Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CBEE29A2C42D11EFBEC727A1762E951A.roa
File: CBEE29A2C42D11EFBEC727A1762E951A.roa (raw, json)
Hash identifier: 3mngK7TWm19E5VpFVTwOwHALVvapPudhx5OW1tDuXf0=
Subject key identifier: 18:69:74:1A:12:AD:22:81:11:D5:9F:19:D2:DF:AC:3D:C8:AD:A4:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012A3F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CBEE29A2C42D11EFBEC727A1762E951A.roa
Signing time: Fri 27 Dec 2024 08:37:25 +0000
ROA not before: Fri 27 Dec 2024 08:37:21 +0000
ROA not after: Sun 12 Dec 2027 08:37:21 +0000
asID: 17561
IP address blocks: 154.203.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76351 (0x12a3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 08:37:21 2024 GMT
Not After : Dec 12 08:37:21 2027 GMT
Subject: CN=676e6745-4607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:62:68:ba:17:18:8b:6b:42:00:34:ec:24:e4:
2c:6e:56:21:1b:f8:73:ce:06:09:df:ef:4e:bc:cb:
cd:cf:e9:12:8f:1c:20:dd:4d:b3:f7:f7:63:ff:87:
53:fb:9e:47:8f:a8:ca:ab:48:01:4f:19:8f:0e:e7:
9e:34:47:c9:bf:11:82:75:3d:5f:22:ce:60:d1:45:
31:da:8f:25:fa:25:0a:36:94:63:46:db:19:ec:dd:
89:e5:7f:fe:39:cf:e0:8d:b6:9b:9e:28:0a:b8:3e:
32:0e:2e:2b:e7:e5:19:8e:62:e5:bc:2e:4f:8e:29:
41:73:a8:5b:df:ee:14:af:f5:74:be:c7:1c:84:fd:
30:16:41:30:8c:c7:cb:4d:e2:ff:9f:bd:68:64:2b:
44:26:f7:ba:38:71:6a:8c:5f:15:ba:6f:73:40:27:
ca:4c:b5:9d:01:f3:9b:fc:20:4e:c8:9e:33:b5:4c:
66:6b:a4:b9:51:93:8f:e9:19:67:bf:e8:28:ed:c0:
23:e3:4b:47:8c:dd:53:55:80:76:65:0e:55:39:1b:
6e:07:a2:4f:9a:df:ad:2b:6c:68:c3:b2:94:f8:af:
f2:99:3b:71:d5:25:a4:bf:54:f4:2c:9e:87:7b:42:
29:9a:57:b0:7f:64:8f:5b:56:87:ad:45:21:e3:3b:
aa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:69:74:1A:12:AD:22:81:11:D5:9F:19:D2:DF:AC:3D:C8:AD:A4:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CBEE29A2C42D11EFBEC727A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.7.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:b1:1e:2f:8d:5e:00:0b:0b:4e:aa:bc:af:8d:d5:38:45:6b:
d8:1b:2b:86:3f:d2:5d:52:30:f7:05:c1:2c:1f:7b:eb:e4:03:
0a:6f:f6:cb:eb:b1:77:9d:d5:3d:82:6d:a1:59:fe:4d:83:3f:
e7:41:e4:8a:0c:60:2b:2c:05:20:af:25:a5:b4:a0:67:df:4c:
0d:d7:17:59:c6:d9:bf:e0:99:20:30:e1:26:79:32:ec:d9:03:
f9:14:bc:65:00:f6:5c:9c:e5:50:46:dc:43:cd:63:17:6b:ac:
cf:39:91:4c:2b:23:cc:8d:ec:b1:ea:00:8b:3e:53:d1:91:28:
8d:4f:4f:9e:e6:40:18:20:3f:52:ee:72:cb:c2:77:c5:1d:51:
f1:78:c8:f7:1a:fe:02:1d:b4:25:38:de:13:cc:90:41:32:cb:
42:2c:f0:bc:09:8d:ee:43:21:5b:5a:48:ae:01:55:5c:38:ce:
ab:a4:f8:62:8c:d0:0e:fd:43:bd:11:ef:c4:0d:c5:a2:f0:6b:
9a:78:d8:30:64:e3:ac:2e:20:cf:0a:d2:6f:1a:87:cc:c7:5f:
37:30:86:7d:32:3b:9a:d8:65:a5:89:bb:c3:f7:c4:c4:00:c4:
85:2c:a2:12:03:31:96:61:5a:7a:9c:cb:f6:f8:42:0e:48:ad:
5f:e0:98:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASo/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDgzNzIxWhcNMjcxMjEyMDgzNzIxWjAYMRYw
FAYDVQQDEw02NzZlNjc0NS00NjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx2JouhcYi2tCADTsJOQsblYhG/hzzgYJ3+9OvMvNz+kSjxwg3U2z9/dj
/4dT+55Hj6jKq0gBTxmPDueeNEfJvxGCdT1fIs5g0UUx2o8l+iUKNpRjRtsZ7N2J
5X/+Oc/gjbabnigKuD4yDi4r5+UZjmLlvC5PjilBc6hb3+4Ur/V0vscchP0wFkEw
jMfLTeL/n71oZCtEJve6OHFqjF8Vum9zQCfKTLWdAfOb/CBOyJ4ztUxma6S5UZOP
6Rlnv+go7cAj40tHjN1TVYB2ZQ5VORtuB6JPmt+tK2xow7KU+K/ymTtx1SWkv1T0
LJ6He0Ipmlewf2SPW1aHrUUh4zuq4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBhp
dBoSrSKBEdWfGdLfrD3IraRIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQkVFMjlBMkM0MkQxMUVGQkVDNzI3QTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmssHMA0GCSqGSIb3DQEB
CwUAA4IBAQAbsR4vjV4ACwtOqryvjdU4RWvYGyuGP9JdUjD3BcEsH3vr5AMKb/bL
67F3ndU9gm2hWf5Ngz/nQeSKDGArLAUgryWltKBn30wN1xdZxtm/4JkgMOEmeTLs
2QP5FLxlAPZcnOVQRtxDzWMXa6zPOZFMKyPMjeyx6gCLPlPRkSiNT0+e5kAYID9S
7nLLwnfFHVHxeMj3Gv4CHbQlON4TzJBBMstCLPC8CY3uQyFbWkiuAVVcOM6rpPhi
jNAO/UO9Ee/EDcWi8GuaeNgwZOOsLiDPCtJvGofMx183MIZ9Mjua2GWlibvD98TE
AMSFLKISAzGWYVp6nMv2+EIOSK1f4Jil
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:06 2025 by rpki-client