Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D26B8FD0BE9311EFB93FBDA1762E951A.roa
File: D26B8FD0BE9311EFB93FBDA1762E951A.roa (raw, json)
Hash identifier: 2qArukmg2/DstRqTjdyc+x/ipmSllfGae9iUG+wLOys=
Subject key identifier: F0:C3:F1:F0:F3:6A:D4:F2:52:BF:86:7B:1F:8F:20:81:F9:E2:62:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011C32
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D26B8FD0BE9311EFB93FBDA1762E951A.roa
Signing time: Fri 20 Dec 2024 05:32:37 +0000
ROA not before: Fri 20 Dec 2024 05:32:33 +0000
ROA not after: Wed 10 Dec 2025 05:32:33 +0000
asID: 984
IP address blocks: 154.82.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72754 (0x11c32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 20 05:32:33 2024 GMT
Not After : Dec 10 05:32:33 2025 GMT
Subject: CN=67650175-11f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c9:ce:3c:87:b1:f3:2d:8b:69:0c:c2:c0:29:
01:9f:19:47:29:57:ed:12:c5:b7:15:3a:fb:37:cd:
b6:52:e8:e9:f1:5e:04:0a:50:75:a3:22:3d:aa:9b:
d1:97:3f:00:e4:be:68:90:b5:32:53:01:b4:a8:7a:
65:a4:80:87:96:4a:49:f1:45:88:b2:12:f3:0d:e5:
6a:61:41:24:6e:9b:b2:8d:2f:33:f5:b8:0e:3f:f9:
7a:42:8f:37:ba:62:e0:8f:99:c4:36:68:c5:4a:eb:
b8:1a:0a:2f:fe:67:d9:1c:39:8a:c6:6c:95:37:5c:
fd:cd:ab:89:03:70:32:84:08:3c:5c:20:b2:90:e3:
65:bd:1e:28:15:77:0b:75:d6:35:84:f7:8c:d6:02:
f9:fe:35:dc:aa:eb:aa:b6:11:53:fb:ba:03:ec:03:
4b:56:b3:35:1e:4b:c3:3f:1e:67:3c:c3:5a:00:b2:
94:61:ca:c7:95:b3:c2:da:5c:1b:a0:0f:fc:6b:7b:
75:3a:47:46:f2:90:4a:aa:fc:50:98:46:a2:26:10:
22:10:e6:3d:31:81:0c:6b:78:f3:a4:58:69:64:d0:
60:dd:ba:26:f7:33:60:29:2e:6f:8d:c8:e7:3e:b2:
ba:12:35:eb:bf:b2:41:7b:b4:fa:41:c3:e4:5a:3e:
a6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C3:F1:F0:F3:6A:D4:F2:52:BF:86:7B:1F:8F:20:81:F9:E2:62:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D26B8FD0BE9311EFB93FBDA1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.203.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:6a:ac:25:d4:02:0c:63:9f:02:67:8f:21:91:59:01:d4:d9:
9b:e1:ed:38:1c:fb:a7:b4:ab:56:c5:ce:c5:a0:97:d2:ee:3a:
5b:0b:ed:be:b3:8a:34:19:21:a6:11:6f:e2:f7:31:1c:b0:ca:
72:18:e0:5b:66:79:6f:cb:7e:0f:9f:fc:47:aa:ba:fe:53:5a:
e5:cf:73:d2:3d:53:4f:1c:09:81:a2:57:f1:d9:59:0f:41:2e:
a3:0b:34:70:59:35:7c:cf:46:be:b0:a0:f3:ba:7b:9b:19:82:
7e:0c:7e:92:5a:dd:23:1a:d6:c2:28:80:65:bf:f8:d9:54:2a:
94:e2:12:62:27:d2:ab:50:ec:76:7f:7e:2e:e6:d0:7c:84:de:
1d:b8:19:d8:76:8b:e2:98:32:7b:86:d0:b9:d5:77:97:7d:8c:
35:7a:20:62:e2:30:22:55:82:4e:00:7e:51:e5:84:24:6f:41:
df:65:7d:05:5f:09:fc:b0:3f:81:eb:82:15:aa:c3:02:02:e7:
78:bc:a1:12:1a:6a:79:63:ba:67:cc:2e:f8:00:09:02:61:27:
67:a7:62:73:99:fd:5b:1b:2b:6b:8f:37:af:6d:a1:d7:f7:39:
c8:3c:14:d6:b3:dd:f0:58:4a:2e:20:2e:e6:9f:d2:ed:b2:18:
e3:0b:e2:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARwyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMDUzMjMzWhcNMjUxMjEwMDUzMjMzWjAYMRYw
FAYDVQQDEw02NzY1MDE3NS0xMWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4MnOPIex8y2LaQzCwCkBnxlHKVftEsW3FTr7N822Uujp8V4EClB1oyI9
qpvRlz8A5L5okLUyUwG0qHplpICHlkpJ8UWIshLzDeVqYUEkbpuyjS8z9bgOP/l6
Qo83umLgj5nENmjFSuu4Ggov/mfZHDmKxmyVN1z9zauJA3AyhAg8XCCykONlvR4o
FXcLddY1hPeM1gL5/jXcquuqthFT+7oD7ANLVrM1HkvDPx5nPMNaALKUYcrHlbPC
2lwboA/8a3t1OkdG8pBKqvxQmEaiJhAiEOY9MYEMa3jzpFhpZNBg3bom9zNgKS5v
jcjnPrK6EjXrv7JBe7T6QcPkWj6mHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPDD
8fDzatTyUr+Gex+PIIH54mKDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMjZCOEZEMEJFOTMxMUVGQjkzRkJEQTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLLMA0GCSqGSIb3DQEB
CwUAA4IBAQBraqwl1AIMY58CZ48hkVkB1Nmb4e04HPuntKtWxc7FoJfS7jpbC+2+
s4o0GSGmEW/i9zEcsMpyGOBbZnlvy34Pn/xHqrr+U1rlz3PSPVNPHAmBolfx2VkP
QS6jCzRwWTV8z0a+sKDzunubGYJ+DH6SWt0jGtbCKIBlv/jZVCqU4hJiJ9KrUOx2
f34u5tB8hN4duBnYdovimDJ7htC51XeXfYw1eiBi4jAiVYJOAH5R5YQkb0HfZX0F
Xwn8sD+B64IVqsMCAud4vKESGmp5Y7pnzC74AAkCYSdnp2Jzmf1bGytrjzevbaHX
9znIPBTWs93wWEouIC7mn9LtshjjC+IA
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:23 2025 by rpki-client