Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C6072E96C5F711EF8F8D5472762E951A.roa
File: C6072E96C5F711EF8F8D5472762E951A.roa (raw, json)
Hash identifier: 51izN52zZXOTxC5FWii/buLway4BhsR/Aa3/md4Ntaw=
Subject key identifier: A1:65:A0:74:D8:CE:D1:31:A5:C0:99:7A:F3:8E:4B:6A:4A:11:D3:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E10
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C6072E96C5F711EF8F8D5472762E951A.roa
Signing time: Sun 29 Dec 2024 15:15:44 +0000
ROA not before: Sun 29 Dec 2024 15:15:40 +0000
ROA not after: Sun 12 Dec 2027 15:15:40 +0000
asID: 17561
IP address blocks: 154.213.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77328 (0x12e10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 15:15:40 2024 GMT
Not After : Dec 12 15:15:40 2027 GMT
Subject: CN=677167a0-e0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:73:42:e6:9f:bf:70:3a:d3:cd:a1:42:4c:e7:
a1:42:63:9c:4d:93:a9:b8:92:1e:ca:e5:62:41:83:
fc:8d:fa:4b:bd:de:d6:ef:1a:78:bd:f0:01:1c:f9:
ca:d1:fc:bb:9b:04:07:22:24:49:4f:37:05:3d:84:
e1:64:f4:00:2f:8a:40:eb:7e:2f:81:95:45:08:c2:
68:06:f9:ed:71:20:78:73:1e:6b:cd:73:65:50:90:
34:3f:b8:60:5c:48:77:59:e1:bc:93:ef:b9:76:48:
f5:d1:b4:d4:97:7e:99:d3:da:d2:fc:b7:34:98:21:
2e:90:46:2d:4d:40:e9:c6:7d:27:b0:9f:88:59:54:
8f:a6:2a:cd:a9:cd:b0:4a:35:ee:02:ec:2e:3d:1c:
64:b4:d9:31:aa:6b:15:50:49:a7:27:bc:e6:dc:0e:
f3:08:b6:0b:bb:48:a1:f9:49:92:a6:a4:66:c5:15:
7c:75:df:84:7b:ed:4e:a3:0d:60:2a:49:21:e4:a2:
a2:2c:6d:80:4f:94:89:63:b6:7a:fb:3a:a3:5e:e5:
82:b3:13:7b:d2:c6:b2:ec:c6:e8:05:15:e5:69:90:
f3:44:e2:2f:f7:cb:a7:c2:23:45:43:ee:32:e6:cc:
0e:31:40:1e:ed:00:cf:19:5f:6e:bc:3b:8b:e5:84:
ab:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:65:A0:74:D8:CE:D1:31:A5:C0:99:7A:F3:8E:4B:6A:4A:11:D3:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C6072E96C5F711EF8F8D5472762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.214.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:c6:77:17:2a:9d:3b:1d:33:f3:61:25:30:17:97:5f:1a:05:
ac:f3:b2:63:04:e9:da:36:c8:de:ca:c4:0a:11:52:82:b9:ef:
75:3d:52:c0:97:f1:a7:5e:ad:35:3a:27:0b:06:4d:32:e3:e5:
aa:f0:0a:7b:da:6e:37:08:04:74:0e:cf:e0:79:68:50:b3:fa:
1e:00:95:12:a1:a6:d2:53:e3:7c:98:37:63:20:67:d6:3d:25:
50:32:75:d4:69:2c:61:7d:ad:0a:f7:ef:ee:99:be:7a:83:87:
fa:76:b7:16:9f:b1:51:2a:89:66:67:f2:96:96:56:c0:c6:d3:
a6:9d:5c:df:9b:34:df:28:2f:3e:cb:8d:bc:49:48:f6:0d:05:
09:44:95:b5:d4:0a:bb:e0:28:8f:82:a0:fe:fd:e5:ea:dc:29:
b4:8f:20:7f:87:f7:3d:d1:da:40:03:2b:18:ba:80:f7:df:1b:
42:a9:f6:a5:30:fc:08:d6:89:99:bb:8d:e3:48:9e:9d:4d:4b:
f2:72:7c:f6:32:3e:80:8c:c9:1c:51:9a:ab:6c:53:ac:54:8f:
ab:8c:b4:c1:03:d8:3b:03:34:f9:3a:cb:a0:e0:08:fc:fa:29:
26:0a:89:80:07:03:f0:e7:f2:57:47:09:ec:00:cd:95:98:1a:
18:66:dc:66
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS4QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTUxNTQwWhcNMjcxMjEyMTUxNTQwWjAYMRYw
FAYDVQQDEw02NzcxNjdhMC1lMGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA53NC5p+/cDrTzaFCTOehQmOcTZOpuJIeyuViQYP8jfpLvd7W7xp4vfAB
HPnK0fy7mwQHIiRJTzcFPYThZPQAL4pA634vgZVFCMJoBvntcSB4cx5rzXNlUJA0
P7hgXEh3WeG8k++5dkj10bTUl36Z09rS/Lc0mCEukEYtTUDpxn0nsJ+IWVSPpirN
qc2wSjXuAuwuPRxktNkxqmsVUEmnJ7zm3A7zCLYLu0ih+UmSpqRmxRV8dd+Ee+1O
ow1gKkkh5KKiLG2AT5SJY7Z6+zqjXuWCsxN70say7MboBRXlaZDzROIv98unwiNF
Q+4y5swOMUAe7QDPGV9uvDuL5YSrIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKFl
oHTYztExpcCZevOOS2pKEdO/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjA3MkU5NkM1RjcxMUVGOEY4RDU0NzI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtXWMA0GCSqGSIb3DQEB
CwUAA4IBAQAtxncXKp07HTPzYSUwF5dfGgWs87JjBOnaNsjeysQKEVKCue91PVLA
l/GnXq01OicLBk0y4+Wq8Ap72m43CAR0Ds/geWhQs/oeAJUSoabSU+N8mDdjIGfW
PSVQMnXUaSxhfa0K9+/umb56g4f6drcWn7FRKolmZ/KWllbAxtOmnVzfmzTfKC8+
y428SUj2DQUJRJW11Aq74CiPgqD+/eXq3Cm0jyB/h/c90dpAAysYuoD33xtCqfal
MPwI1omZu43jSJ6dTUvycnz2Mj6AjMkcUZqrbFOsVI+rjLTBA9g7AzT5Osug4Aj8
+ikmComABwPw5/JXRwnsAM2VmBoYZtxm
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:31 2025 by rpki-client