Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD561C58C36711EFAD6A96B1762E951A.roa
File: CD561C58C36711EFAD6A96B1762E951A.roa (raw, json)
Hash identifier: Mn2whYhMnOdqgrrywWBU1DdvCGVsvlXSo23XmU1GTzw=
Subject key identifier: 22:D5:F3:7F:43:83:B8:4E:34:BC:99:C1:D6:0A:04:51:D3:E3:20:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0126C8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD561C58C36711EFAD6A96B1762E951A.roa
Signing time: Thu 26 Dec 2024 09:00:07 +0000
ROA not before: Thu 26 Dec 2024 09:00:03 +0000
ROA not after: Sun 12 Dec 2027 09:00:03 +0000
asID: 17561
IP address blocks: 154.94.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75464 (0x126c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 09:00:03 2024 GMT
Not After : Dec 12 09:00:03 2027 GMT
Subject: CN=676d1b17-bcaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:39:c8:1c:10:7d:8e:0d:63:c4:85:9b:bb:54:
10:f9:4f:78:ba:79:11:ed:e4:ea:bc:46:36:b4:2f:
7f:e0:9b:98:d9:4c:e6:2d:e2:26:3e:dc:a1:95:a0:
6b:64:a0:90:22:a9:1f:a9:aa:6c:dd:e0:6d:99:e0:
f6:6e:d0:17:22:b8:fe:04:f7:a5:72:8c:e1:f5:dd:
e6:ee:97:ac:7e:42:ce:94:56:10:0c:4b:f0:ee:e0:
1d:f0:ad:45:53:41:84:2c:28:2f:6e:5f:c3:36:6c:
53:6b:03:67:6d:01:3d:46:ba:7a:a6:bc:3b:26:c0:
83:83:37:b0:b6:87:be:10:f1:2c:be:84:cf:3c:d6:
82:40:07:0d:4a:a6:8a:24:a4:ec:b3:45:80:ff:26:
9f:ca:02:b3:02:dc:2c:12:94:d3:33:3f:55:c6:8f:
b9:a7:9a:b5:4e:7e:c5:51:fc:62:bc:ed:74:d2:26:
23:13:60:a4:45:4a:8a:d0:a8:12:3c:dd:ac:73:c3:
db:57:5b:b8:18:73:7b:6d:b2:38:2b:22:7c:0b:7b:
3c:38:39:5e:83:c7:5a:6b:62:16:cb:48:e1:b5:38:
c7:4d:b2:fe:74:77:de:3b:9b:27:77:79:b7:52:ff:
cf:17:12:0c:ce:9d:10:32:55:61:83:17:19:38:c2:
eb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D5:F3:7F:43:83:B8:4E:34:BC:99:C1:D6:0A:04:51:D3:E3:20:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD561C58C36711EFAD6A96B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.55.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:ba:b6:c7:b0:0b:2f:3c:98:dd:1f:72:d8:cb:29:85:18:b3:
6a:b9:a8:a1:be:48:0f:ad:bb:d6:93:f9:9d:2e:83:e5:52:08:
a8:80:76:93:2c:80:da:2f:52:dd:08:fb:d5:ad:ae:33:a4:f8:
a5:d4:89:b0:b1:46:78:51:f5:eb:78:24:c3:d1:61:e2:53:7a:
f6:36:36:54:55:e9:f3:0e:2a:9c:86:65:2d:d5:ca:eb:e0:a7:
a4:42:57:c8:8e:2d:16:97:b3:48:bc:7b:a5:c3:2f:fd:d8:bb:
b6:d1:2c:0a:8e:9b:ad:d4:f9:26:db:8e:31:2b:54:03:bc:01:
9b:d7:77:1a:b6:f7:11:17:a9:7e:46:35:98:f0:ad:6f:b1:92:
18:0d:a0:20:bc:39:19:a0:bc:82:df:0f:51:17:ca:02:c9:0a:
10:02:8d:fa:d8:70:39:e3:dd:75:ea:7b:d7:d5:db:85:9b:6c:
c8:66:d8:d8:c1:42:b3:81:de:3f:de:d7:3b:78:55:8f:a5:0b:
48:0c:c3:29:8b:3f:61:f7:c6:40:69:9b:5e:c6:84:43:ee:e1:
37:94:54:17:66:9c:80:f2:78:98:6c:8b:06:72:c4:c1:ef:21:
a8:45:76:5a:84:ab:f7:a0:72:6f:d1:18:2c:1f:2b:bc:78:e7:
5f:03:fb:97
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASbIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDkwMDAzWhcNMjcxMjEyMDkwMDAzWjAYMRYw
FAYDVQQDEw02NzZkMWIxNy1iY2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtDnIHBB9jg1jxIWbu1QQ+U94unkR7eTqvEY2tC9/4JuY2UzmLeImPtyh
laBrZKCQIqkfqaps3eBtmeD2btAXIrj+BPelcozh9d3m7pesfkLOlFYQDEvw7uAd
8K1FU0GELCgvbl/DNmxTawNnbQE9Rrp6prw7JsCDgzewtoe+EPEsvoTPPNaCQAcN
SqaKJKTss0WA/yafygKzAtwsEpTTMz9Vxo+5p5q1Tn7FUfxivO100iYjE2CkRUqK
0KgSPN2sc8PbV1u4GHN7bbI4KyJ8C3s8ODleg8daa2IWy0jhtTjHTbL+dHfeO5sn
d3m3Uv/PFxIMzp0QMlVhgxcZOMLrPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCLV
839Dg7hONLyZwdYKBFHT4yCtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDU2MUM1OEMzNjcxMUVGQUQ2QTk2QjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml43MA0GCSqGSIb3DQEB
CwUAA4IBAQDNurbHsAsvPJjdH3LYyymFGLNquaihvkgPrbvWk/mdLoPlUgiogHaT
LIDaL1LdCPvVra4zpPil1ImwsUZ4UfXreCTD0WHiU3r2NjZUVenzDiqchmUt1crr
4KekQlfIji0Wl7NIvHulwy/92Lu20SwKjput1Pkm244xK1QDvAGb13catvcRF6l+
RjWY8K1vsZIYDaAgvDkZoLyC3w9RF8oCyQoQAo362HA549116nvX1duFm2zIZtjY
wUKzgd4/3tc7eFWPpQtIDMMpiz9h98ZAaZtexoRD7uE3lFQXZpyA8niYbIsGcsTB
7yGoRXZahKv3oHJv0RgsHyu8eOdfA/uX
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:57 2025 by rpki-client