Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C623631AD30B11EF8935E393762E951A.roa
File: C623631AD30B11EF8935E393762E951A.roa (raw, json)
Hash identifier: fOp70BoZqv9bTbPvD2QKl2bnt8qlTPVyIrbYVU7f95k=
Subject key identifier: 7D:09:35:FD:D1:C1:57:73:E0:8D:43:19:69:D3:82:E1:DC:C5:16:9A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013BAB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C623631AD30B11EF8935E393762E951A.roa
Signing time: Wed 15 Jan 2025 06:41:39 +0000
ROA not before: Wed 15 Jan 2025 06:41:36 +0000
ROA not after: Sun 23 Feb 2025 06:41:36 +0000
asID: 174
IP address blocks: 154.214.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80811 (0x13bab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 06:41:36 2025 GMT
Not After : Feb 23 06:41:36 2025 GMT
Subject: CN=678758a3-48b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b5:3b:e3:d7:27:2a:ac:f6:6a:c0:4c:0e:75:
b5:a8:0f:64:b5:77:3e:fa:d5:e1:21:5a:16:b5:63:
3a:47:30:a4:2d:82:1a:d9:8f:66:a6:e5:e4:b5:75:
3b:41:86:a8:f0:96:00:b4:1a:3a:1e:65:9d:91:23:
d3:e4:59:28:db:be:c5:23:6d:61:5f:c9:bc:7b:ef:
b7:e7:d2:9f:03:b0:0a:bb:82:a3:17:ee:09:fb:7e:
b0:00:be:5e:8b:22:df:16:5a:ca:c8:23:a7:37:5d:
d9:39:cb:25:7c:91:4b:2f:20:5e:35:50:3f:c2:5b:
52:5e:9e:4e:53:47:81:f9:9a:bc:b5:83:5d:08:ef:
a1:23:7d:85:97:a0:93:82:4b:b1:f2:49:cc:7c:16:
f9:6e:01:ec:e1:13:1d:21:16:c4:24:f8:b9:bb:86:
7a:15:0c:92:81:cd:3c:7c:91:5c:a6:67:5f:06:bd:
78:d0:ad:ab:35:3e:02:8d:00:54:1b:cc:13:82:00:
40:e4:45:9e:cc:7e:34:4e:02:bd:07:56:48:cd:23:
03:b4:76:54:8e:97:51:01:72:b6:ef:b0:36:c3:60:
f8:d4:ea:32:8a:bc:0e:6f:c3:43:5f:98:76:6e:5f:
dc:42:43:f6:37:fd:80:b4:36:2d:ac:50:16:d5:43:
50:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:09:35:FD:D1:C1:57:73:E0:8D:43:19:69:D3:82:E1:DC:C5:16:9A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C623631AD30B11EF8935E393762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.0.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:ff:bc:e8:32:29:f7:54:18:d4:8e:5f:33:9c:20:f2:e8:d5:
ce:c4:6b:11:d5:c7:75:42:ca:94:17:a5:bd:06:ba:9d:90:fd:
8c:4d:91:78:2d:4e:1f:3a:e0:95:fb:7e:90:ed:31:94:ce:63:
80:fc:00:8d:d5:05:eb:25:f1:54:30:ae:0c:dc:82:ab:40:96:
c9:6f:30:06:9e:76:c7:14:32:fe:cd:a5:60:bb:14:42:71:a1:
52:54:02:8f:96:bf:fb:0c:03:72:cd:35:c1:b8:6d:46:ec:f5:
86:99:9e:67:ba:6d:93:32:97:29:62:7c:f0:4b:6d:44:15:c7:
68:f7:c1:ac:19:c3:dc:ad:eb:04:c5:0d:ce:e1:33:9f:81:df:
a1:be:7c:f8:29:2e:b1:19:8c:f7:ea:0c:6f:3d:c5:3c:a7:ed:
44:2b:cb:e0:77:71:aa:d3:1b:88:a1:d0:05:fe:a4:68:9f:28:
34:37:ae:ed:ef:59:a0:83:d2:43:07:9f:37:87:d1:74:1f:05:
df:41:cc:47:a6:9e:84:f5:4d:a7:57:a2:d8:98:6f:63:98:1a:
6d:9f:1b:81:7a:9f:99:06:c1:d8:cc:90:3f:ab:6a:ac:9e:7b:
c1:cb:9d:b8:30:e4:75:c1:0d:b5:94:0d:d5:34:f8:ad:2c:43:
47:74:de:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATurMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDY0MTM2WhcNMjUwMjIzMDY0MTM2WjAYMRYw
FAYDVQQDEw02Nzg3NThhMy00OGI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzbU749cnKqz2asBMDnW1qA9ktXc++tXhIVoWtWM6RzCkLYIa2Y9mpuXk
tXU7QYao8JYAtBo6HmWdkSPT5Fko277FI21hX8m8e++359KfA7AKu4KjF+4J+36w
AL5eiyLfFlrKyCOnN13ZOcslfJFLLyBeNVA/wltSXp5OU0eB+Zq8tYNdCO+hI32F
l6CTgkux8knMfBb5bgHs4RMdIRbEJPi5u4Z6FQySgc08fJFcpmdfBr140K2rNT4C
jQBUG8wTggBA5EWezH40TgK9B1ZIzSMDtHZUjpdRAXK277A2w2D41OoyirwOb8ND
X5h2bl/cQkP2N/2AtDYtrFAW1UNQYQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH0J
Nf3RwVdz4I1DGWnTguHcxRaaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjIzNjMxQUQzMEIxMUVGODkzNUUzOTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtYAMA0GCSqGSIb3DQEB
CwUAA4IBAQDC/7zoMin3VBjUjl8znCDy6NXOxGsR1cd1QsqUF6W9BrqdkP2MTZF4
LU4fOuCV+36Q7TGUzmOA/ACN1QXrJfFUMK4M3IKrQJbJbzAGnnbHFDL+zaVguxRC
caFSVAKPlr/7DANyzTXBuG1G7PWGmZ5num2TMpcpYnzwS21EFcdo98GsGcPcresE
xQ3O4TOfgd+hvnz4KS6xGYz36gxvPcU8p+1EK8vgd3Gq0xuIodAF/qRonyg0N67t
71mgg9JDB583h9F0HwXfQcxHpp6E9U2nV6LYmG9jmBptnxuBep+ZBsHYzJA/q2qs
nnvBy524MOR1wQ21lA3VNPitLENHdN7W
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:43:35 2025 by rpki-client