Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE336510C36A11EF8F7FA244762E951A.roa
File: CE336510C36A11EF8F7FA244762E951A.roa (raw, json)
Hash identifier: W2anoBX9BSHMbIR7gtJop2gE3ZSIvOlMvml/I041QGw=
Subject key identifier: 18:6F:AE:A9:18:CD:BF:D0:1A:E5:B3:18:84:CB:5C:DA:2E:B4:10:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0126E8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE336510C36A11EF8F7FA244762E951A.roa
Signing time: Thu 26 Dec 2024 09:21:37 +0000
ROA not before: Thu 26 Dec 2024 09:21:33 +0000
ROA not after: Sun 12 Dec 2027 09:21:33 +0000
asID: 17561
IP address blocks: 154.94.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75496 (0x126e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 09:21:33 2024 GMT
Not After : Dec 12 09:21:33 2027 GMT
Subject: CN=676d2020-d855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3e:2e:fd:b8:ca:ed:47:01:a3:ee:9b:b2:d4:
9a:53:41:cb:ba:c4:dd:28:64:6f:a9:4a:e9:e6:6b:
f5:17:16:16:8c:9b:95:15:d9:19:23:62:8a:15:d6:
04:b6:de:a8:35:a7:10:e4:b0:41:3d:d2:c6:8b:a4:
09:56:a1:6a:2f:12:ca:c8:12:58:d6:36:85:b3:95:
9c:f2:5d:e5:e6:c2:da:dc:91:96:2a:d5:6d:d9:6b:
10:aa:ed:24:06:21:ef:52:56:2e:bc:64:b9:86:58:
62:16:87:39:f7:24:f9:88:df:ac:1d:bc:a1:e4:6d:
ab:72:9e:20:d8:61:3a:29:45:ac:1c:42:13:c5:9e:
20:31:3f:01:df:df:00:fc:63:12:16:71:00:cb:ca:
8f:dc:b4:9a:9e:f8:6a:c8:d7:73:5a:ff:5c:72:4e:
8c:8f:ff:ef:d8:04:64:84:a3:8a:e4:70:ef:f3:fe:
86:b6:00:45:cd:5c:ce:e8:ca:9d:80:6c:0b:4e:d0:
c1:58:08:47:38:3a:18:49:65:7a:5e:36:13:07:8d:
78:62:7a:5d:e1:7f:fe:05:a5:0a:39:3a:67:1b:79:
fd:86:0a:38:40:93:0b:36:0a:5d:ed:3e:a9:66:c4:
23:2c:97:34:25:04:61:ae:2c:38:2e:4c:68:39:41:
56:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:6F:AE:A9:18:CD:BF:D0:1A:E5:B3:18:84:CB:5C:DA:2E:B4:10:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE336510C36A11EF8F7FA244762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.139.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:e2:e3:48:25:8c:2a:40:58:4e:e6:ae:9c:99:aa:52:63:35:
c1:1a:50:bc:09:e4:d0:1d:f1:91:a0:f1:d6:b1:a5:45:d6:76:
8c:03:ac:43:7b:3c:3f:f7:89:2b:b3:5d:19:58:f8:81:2b:cb:
69:7c:7a:ce:ac:1f:26:38:5d:c4:5a:c4:9f:dd:58:ab:83:35:
df:48:36:73:c8:2b:ed:f8:1e:5f:38:f8:5b:ad:b9:20:3a:69:
07:55:15:b5:e9:32:38:39:a3:9a:3a:51:94:6f:89:16:e5:1a:
2b:18:4b:67:2c:fe:ce:0d:dc:b8:2a:8c:e2:da:ab:45:9f:76:
b2:5e:d0:45:12:e5:e3:4d:d7:3c:ef:93:82:e1:c1:dd:d8:d3:
bb:a3:f0:a6:be:64:c7:b8:01:a4:f0:a4:08:0d:69:76:23:13:
3d:e1:af:fe:84:ff:01:07:07:c3:f7:28:6d:4a:1b:06:64:7d:
7c:e5:ea:2b:b8:2d:b5:37:6a:1d:bf:63:5c:cd:c5:6d:3f:35:
a1:99:68:96:0f:85:d8:4f:36:5b:4a:e3:eb:7c:2c:1e:1c:aa:
57:53:19:7b:2d:c4:79:1f:fd:e6:05:94:1c:bf:ee:e8:59:08:
06:9a:04:be:aa:4d:a5:22:e8:ee:1e:92:63:80:12:24:85:6e:
ef:a8:76:77
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASboMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDkyMTMzWhcNMjcxMjEyMDkyMTMzWjAYMRYw
FAYDVQQDEw02NzZkMjAyMC1kODU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4j4u/bjK7UcBo+6bstSaU0HLusTdKGRvqUrp5mv1FxYWjJuVFdkZI2KK
FdYEtt6oNacQ5LBBPdLGi6QJVqFqLxLKyBJY1jaFs5Wc8l3l5sLa3JGWKtVt2WsQ
qu0kBiHvUlYuvGS5hlhiFoc59yT5iN+sHbyh5G2rcp4g2GE6KUWsHEITxZ4gMT8B
398A/GMSFnEAy8qP3LSanvhqyNdzWv9cck6Mj//v2ARkhKOK5HDv8/6GtgBFzVzO
6MqdgGwLTtDBWAhHODoYSWV6XjYTB414Ynpd4X/+BaUKOTpnG3n9hgo4QJMLNgpd
7T6pZsQjLJc0JQRhriw4LkxoOUFWEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBhv
rqkYzb/QGuWzGITLXNoutBDqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRTMzNjUxMEMzNkExMUVGOEY3RkEyNDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml6LMA0GCSqGSIb3DQEB
CwUAA4IBAQCw4uNIJYwqQFhO5q6cmapSYzXBGlC8CeTQHfGRoPHWsaVF1naMA6xD
ezw/94krs10ZWPiBK8tpfHrOrB8mOF3EWsSf3VirgzXfSDZzyCvt+B5fOPhbrbkg
OmkHVRW16TI4OaOaOlGUb4kW5RorGEtnLP7ODdy4Kozi2qtFn3ayXtBFEuXjTdc8
75OC4cHd2NO7o/CmvmTHuAGk8KQIDWl2IxM94a/+hP8BBwfD9yhtShsGZH185eor
uC21N2odv2NczcVtPzWhmWiWD4XYTzZbSuPrfCweHKpXUxl7LcR5H/3mBZQcv+7o
WQgGmgS+qk2lIujuHpJjgBIkhW7vqHZ3
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:36 2025 by rpki-client