Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C64D8FB2C5FC11EFA8FB5C90762E951A.roa
File: C64D8FB2C5FC11EFA8FB5C90762E951A.roa (raw, json)
Hash identifier: qAzOggSCOGwhwXySB/9fTO+NpqYLSf1fbERG3NW5YMM=
Subject key identifier: 16:27:10:47:8B:CE:20:E0:82:45:BB:DB:49:19:37:54:69:9D:76:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E3A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C64D8FB2C5FC11EFA8FB5C90762E951A.roa
Signing time: Sun 29 Dec 2024 15:51:32 +0000
ROA not before: Sun 29 Dec 2024 15:51:29 +0000
ROA not after: Sun 12 Dec 2027 15:51:29 +0000
asID: 17561
IP address blocks: 154.217.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77370 (0x12e3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 15:51:29 2024 GMT
Not After : Dec 12 15:51:29 2027 GMT
Subject: CN=67717004-7689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f8:4e:6f:a1:af:4a:62:f3:75:99:74:1d:3e:
20:38:ba:a4:c6:19:b5:c0:24:9d:26:e1:bf:cd:c2:
93:a7:d5:aa:6d:7c:e7:e6:b6:d7:81:71:d2:82:a1:
60:38:3b:00:6f:ec:30:5a:c4:51:5f:c2:8e:af:20:
73:1a:1a:c2:ea:14:9b:d8:0a:c9:8c:4e:40:ff:96:
e5:16:84:51:3b:b0:ec:74:c5:f9:b1:24:a1:cc:b9:
d3:45:61:ba:da:1f:8e:68:60:f3:0b:6a:58:9a:2f:
d6:42:d3:c9:69:8e:8e:47:50:2d:da:59:3e:31:0f:
9b:13:2d:9b:88:c4:6b:a8:d8:48:f4:f1:99:32:a0:
80:7f:d1:97:2e:23:eb:2e:36:89:b6:f5:54:fb:de:
1d:35:bc:2a:0e:02:eb:f1:e8:b5:e8:16:fc:4d:f6:
9d:52:68:81:11:fe:92:6d:36:c8:d0:9e:5a:52:c6:
15:14:9f:76:0b:76:a8:c6:dc:0e:35:c2:a1:ca:57:
33:2a:0d:b9:ec:15:07:73:64:73:ca:7f:74:cb:5f:
ae:13:de:ff:95:85:91:19:45:55:8c:06:b0:c1:a3:
51:e4:e2:50:0e:9f:f5:59:83:8d:a9:ad:4c:0a:17:
53:a2:5a:e2:e9:a2:59:af:c1:fd:fc:31:b6:52:3c:
b0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:27:10:47:8B:CE:20:E0:82:45:BB:DB:49:19:37:54:69:9D:76:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C64D8FB2C5FC11EFA8FB5C90762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:c5:2e:f5:f0:cf:6e:98:c6:e3:6d:bf:e5:58:22:3e:09:41:
34:f6:94:ba:34:eb:7a:76:9f:d2:6a:a3:43:01:0e:50:8e:a2:
85:28:94:54:89:7b:ac:a2:98:98:21:d3:e5:0e:36:16:81:b1:
04:b6:c7:d6:9f:69:28:93:cf:b9:7d:62:ab:74:9a:e3:2d:e2:
c6:f5:48:b1:8d:a8:8d:fa:8a:1c:f2:3a:41:f8:90:56:7e:8b:
7d:37:0a:ac:8c:f6:53:33:a5:5b:47:45:58:78:67:c4:bb:5b:
d9:57:f2:b6:7d:0e:c0:4f:b6:57:21:51:00:32:5c:ab:62:4f:
4f:87:5f:03:10:dd:1b:49:de:cb:63:ac:4e:99:94:13:bc:32:
00:90:84:16:97:53:0d:42:66:1d:53:38:8b:55:fc:23:30:ba:
05:23:11:91:e7:e5:12:ee:63:08:83:4d:55:13:b9:ad:7c:56:
3c:b2:53:95:9d:c4:ce:a3:88:ef:86:33:b3:d1:91:3b:f0:76:
37:ae:0b:b8:4a:3e:19:f3:81:01:51:4f:cf:ec:04:8b:da:3e:
18:d2:6f:61:8e:95:2f:b2:43:cb:7a:25:c5:f3:2b:cf:e4:5b:
e1:e3:86:37:20:ea:a1:e8:67:c3:45:a7:7a:ea:3b:ae:e9:8d:
0e:e6:51:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS46MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTU1MTI5WhcNMjcxMjEyMTU1MTI5WjAYMRYw
FAYDVQQDEw02NzcxNzAwNC03Njg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwPhOb6GvSmLzdZl0HT4gOLqkxhm1wCSdJuG/zcKTp9WqbXzn5rbXgXHS
gqFgODsAb+wwWsRRX8KOryBzGhrC6hSb2ArJjE5A/5blFoRRO7DsdMX5sSShzLnT
RWG62h+OaGDzC2pYmi/WQtPJaY6OR1At2lk+MQ+bEy2biMRrqNhI9PGZMqCAf9GX
LiPrLjaJtvVU+94dNbwqDgLr8ei16Bb8TfadUmiBEf6SbTbI0J5aUsYVFJ92C3ao
xtwONcKhylczKg257BUHc2Rzyn90y1+uE97/lYWRGUVVjAawwaNR5OJQDp/1WYON
qa1MChdTolri6aJZr8H9/DG2UjywHQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBYn
EEeLziDggkW720kZN1RpnXZAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjREOEZCMkM1RkMxMUVGQThGQjVDOTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtkAMA0GCSqGSIb3DQEB
CwUAA4IBAQCnxS718M9umMbjbb/lWCI+CUE09pS6NOt6dp/SaqNDAQ5QjqKFKJRU
iXusopiYIdPlDjYWgbEEtsfWn2kok8+5fWKrdJrjLeLG9UixjaiN+ooc8jpB+JBW
fot9NwqsjPZTM6VbR0VYeGfEu1vZV/K2fQ7AT7ZXIVEAMlyrYk9Ph18DEN0bSd7L
Y6xOmZQTvDIAkIQWl1MNQmYdUziLVfwjMLoFIxGR5+US7mMIg01VE7mtfFY8slOV
ncTOo4jvhjOz0ZE78HY3rgu4Sj4Z84EBUU/P7ASL2j4Y0m9hjpUvskPLeiXF8yvP
5Fvh44Y3IOqh6GfDRad66juu6Y0O5lHo
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:57 2025 by rpki-client