Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C83A9608C8A911EFB4325492762E951A.roa
File: C83A9608C8A911EFB4325492762E951A.roa (raw, json)
Hash identifier: Tpy3OFy9oIJYTIjhzR7j3SVLDV+gK1djMTFeCoitjtM=
Subject key identifier: 3B:4C:62:37:08:20:B3:D6:E5:31:5C:74:5A:A7:4C:6B:A1:19:0A:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01316A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C83A9608C8A911EFB4325492762E951A.roa
Signing time: Thu 02 Jan 2025 01:35:01 +0000
ROA not before: Thu 02 Jan 2025 01:34:57 +0000
ROA not after: Sun 12 Dec 2027 01:34:57 +0000
asID: 17561
IP address blocks: 154.220.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78186 (0x1316a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 01:34:57 2025 GMT
Not After : Dec 12 01:34:57 2027 GMT
Subject: CN=6775ed45-aa10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:f8:bf:d8:e7:2e:8f:7f:17:1d:98:ea:a0:6e:
4d:ea:fa:82:30:18:ed:82:33:02:2a:cd:d7:3d:53:
2c:92:2f:a8:86:0a:c8:35:90:8a:65:80:a2:7e:73:
9a:27:df:df:95:89:f3:15:5c:fd:05:02:04:64:0a:
6b:92:7a:4f:31:05:fa:23:e1:0a:97:74:6a:83:39:
db:bb:e1:27:e1:70:05:79:d6:76:ab:74:8e:9a:53:
ce:63:a9:38:26:ee:4c:a5:3d:8f:06:79:d0:60:10:
25:4e:0b:36:24:2c:83:d2:ec:be:9e:e1:07:10:8a:
98:38:81:52:21:fa:82:06:04:4f:27:e8:79:9d:ea:
06:80:f2:02:15:a0:95:05:89:ee:17:b6:dc:f0:c2:
c0:5a:8d:d3:47:16:ca:91:3f:7e:9d:34:c2:3a:54:
a5:b7:c4:3e:8c:5b:95:b1:eb:ff:96:c7:2a:7a:00:
ad:be:32:cf:ec:37:04:c6:f4:b3:17:15:ee:e5:00:
d2:0c:94:3a:a2:d9:fd:b0:a9:a5:5d:13:79:a7:ee:
6f:14:a0:c5:ef:c9:24:f0:a4:f0:ec:dd:54:b2:60:
75:f7:26:bb:47:9f:b8:3d:7d:9c:c2:5d:2a:e3:be:
cd:fc:cc:fb:d2:ea:1f:14:e6:80:62:8f:1f:94:9d:
3c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4C:62:37:08:20:B3:D6:E5:31:5C:74:5A:A7:4C:6B:A1:19:0A:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C83A9608C8A911EFB4325492762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.144.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:ba:c4:d4:13:a2:9e:92:71:0d:2e:b5:99:a3:59:c7:d5:fa:
80:e6:50:5c:a1:bf:9b:a0:ea:12:f4:5a:1e:5a:70:8b:ec:90:
25:51:5d:4b:66:53:69:08:a5:4e:d8:60:d9:a2:8f:02:52:14:
cd:05:6e:f3:d4:22:25:57:77:c8:91:9b:81:1e:c4:03:06:6a:
72:c4:bc:a1:53:7e:42:cb:fd:d7:4a:51:a0:9f:c7:23:e0:f7:
cf:3c:55:8a:1e:bd:bf:c7:ec:58:4c:35:1a:73:1e:8d:50:a1:
7a:f5:e5:f9:11:03:83:5b:70:09:d0:c1:d0:f4:cc:b2:24:a6:
d8:6f:27:45:0b:70:39:fd:5b:e9:34:a3:e8:fe:45:9a:1b:42:
cf:08:9a:64:2b:31:33:12:23:43:84:d2:45:a1:82:1f:2b:e0:
7a:65:34:5f:cb:42:09:90:85:43:8b:2d:75:06:96:1d:df:26:
08:16:a1:9b:22:2e:4a:55:28:23:6f:ac:a3:03:07:94:fd:bf:
23:7d:d5:b6:2c:07:da:51:ac:0b:19:c8:e9:9a:d1:e6:56:88:
32:51:e9:cc:b0:83:2e:f7:bd:f5:46:f2:e5:d1:a5:c3:ad:2b:
cc:8c:dc:bd:26:89:7c:d5:ad:3a:3a:7f:59:c9:74:c4:e6:03:
48:2e:50:43
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATFqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDEzNDU3WhcNMjcxMjEyMDEzNDU3WjAYMRYw
FAYDVQQDEw02Nzc1ZWQ0NS1hYTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6Pi/2Ocuj38XHZjqoG5N6vqCMBjtgjMCKs3XPVMski+ohgrINZCKZYCi
fnOaJ9/flYnzFVz9BQIEZAprknpPMQX6I+EKl3Rqgznbu+En4XAFedZ2q3SOmlPO
Y6k4Ju5MpT2PBnnQYBAlTgs2JCyD0uy+nuEHEIqYOIFSIfqCBgRPJ+h5neoGgPIC
FaCVBYnuF7bc8MLAWo3TRxbKkT9+nTTCOlSlt8Q+jFuVsev/lscqegCtvjLP7DcE
xvSzFxXu5QDSDJQ6otn9sKmlXRN5p+5vFKDF78kk8KTw7N1UsmB19ya7R5+4PX2c
wl0q477N/Mz70uofFOaAYo8flJ08bQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDtM
YjcIILPW5TFcdFqnTGuhGQrkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DODNBOTYwOEM4QTkxMUVGQjQzMjU0OTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtyQMA0GCSqGSIb3DQEB
CwUAA4IBAQAcusTUE6KeknENLrWZo1nH1fqA5lBcob+boOoS9FoeWnCL7JAlUV1L
ZlNpCKVO2GDZoo8CUhTNBW7z1CIlV3fIkZuBHsQDBmpyxLyhU35Cy/3XSlGgn8cj
4PfPPFWKHr2/x+xYTDUacx6NUKF69eX5EQODW3AJ0MHQ9MyyJKbYbydFC3A5/Vvp
NKPo/kWaG0LPCJpkKzEzEiNDhNJFoYIfK+B6ZTRfy0IJkIVDiy11BpYd3yYIFqGb
Ii5KVSgjb6yjAweU/b8jfdW2LAfaUawLGcjpmtHmVogyUenMsIMu9731RvLl0aXD
rSvMjNy9Jol81a06On9ZyXTE5gNILlBD
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:56 2025 by rpki-client