Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDB1C402C5DA11EF89742CBC762E951A.roa
File: CDB1C402C5DA11EF89742CBC762E951A.roa (raw, json)
Hash identifier: 4GSL2wSjjmHAW96UGinWvVpctbWWGnuEK7XG8eFVP5U=
Subject key identifier: D3:6A:5B:88:6D:D2:D9:6A:A6:8C:D3:06:37:ED:50:03:0C:60:1B:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D16
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDB1C402C5DA11EF89742CBC762E951A.roa
Signing time: Sun 29 Dec 2024 11:48:22 +0000
ROA not before: Sun 29 Dec 2024 11:48:18 +0000
ROA not after: Fri 12 Dec 2025 11:48:18 +0000
asID: 984
IP address blocks: 154.210.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77078 (0x12d16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 11:48:18 2024 GMT
Not After : Dec 12 11:48:18 2025 GMT
Subject: CN=67713706-4aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fe:e9:46:bf:2c:7b:06:a8:7b:db:a0:22:77:
e2:dc:96:db:09:20:9e:c6:7a:56:9a:f0:8f:be:3e:
8b:96:92:ac:cd:85:fb:5f:09:ac:c6:7c:cf:24:63:
e9:0c:e2:15:77:a0:05:44:3c:10:64:6b:bd:ef:72:
ed:2c:f0:89:16:34:3e:55:6a:1d:40:68:a0:bf:ee:
f6:a9:c8:0e:4c:04:b4:97:7b:70:20:ec:78:56:fa:
ee:5b:79:71:61:e4:ca:e5:25:55:d1:84:33:09:b8:
71:03:16:91:59:12:e3:9d:b1:93:34:48:2e:33:8c:
cc:32:06:3e:c8:28:b2:ca:54:5d:af:49:cb:da:90:
ca:86:f4:23:b4:42:e2:d4:71:64:d8:0d:4f:db:fa:
b3:0c:14:ff:56:9a:40:1f:dc:36:78:3c:d1:b1:d7:
3d:2d:e6:75:41:a1:14:05:f7:ae:e0:18:03:1a:17:
6b:02:81:19:d9:ba:84:70:ca:2b:62:ba:47:19:f8:
25:50:d4:71:cb:f7:d0:58:52:02:06:21:50:59:10:
83:76:3c:2b:87:50:ac:55:44:5c:bd:de:57:d1:0f:
b4:1d:f3:26:95:75:6f:da:85:e3:fc:b2:09:f3:55:
9b:d2:c0:d6:a0:11:c0:f3:1f:c6:94:7b:39:9e:6d:
a4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:6A:5B:88:6D:D2:D9:6A:A6:8C:D3:06:37:ED:50:03:0C:60:1B:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDB1C402C5DA11EF89742CBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.73.0/24
Signature Algorithm: sha256WithRSAEncryption
03:5e:e3:31:4f:d2:84:af:cb:c0:22:49:f1:06:57:4f:6e:e4:
58:b4:33:22:2b:fc:a7:da:f7:11:de:ef:5c:d8:74:cd:2d:b1:
61:d5:69:2f:48:f6:e6:b0:25:b0:fa:e3:58:fb:ce:11:98:42:
a5:27:7b:5e:48:5d:b3:ff:38:3c:fe:e9:30:88:68:6b:c2:09:
1f:6b:10:78:f5:0d:35:f2:8e:27:ab:ae:f5:25:e0:c5:b3:0b:
1d:5c:f9:f8:5d:47:53:e5:0e:bc:fa:8b:d8:d9:d6:1e:9a:1f:
65:f4:94:8f:48:78:5a:ff:61:0b:f5:cd:a4:06:6e:b4:db:0d:
d5:05:bb:47:76:96:10:60:89:80:58:35:1e:9f:fa:bf:8c:2d:
77:6e:a4:02:03:80:00:7d:43:6f:eb:80:d2:f4:b2:ef:3e:13:
a7:40:10:b6:df:27:d9:3c:a9:3c:95:5f:97:6f:ee:6d:2a:cf:
1d:28:36:25:c0:77:b8:7c:ea:63:b8:8b:fe:fd:2d:10:08:fd:
b7:fb:62:82:77:60:bd:dd:65:ae:83:0e:42:aa:fe:1b:bc:eb:
dc:5f:89:be:9a:29:fe:ac:bd:38:18:b6:b2:76:7f:5d:cb:29:
c3:9a:39:6c:de:fe:8c:19:0d:1c:83:f5:e2:50:18:b7:16:47:
4f:96:9e:6b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS0WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTE0ODE4WhcNMjUxMjEyMTE0ODE4WjAYMRYw
FAYDVQQDEw02NzcxMzcwNi00YWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu/7pRr8sewaoe9ugInfi3JbbCSCexnpWmvCPvj6LlpKszYX7XwmsxnzP
JGPpDOIVd6AFRDwQZGu973LtLPCJFjQ+VWodQGigv+72qcgOTAS0l3twIOx4Vvru
W3lxYeTK5SVV0YQzCbhxAxaRWRLjnbGTNEguM4zMMgY+yCiyylRdr0nL2pDKhvQj
tELi1HFk2A1P2/qzDBT/VppAH9w2eDzRsdc9LeZ1QaEUBfeu4BgDGhdrAoEZ2bqE
cMorYrpHGfglUNRxy/fQWFICBiFQWRCDdjwrh1CsVURcvd5X0Q+0HfMmlXVv2oXj
/LIJ81Wb0sDWoBHA8x/GlHs5nm2kjwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNNq
W4ht0tlqpozTBjftUAMMYBt9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DREIxQzQwMkM1REExMUVGODk3NDJDQkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJJMA0GCSqGSIb3DQEB
CwUAA4IBAQADXuMxT9KEr8vAIknxBldPbuRYtDMiK/yn2vcR3u9c2HTNLbFh1Wkv
SPbmsCWw+uNY+84RmEKlJ3teSF2z/zg8/ukwiGhrwgkfaxB49Q018o4nq671JeDF
swsdXPn4XUdT5Q68+ovY2dYemh9l9JSPSHha/2EL9c2kBm602w3VBbtHdpYQYImA
WDUen/q/jC13bqQCA4AAfUNv64DS9LLvPhOnQBC23yfZPKk8lV+Xb+5tKs8dKDYl
wHe4fOpjuIv+/S0QCP23+2KCd2C93WWugw5Cqv4bvOvcX4m+min+rL04GLaydn9d
yynDmjls3v6MGQ0cg/XiUBi3FkdPlp5r
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:48:58 2025 by rpki-client