Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2D3C994C53511EF8834BAA2762E951A.roa
File: D2D3C994C53511EF8834BAA2762E951A.roa (raw, json)
Hash identifier: yJF5GXXU2v3gYGxRcDm9IhH7zXzo8QP2qKLYN75T/j8=
Subject key identifier: BD:74:9A:CD:D0:B0:D5:2B:6B:62:83:F6:38:BE:E4:93:76:AF:D6:05
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012C15
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2D3C994C53511EF8834BAA2762E951A.roa
Signing time: Sat 28 Dec 2024 16:07:23 +0000
ROA not before: Sat 28 Dec 2024 16:07:20 +0000
ROA not after: Sun 12 Dec 2027 16:07:20 +0000
asID: 17561
IP address blocks: 154.204.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76821 (0x12c15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 16:07:20 2024 GMT
Not After : Dec 12 16:07:20 2027 GMT
Subject: CN=6770223b-713c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c1:b7:1f:78:8a:a4:29:a0:60:86:13:94:6f:
95:fd:8f:bf:e8:f1:7f:6b:1e:7c:bf:da:34:ca:96:
37:ce:42:15:06:4d:2e:bf:ac:ff:c3:d1:fe:69:1c:
4b:3d:0e:bf:00:e9:14:d3:70:23:a0:77:55:da:14:
12:a7:7e:21:84:ca:8e:a5:a4:d7:11:92:47:18:9b:
4d:db:47:17:02:55:2c:42:b8:56:cf:c7:33:2a:fa:
9b:b7:3c:88:ee:f0:55:cc:d6:aa:7f:a1:62:88:3e:
e3:11:7e:ac:6e:ec:00:1c:b7:a2:8b:0e:a6:44:2c:
90:29:e3:b6:b7:da:59:fa:12:45:cb:ac:cb:a5:8d:
18:cc:5e:e6:e0:ba:e0:8e:5c:99:6b:e2:20:11:4d:
43:a3:c0:70:93:6d:34:af:bb:f2:5b:3c:71:31:1c:
e8:fd:4a:27:96:fe:51:83:7e:12:6b:3e:07:2b:10:
8a:b2:86:78:24:76:69:0c:c7:b0:5c:02:66:e9:a7:
fa:41:6d:91:5b:6d:47:5a:43:84:dc:8d:5a:52:79:
b2:10:f7:fd:8c:66:0b:f1:85:32:ae:c4:4f:3b:fa:
bd:78:6a:8c:76:d5:bc:61:dc:84:2e:85:f7:04:7e:
44:7b:e7:c3:38:95:05:0f:98:c5:9b:13:14:3f:5a:
d7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:74:9A:CD:D0:B0:D5:2B:6B:62:83:F6:38:BE:E4:93:76:AF:D6:05
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2D3C994C53511EF8834BAA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.115.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:ee:2e:e0:2f:a2:c8:17:11:32:a7:cf:75:b9:a6:c0:e3:08:
4a:48:f5:c2:9f:3c:dc:48:ef:68:ea:e0:1d:9d:30:6a:0b:49:
d6:c8:52:05:5c:1e:96:2a:45:20:5c:72:af:d2:56:4e:e4:7b:
1e:11:f1:0d:39:e8:96:b2:19:97:d2:16:2c:78:78:0d:3d:87:
d9:47:62:a6:d1:92:36:8c:85:0e:5e:94:63:14:25:2c:c7:16:
45:37:9b:03:63:78:61:c5:f0:40:7b:19:bc:51:ba:f3:81:e2:
e9:0b:47:7e:c5:c0:82:ce:9f:a7:13:cd:6c:be:c8:0b:47:78:
94:44:26:d1:a0:80:37:29:fd:d1:49:6d:57:f9:dd:e9:ce:60:
1d:7e:f7:6f:ec:99:fa:07:48:a6:a0:ef:d9:47:5c:8b:b1:e6:
34:b0:ae:0d:89:94:2e:8d:0d:84:7c:89:89:0f:f1:ba:74:53:
06:5f:21:51:20:a5:09:a8:eb:f9:29:11:c2:37:3d:5c:70:fb:
57:cb:a1:80:5e:61:40:9e:2c:46:88:07:67:39:d5:ed:84:57:
46:3a:21:6c:e6:a9:78:ee:45:d6:ea:1a:83:a8:1e:0f:13:2f:
d8:9e:b2:c3:67:e1:50:41:2c:4e:7f:b2:08:d0:47:49:c3:a8:
3a:37:bf:c1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASwVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTYwNzIwWhcNMjcxMjEyMTYwNzIwWjAYMRYw
FAYDVQQDEw02NzcwMjIzYi03MTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxsG3H3iKpCmgYIYTlG+V/Y+/6PF/ax58v9o0ypY3zkIVBk0uv6z/w9H+
aRxLPQ6/AOkU03AjoHdV2hQSp34hhMqOpaTXEZJHGJtN20cXAlUsQrhWz8czKvqb
tzyI7vBVzNaqf6FiiD7jEX6sbuwAHLeiiw6mRCyQKeO2t9pZ+hJFy6zLpY0YzF7m
4LrgjlyZa+IgEU1Do8Bwk200r7vyWzxxMRzo/Uonlv5Rg34Saz4HKxCKsoZ4JHZp
DMewXAJm6af6QW2RW21HWkOE3I1aUnmyEPf9jGYL8YUyrsRPO/q9eGqMdtW8YdyE
LoX3BH5Ee+fDOJUFD5jFmxMUP1rXewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL10
ms3QsNUra2KD9ji+5JN2r9YFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMkQzQzk5NEM1MzUxMUVGODgzNEJBQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsxzMA0GCSqGSIb3DQEB
CwUAA4IBAQC67i7gL6LIFxEyp891uabA4whKSPXCnzzcSO9o6uAdnTBqC0nWyFIF
XB6WKkUgXHKv0lZO5HseEfENOeiWshmX0hYseHgNPYfZR2Km0ZI2jIUOXpRjFCUs
xxZFN5sDY3hhxfBAexm8UbrzgeLpC0d+xcCCzp+nE81svsgLR3iURCbRoIA3Kf3R
SW1X+d3pzmAdfvdv7Jn6B0imoO/ZR1yLseY0sK4NiZQujQ2EfImJD/G6dFMGXyFR
IKUJqOv5KRHCNz1ccPtXy6GAXmFAnixGiAdnOdXthFdGOiFs5ql47kXW6hqDqB4P
Ey/YnrLDZ+FQQSxOf7II0EdJw6g6N7/B
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:02 2025 by rpki-client