Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C566CF56C52911EFBAEFB159762E951A.roa
File: C566CF56C52911EFBAEFB159762E951A.roa (raw, json)
Hash identifier: fu9AgzqZVgCnJNgU33Kt5YDCc/2ycTkXh8Db2SAv3Ig=
Subject key identifier: 73:0E:3C:13:48:EE:35:51:9E:2B:5C:EB:0F:6E:BA:6C:8F:AF:67:3A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012BA9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C566CF56C52911EFBAEFB159762E951A.roa
Signing time: Sat 28 Dec 2024 14:41:07 +0000
ROA not before: Sat 28 Dec 2024 14:41:03 +0000
ROA not after: Fri 12 Dec 2025 14:41:03 +0000
asID: 984
IP address blocks: 154.204.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76713 (0x12ba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 14:41:03 2024 GMT
Not After : Dec 12 14:41:03 2025 GMT
Subject: CN=67700e03-78d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:4f:d6:38:52:8f:f8:59:72:84:f1:8d:2f:ee:
01:3d:02:35:66:06:84:71:1f:40:a5:b1:fd:db:e5:
6e:bd:3a:b9:51:15:b1:84:f8:ad:2a:ac:24:8d:84:
82:9e:24:ff:a4:9e:90:8f:ba:eb:12:af:a1:01:b8:
86:78:1b:0d:bb:6a:bb:34:3f:fc:9e:e3:bf:90:fd:
1d:02:b8:fb:21:ee:86:3d:1d:63:d9:b5:07:2b:17:
3b:66:31:5d:5e:01:d7:9b:ed:25:27:49:54:3e:22:
09:14:1a:e2:68:e5:6b:5d:13:87:ec:9e:ca:e6:4d:
f4:88:35:49:cd:96:40:43:d2:cc:d0:6a:c5:d5:ae:
3c:8f:30:33:f6:d5:ad:af:7c:97:a4:9a:db:fb:24:
b0:11:34:65:a3:38:90:ec:09:f3:3d:71:af:d6:f0:
90:6a:99:8c:66:29:ea:ee:d8:10:76:82:b7:0b:64:
6d:b5:9f:02:57:96:77:4a:db:a3:05:85:e3:84:7a:
30:b5:14:5c:a7:2d:fa:37:33:d7:8f:6e:d6:9a:91:
13:23:d8:34:00:d5:af:94:09:06:83:06:5e:43:3d:
68:ef:05:48:4c:73:a9:eb:46:41:ef:53:db:dc:c6:
49:d3:ff:04:88:24:f4:76:eb:75:63:ff:0c:27:3b:
31:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:0E:3C:13:48:EE:35:51:9E:2B:5C:EB:0F:6E:BA:6C:8F:AF:67:3A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C566CF56C52911EFBAEFB159762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.31.0/24
Signature Algorithm: sha256WithRSAEncryption
11:c0:b6:9f:c9:84:4a:03:c0:4c:ba:26:86:99:a6:ee:ae:4e:
25:40:4a:bd:fc:36:fc:28:9a:62:a6:34:cc:c8:38:bf:17:ea:
0d:67:08:e2:59:37:1f:ba:50:0b:10:c6:3f:1f:7e:a0:10:d3:
38:f5:cf:e0:d0:cd:ef:64:4c:9a:bf:2f:fc:d6:12:01:70:e2:
71:ce:6f:5c:b6:4b:a9:f0:83:da:95:0b:65:c2:7b:d4:bf:f2:
c8:b2:58:46:fe:76:52:3d:bc:86:72:db:21:91:8a:55:08:f7:
03:0e:eb:fe:62:fa:ec:24:aa:38:c7:7d:7f:64:ec:64:70:7f:
a4:59:8e:6b:49:fb:8c:fc:dd:f4:3a:a6:22:ad:3a:39:01:57:
a7:16:e4:83:cf:9b:15:97:d0:29:65:dc:bb:44:15:67:79:5c:
bb:09:d4:d1:50:57:3a:2e:a2:78:74:9e:a4:85:db:bd:e1:79:
f3:3c:2c:33:9d:9d:dd:c1:0a:53:28:65:42:8b:bf:40:8d:9b:
85:67:67:92:41:6d:c3:20:98:db:99:3d:b3:03:7e:2e:c5:e4:
bd:d3:53:1c:15:54:00:5b:e9:a0:13:68:47:4c:f5:42:1f:ec:
c7:fd:35:a9:b6:27:7a:8e:5a:c0:e9:2e:8d:80:c7:de:80:df:
4a:9c:fb:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASupMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTQ0MTAzWhcNMjUxMjEyMTQ0MTAzWjAYMRYw
FAYDVQQDEw02NzcwMGUwMy03OGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6E/WOFKP+FlyhPGNL+4BPQI1ZgaEcR9ApbH92+VuvTq5URWxhPitKqwk
jYSCniT/pJ6Qj7rrEq+hAbiGeBsNu2q7ND/8nuO/kP0dArj7Ie6GPR1j2bUHKxc7
ZjFdXgHXm+0lJ0lUPiIJFBriaOVrXROH7J7K5k30iDVJzZZAQ9LM0GrF1a48jzAz
9tWtr3yXpJrb+ySwETRloziQ7AnzPXGv1vCQapmMZinq7tgQdoK3C2RttZ8CV5Z3
StujBYXjhHowtRRcpy36NzPXj27WmpETI9g0ANWvlAkGgwZeQz1o7wVITHOp60ZB
71Pb3MZJ0/8EiCT0dut1Y/8MJzsxkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHMO
PBNI7jVRnitc6w9uumyPr2c6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNTY2Q0Y1NkM1MjkxMUVGQkFFRkIxNTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmswfMA0GCSqGSIb3DQEB
CwUAA4IBAQARwLafyYRKA8BMuiaGmaburk4lQEq9/Db8KJpipjTMyDi/F+oNZwji
WTcfulALEMY/H36gENM49c/g0M3vZEyavy/81hIBcOJxzm9ctkup8IPalQtlwnvU
v/LIslhG/nZSPbyGctshkYpVCPcDDuv+YvrsJKo4x31/ZOxkcH+kWY5rSfuM/N30
OqYirTo5AVenFuSDz5sVl9ApZdy7RBVneVy7CdTRUFc6LqJ4dJ6khdu94XnzPCwz
nZ3dwQpTKGVCi79AjZuFZ2eSQW3DIJjbmT2zA34uxeS901McFVQAW+mgE2hHTPVC
H+zH/TWptid6jlrA6S6NgMfegN9KnPvi
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:20:59 2025 by rpki-client