Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9B940E2C5E311EF89BB9775762E951A.roa
File: C9B940E2C5E311EF89BB9775762E951A.roa (raw, json)
Hash identifier: mnyIdbjhcXJqYjrXuN7o6OVdQk1vS4MhdUCbFJQmpgo=
Subject key identifier: 8D:26:CD:D7:D4:E4:66:6C:F9:38:E8:45:5E:51:D2:60:72:DF:B7:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D66
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9B940E2C5E311EF89BB9775762E951A.roa
Signing time: Sun 29 Dec 2024 12:52:40 +0000
ROA not before: Sun 29 Dec 2024 12:52:37 +0000
ROA not after: Sun 12 Dec 2027 12:52:37 +0000
asID: 17561
IP address blocks: 154.210.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77158 (0x12d66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 12:52:37 2024 GMT
Not After : Dec 12 12:52:37 2027 GMT
Subject: CN=67714618-6ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:58:a5:04:8f:5d:bc:66:f8:83:72:c9:c6:70:
23:66:2a:3b:f7:78:f9:fb:f1:40:df:64:a4:bd:fa:
5c:48:c1:e7:03:40:3a:8a:97:1d:10:77:c7:2e:8f:
bb:cc:65:d3:33:8c:b4:aa:84:d8:ff:d0:4c:67:dc:
22:a9:54:33:88:e2:3b:af:7b:22:ca:5c:d0:36:31:
d5:2e:b9:45:8e:d5:39:e9:c6:1e:65:89:15:a2:3b:
6a:42:ab:7b:64:ca:4b:94:1e:2e:69:aa:a7:2d:d2:
5e:53:c1:91:2f:96:ce:af:b2:72:3d:d8:9b:7e:57:
79:cf:be:28:42:59:33:8d:23:aa:47:d5:6f:3f:40:
0d:66:0d:2d:65:54:90:de:f1:5e:3d:df:47:bd:30:
f3:f9:2a:88:20:92:c0:88:9e:77:4b:bd:bb:9c:de:
9b:6b:f9:b2:4a:f8:e9:dc:0a:bc:65:2d:63:ea:a8:
50:d4:8e:9d:b2:76:d9:8a:a7:a5:8d:b9:3f:4e:d7:
81:f1:d2:02:c4:4c:c7:3a:f5:08:55:90:64:c2:e8:
01:ee:a4:31:1f:42:75:38:ae:eb:85:c2:c6:77:ca:
41:9d:5e:80:f9:c5:a1:5b:c7:c2:cc:78:8e:32:94:
11:3b:d1:94:6f:b2:98:a2:9a:34:08:08:e9:42:05:
e4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:26:CD:D7:D4:E4:66:6C:F9:38:E8:45:5E:51:D2:60:72:DF:B7:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9B940E2C5E311EF89BB9775762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.117.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:20:25:cc:83:95:c4:89:e8:f4:3c:24:d4:b7:77:5e:ee:84:
c5:bf:ad:f2:a3:3e:40:4d:f6:63:9a:0d:08:13:21:ff:31:bd:
08:70:b5:4f:45:3f:54:28:a4:59:c2:c4:92:6f:9d:d1:8b:cd:
44:bf:1a:0b:13:2b:bd:4c:c9:7a:ca:83:a9:4a:29:58:8a:5f:
be:c7:95:49:b3:4f:fb:c8:08:2d:6b:d8:69:2e:c2:b1:df:2b:
42:1b:b3:24:57:fa:8b:f4:26:bb:68:6d:ac:c1:de:95:80:63:
de:16:26:aa:da:b2:9a:6b:cc:e2:63:ca:ba:cd:ab:09:5e:f7:
2c:ef:de:2a:31:15:0e:bb:20:e1:ea:5a:6f:99:75:08:7a:45:
42:f3:ba:6f:24:b8:38:5c:e2:db:c2:37:6a:7f:ec:2a:db:74:
84:2c:a3:39:88:21:81:ea:5d:f4:71:67:81:70:49:94:9a:ed:
d6:cb:aa:b8:58:f0:35:a2:7d:e0:51:2e:da:41:2f:07:a0:74:
65:27:0b:26:18:cc:eb:49:f6:3e:63:dd:a0:03:20:6e:ce:61:
58:94:da:2d:7d:2c:db:ca:30:2c:56:d9:24:74:74:53:da:61:
f1:ff:10:6e:07:74:6d:48:cd:68:6a:00:4f:b6:e7:93:f0:49:
36:e2:89:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS1mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTI1MjM3WhcNMjcxMjEyMTI1MjM3WjAYMRYw
FAYDVQQDEw02NzcxNDYxOC02Y2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA31ilBI9dvGb4g3LJxnAjZio793j5+/FA32SkvfpcSMHnA0A6ipcdEHfH
Lo+7zGXTM4y0qoTY/9BMZ9wiqVQziOI7r3siylzQNjHVLrlFjtU56cYeZYkVojtq
Qqt7ZMpLlB4uaaqnLdJeU8GRL5bOr7JyPdibfld5z74oQlkzjSOqR9VvP0ANZg0t
ZVSQ3vFePd9HvTDz+SqIIJLAiJ53S727nN6ba/mySvjp3Aq8ZS1j6qhQ1I6dsnbZ
iqeljbk/TteB8dICxEzHOvUIVZBkwugB7qQxH0J1OK7rhcLGd8pBnV6A+cWhW8fC
zHiOMpQRO9GUb7KYopo0CAjpQgXkVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI0m
zdfU5GZs+TjoRV5R0mBy37cvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOUI5NDBFMkM1RTMxMUVGODlCQjk3NzU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJ1MA0GCSqGSIb3DQEB
CwUAA4IBAQCzICXMg5XEiej0PCTUt3de7oTFv63yoz5ATfZjmg0IEyH/Mb0IcLVP
RT9UKKRZwsSSb53Ri81EvxoLEyu9TMl6yoOpSilYil++x5VJs0/7yAgta9hpLsKx
3ytCG7MkV/qL9Ca7aG2swd6VgGPeFiaq2rKaa8ziY8q6zasJXvcs794qMRUOuyDh
6lpvmXUIekVC87pvJLg4XOLbwjdqf+wq23SELKM5iCGB6l30cWeBcEmUmu3Wy6q4
WPA1on3gUS7aQS8HoHRlJwsmGMzrSfY+Y92gAyBuzmFYlNotfSzbyjAsVtkkdHRT
2mHx/xBuB3RtSM1oagBPtueT8Ek24oni
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:47 2025 by rpki-client