Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1830B02C52D11EFA6C93B73762E951A.roa
File: D1830B02C52D11EFA6C93B73762E951A.roa (raw, json)
Hash identifier: D1ak3FPw8m2oU0V8yOeKYyuTawtQElJFY5Ej2ZbqHtw=
Subject key identifier: 0C:6D:F5:E4:C7:DB:DE:CE:7D:14:6A:AB:25:69:98:2A:F3:FC:45:F3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012BCF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1830B02C52D11EFA6C93B73762E951A.roa
Signing time: Sat 28 Dec 2024 15:10:05 +0000
ROA not before: Sat 28 Dec 2024 15:10:01 +0000
ROA not after: Fri 12 Dec 2025 15:10:01 +0000
asID: 984
IP address blocks: 154.204.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76751 (0x12bcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 15:10:01 2024 GMT
Not After : Dec 12 15:10:01 2025 GMT
Subject: CN=677014cd-3d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:06:45:13:89:07:21:64:c4:7c:bd:f5:7c:
e5:6f:9f:f9:62:e1:c1:a8:59:89:9e:b5:ad:26:8a:
91:39:4a:34:1a:17:e3:dc:d1:a0:0c:c3:e9:b7:42:
29:8d:38:05:95:6a:39:1f:cf:2a:0d:78:d1:34:c8:
4f:15:5e:06:ad:21:c8:95:7f:92:f8:a4:1f:58:ea:
52:a2:ae:a2:e8:11:18:f7:a4:83:74:93:f3:6f:39:
46:c5:e2:0b:6f:12:c9:3f:c8:49:07:5b:00:68:c7:
b6:0d:b5:d6:15:15:0f:4d:ae:54:63:42:e0:90:d8:
d7:84:f4:f0:ed:fe:1d:39:35:c6:28:0a:9f:12:4e:
fd:11:68:ba:97:9b:d3:95:94:bf:2f:b0:fe:09:68:
8f:6b:aa:b0:79:30:11:5f:bc:44:7d:a1:3d:89:82:
bd:80:35:be:6f:ca:c3:06:e8:19:13:d8:a2:6f:d3:
62:bb:de:f5:38:a0:2f:c1:99:22:29:83:df:de:24:
99:3c:b3:07:c8:53:21:c8:8a:d1:d1:50:98:d9:52:
d0:e4:3b:37:d0:7f:df:9a:fc:97:ba:e4:e2:94:43:
38:f9:93:e2:14:c9:07:ed:1a:3f:3c:8e:a5:86:9a:
e0:95:1e:7b:42:b9:d9:f2:73:6f:38:60:f3:f9:33:
b9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:6D:F5:E4:C7:DB:DE:CE:7D:14:6A:AB:25:69:98:2A:F3:FC:45:F3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1830B02C52D11EFA6C93B73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.80.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:d8:d8:b0:cd:4b:1c:48:64:a9:6c:ec:10:18:bf:df:19:58:
c8:e6:b1:16:90:da:d5:92:2e:cc:90:55:ee:68:2f:30:da:aa:
45:3a:76:23:0c:4e:29:26:2c:f7:97:9b:d8:53:03:39:e3:e7:
93:1d:20:5e:9b:d5:21:99:83:c8:1d:c6:da:f6:ed:71:1c:ca:
e5:93:c9:87:32:ae:91:07:04:98:66:c4:29:c9:a7:b7:cd:45:
c9:65:d3:89:ff:a8:2f:d3:7a:82:9e:18:4b:29:e1:80:1a:a2:
51:98:09:08:86:bf:db:92:27:9f:34:1d:07:03:d6:c0:34:51:
02:fa:de:12:2c:48:be:92:48:6c:19:50:99:53:36:f2:32:b9:
85:d8:be:9d:6c:35:cc:e7:ee:d0:3e:d2:1b:f7:8e:20:e8:80:
22:8e:f7:5f:1c:1a:95:16:48:6a:2b:be:32:6c:20:53:47:d9:
81:15:f0:51:4a:33:18:51:ab:83:e9:4e:af:9d:08:51:29:9e:
61:ae:a0:2f:f5:69:c6:b3:a3:54:27:0a:7a:b9:70:88:ef:0a:
06:98:c1:7b:28:44:c0:16:95:19:1f:6a:fd:cc:b2:c6:33:db:
54:0c:13:33:7d:fd:27:b3:9a:6d:11:8e:e2:e7:e9:e0:b4:75:
6e:06:1c:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASvPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTUxMDAxWhcNMjUxMjEyMTUxMDAxWjAYMRYw
FAYDVQQDEw02NzcwMTRjZC0zZDdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvJ0GRROJByFkxHy99Xzlb5/5YuHBqFmJnrWtJoqROUo0Ghfj3NGgDMPp
t0IpjTgFlWo5H88qDXjRNMhPFV4GrSHIlX+S+KQfWOpSoq6i6BEY96SDdJPzbzlG
xeILbxLJP8hJB1sAaMe2DbXWFRUPTa5UY0LgkNjXhPTw7f4dOTXGKAqfEk79EWi6
l5vTlZS/L7D+CWiPa6qweTARX7xEfaE9iYK9gDW+b8rDBugZE9iib9Niu971OKAv
wZkiKYPf3iSZPLMHyFMhyIrR0VCY2VLQ5Ds30H/fmvyXuuTilEM4+ZPiFMkH7Ro/
PI6lhprglR57QrnZ8nNvOGDz+TO5nwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAxt
9eTH297OfRRqqyVpmCrz/EXzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMTgzMEIwMkM1MkQxMUVGQTZDOTNCNzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsxQMA0GCSqGSIb3DQEB
CwUAA4IBAQA/2NiwzUscSGSpbOwQGL/fGVjI5rEWkNrVki7MkFXuaC8w2qpFOnYj
DE4pJiz3l5vYUwM54+eTHSBem9UhmYPIHcba9u1xHMrlk8mHMq6RBwSYZsQpyae3
zUXJZdOJ/6gv03qCnhhLKeGAGqJRmAkIhr/bkiefNB0HA9bANFEC+t4SLEi+kkhs
GVCZUzbyMrmF2L6dbDXM5+7QPtIb944g6IAijvdfHBqVFkhqK74ybCBTR9mBFfBR
SjMYUauD6U6vnQhRKZ5hrqAv9WnGs6NUJwp6uXCI7woGmMF7KETAFpUZH2r9zLLG
M9tUDBMzff0ns5ptEY7i5+ngtHVuBhzP
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:44 2025 by rpki-client