Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C61401A4C63B11EFB1B1359A762E951A.roa
File: C61401A4C63B11EFB1B1359A762E951A.roa (raw, json)
Hash identifier: /tskswO7y3IUC6/tfG33pQBVPmn3tvzBGF0b5+W4sCc=
Subject key identifier: 37:6D:3B:D4:D8:A0:64:74:05:5C:B0:72:8C:95:D6:9A:77:83:54:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01304B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C61401A4C63B11EFB1B1359A762E951A.roa
Signing time: Sun 29 Dec 2024 23:22:30 +0000
ROA not before: Sun 29 Dec 2024 23:22:26 +0000
ROA not after: Fri 12 Dec 2025 23:22:26 +0000
asID: 984
IP address blocks: 154.218.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77899 (0x1304b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 23:22:26 2024 GMT
Not After : Dec 12 23:22:26 2025 GMT
Subject: CN=6771d9b6-671c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:de:b3:dd:9b:52:97:97:11:3e:4f:23:1c:e9:
cf:2e:02:57:6d:de:08:9e:80:9a:22:1f:18:2c:3b:
51:37:cb:0a:4e:e0:76:60:d7:3c:24:b0:e5:eb:c6:
50:f8:14:37:08:46:eb:91:07:22:d4:ba:cb:93:44:
49:17:35:79:f5:55:2b:4e:41:a1:44:a0:22:a3:e7:
7e:0f:3c:dc:7f:cd:3e:7a:66:fb:d8:7c:2c:73:eb:
89:ce:f6:76:73:7d:9a:32:0e:97:b9:a4:d4:2f:8b:
ea:a1:a2:7c:64:c3:e1:9d:0d:9e:59:e1:11:12:c2:
a1:fa:d5:c5:96:0b:75:79:88:fa:bc:61:26:ba:50:
2e:6d:c4:90:de:3a:6b:7c:2b:04:1a:63:ca:55:3c:
9e:71:0f:c8:77:63:39:65:2a:ad:23:b2:9e:eb:2d:
9b:48:61:28:ab:57:f7:a5:f5:1b:bc:2f:95:a2:78:
5d:5f:ef:c3:3b:a6:59:16:7f:49:3c:c5:53:ac:a0:
0f:7d:79:49:3d:9d:b8:14:d3:0a:57:ef:e9:07:38:
c6:0a:0b:e7:e3:3a:05:c3:3d:a5:77:4b:02:87:c4:
07:99:84:b2:09:1b:f9:30:cb:5e:c9:35:fa:cb:0e:
f1:48:4f:f5:4a:da:a4:b8:8e:4e:c7:93:54:34:92:
5d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6D:3B:D4:D8:A0:64:74:05:5C:B0:72:8C:95:D6:9A:77:83:54:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C61401A4C63B11EFB1B1359A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.36.0/24
Signature Algorithm: sha256WithRSAEncryption
00:f1:6d:fe:82:44:f7:34:03:e8:26:3f:11:4b:b8:53:b4:ec:
79:b4:93:84:10:de:4b:15:71:da:5e:d9:e5:16:06:c6:4c:a9:
7c:ee:d4:65:36:f2:da:c4:b1:15:53:1b:8b:3d:3d:0e:84:72:
07:87:13:9f:d8:ab:79:3c:f6:f6:90:f9:c3:61:c9:f2:6a:69:
e5:52:9d:f5:5b:8a:b1:61:2d:7a:db:91:10:3a:4e:5a:83:39:
15:ab:0b:ed:ad:35:06:93:a2:3f:19:bc:a3:9e:f5:1e:f8:a1:
b2:e3:5a:4c:41:71:f3:6d:a7:07:db:36:85:2d:a4:c5:42:f1:
bc:bd:83:b7:09:5a:10:88:02:45:b8:14:84:dc:03:78:fa:87:
a4:05:76:f6:7e:28:b2:37:44:14:c6:41:a3:44:bc:52:15:da:
dd:56:0e:99:55:a8:55:79:4c:56:d2:19:3e:19:81:27:a1:38:
8b:a4:9a:71:15:bf:f0:bc:56:cc:d2:8e:cd:8f:9f:ed:aa:80:
a0:64:82:9a:b7:3c:79:f9:b8:42:cf:f6:3c:7f:00:44:48:65:
3b:13:6b:b8:8a:0a:0e:31:19:f4:1d:3d:6a:b1:77:c2:06:8c:
82:b3:e3:a3:5a:1f:f7:6e:34:49:f6:6b:b2:10:58:da:d8:63:
28:19:55:21
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATBLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjMyMjI2WhcNMjUxMjEyMjMyMjI2WjAYMRYw
FAYDVQQDEw02NzcxZDliNi02NzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAld6z3ZtSl5cRPk8jHOnPLgJXbd4InoCaIh8YLDtRN8sKTuB2YNc8JLDl
68ZQ+BQ3CEbrkQci1LrLk0RJFzV59VUrTkGhRKAio+d+Dzzcf80+emb72Hwsc+uJ
zvZ2c32aMg6XuaTUL4vqoaJ8ZMPhnQ2eWeEREsKh+tXFlgt1eYj6vGEmulAubcSQ
3jprfCsEGmPKVTyecQ/Id2M5ZSqtI7Ke6y2bSGEoq1f3pfUbvC+VonhdX+/DO6ZZ
Fn9JPMVTrKAPfXlJPZ24FNMKV+/pBzjGCgvn4zoFwz2ld0sCh8QHmYSyCRv5MMte
yTX6yw7xSE/1StqkuI5Ox5NUNJJdnwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDdt
O9TYoGR0BVywcoyV1pp3g1QeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjE0MDFBNEM2M0IxMUVGQjFCMTM1OUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtokMA0GCSqGSIb3DQEB
CwUAA4IBAQAA8W3+gkT3NAPoJj8RS7hTtOx5tJOEEN5LFXHaXtnlFgbGTKl87tRl
NvLaxLEVUxuLPT0OhHIHhxOf2Kt5PPb2kPnDYcnyamnlUp31W4qxYS1625EQOk5a
gzkVqwvtrTUGk6I/GbyjnvUe+KGy41pMQXHzbacH2zaFLaTFQvG8vYO3CVoQiAJF
uBSE3AN4+oekBXb2fiiyN0QUxkGjRLxSFdrdVg6ZVahVeUxW0hk+GYEnoTiLpJpx
Fb/wvFbM0o7Nj5/tqoCgZIKatzx5+bhCz/Y8fwBESGU7E2u4igoOMRn0HT1qsXfC
BoyCs+OjWh/3bjRJ9muyEFja2GMoGVUh
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:59:02 2025 by rpki-client