d6:18:e3:ae:
7d:be:a5:41:11:81:4e:48:18:03:82:dc:f9:41:86:
0f:a1:3f:13:c2:17:2c:76:8e:44:a3:72:bb:95:b7:
24:5f:22:27:74:d0:97:66:e9:69:00:ff:83:c0:44:
69:16:1f:32:e3:67:07:01:76:0d:69:b5:2b:e0:cb:
1c:78:6e:89:5b:40:9b:b5:58:d0:f7:f0:88:7c:3d:
67:4f:85:de:a0:57:2a:15:a6:46:e4:07:c8:a1:63:
c5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:34:C4:1E:30:8C:CD:FC:5F:A7:9D:A9:71:33:4A:6D:C9:2F:65:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C3D95B06D57111EF9BC7CEA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
Signature Algorithm: sha256WithRSAEncryption
27:08:5a:06:d2:e4:dc:bf:5f:08:4b:04:f0:5a:e5:7d:af:c9:
8b:ae:52:19:48:16:59:87:4f:6b:a4:9d:96:d7:ea:8e:6d:c5:
03:11:83:4e:b1:27:5b:86:c0:99:59:1c:62:db:5f:d7:8c:97:
55:81:49:d4:d8:6c:78:dd:d9:1a:29:49:bb:09:51:d7:a0:8b:
86:b5:1c:99:b5:34:5d:4a:4c:38:b3:ca:3f:85:9a:05:d5:84:
b8:18:ff:56:71:9a:b5:ea:83:ab:50:db:d6:b0:da:b8:d0:79:
f5:af:ff:24:0a:84:2f:12:ad:c2:b5:38:79:1e:75:ce:c6:44:
7d:cc:39:78:bf:a9:25:ab:25:3c:81:a0:6c:aa:1a:66:0d:ec:
50:0f:4d:c7:7e:55:df:90:d7:20:4f:c4:18:1c:ab:34:ed:23:
70:bf:19:35:80:e2:d2:9f:7b:70:53:46:5a:36:43:71:e5:e6:
0c:f9:79:b5:a6:61:f3:6b:82:47:05:0c:d4:9e:66:4b:f0:e3:
b6:e0:60:9d:27:d7:94:5c:8f:bc:69:eb:e8:91:a5:1d:12:a0:
77:93:72:0f:08:4a:75:4a:a8:59:82:08:88:7c:33:ac:73:3a:
1b:a0:2a:f3:55:f9:1e:bd:82:f4:c3:65:96:93:6c:3a:2c:10:
a4:9f:21:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT2wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDc1NjQzWhcNMjUwMjIyMDc1NjQzWjAYMRYw
FAYDVQQDEw02NzhiNWViZS01NTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnaccYqBYcd0dAq8KA695wOOEuaBDYBDxP4zps+Xa2O+DYQ3BcLt6tCBV
hzI4X1z/aV/AHPfNWD7BsjekLEJiQf9RCIVDvkIl5SDMl64AR0NlC5Y56HC6QMnP
TdiyJGVTawlthIb4W5MXQAzgU3eDiRG0o5FH5iCvs8zY6tWnzJnnebboTKnCsTL7
nGogym3U0lp/GBqbkycB8W2jnHnlYNYY4659vqVBEYFOSBgDgtz5QYYPoT8Twhcs
do5Eo3K7lbckXyIndNCXZulpAP+DwERpFh8y42cHAXYNabUr4MsceG6JW0CbtVjQ
9/CIfD1nT4XeoFcqFaZG5AfIoWPFawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOU0
xB4wjM38X6edqXEzSm3JL2WIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DM0Q5NUIwNkQ1NzExMUVGOUJDN0NFQTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsp1MA0GCSqGSIb3DQEB
CwUAA4IBAQAnCFoG0uTcv18ISwTwWuV9r8mLrlIZSBZZh09rpJ2W1+qObcUDEYNO
sSdbhsCZWRxi21/XjJdVgUnU2Gx43dkaKUm7CVHXoIuGtRyZtTRdSkw4s8o/hZoF
1YS4GP9WcZq16oOrUNvWsNq40Hn1r/8kCoQvEq3CtTh5HnXOxkR9zDl4v6klqyU8
gaBsqhpmDexQD03HflXfkNcgT8QYHKs07SNwvxk1gOLSn3twU0ZaNkNx5eYM+Xm1
pmHza4JHBQzUnmZL8OO24GCdJ9eUXI+8aevokaUdEqB3k3IPCEp1SqhZggiIfDOs
czoboCrzVfkevYL0w2WWk2w6LBCknyHC
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:39:12 2025 by rpki-client