Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D385C1ECC0CD11EFB2C40995762E951A.roa
File: D385C1ECC0CD11EFB2C40995762E951A.roa (raw, json)
Hash identifier: tvHczZQd3UxMAvtQNWkkZVSzs+hmMScAdCDUNeEknVc=
Subject key identifier: 68:A8:8D:0A:E8:16:EF:90:76:71:A2:42:BF:07:65:46:49:41:CB:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E1E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D385C1ECC0CD11EFB2C40995762E951A.roa
Signing time: Mon 23 Dec 2024 01:32:52 +0000
ROA not before: Mon 23 Dec 2024 01:32:49 +0000
ROA not after: Fri 10 Dec 2027 01:32:49 +0000
asID: 17561
IP address blocks: 154.83.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73246 (0x11e1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 01:32:49 2024 GMT
Not After : Dec 10 01:32:49 2027 GMT
Subject: CN=6768bdc4-4e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ed:b0:47:4e:03:77:f2:53:b4:91:70:3e:a5:
4b:7f:b9:6b:a0:ea:0a:bd:b4:b7:1e:1d:3c:49:90:
89:e4:21:12:f6:f7:fc:49:1c:7e:8e:db:c2:2b:86:
9d:5f:00:21:36:17:e6:7d:2c:31:2d:45:3a:bc:7f:
d2:7d:0b:83:48:28:e9:3a:fd:2b:75:6a:5f:aa:02:
bd:e5:ea:e0:3c:f7:07:cd:70:f6:22:fe:01:b1:15:
eb:6a:b5:18:a7:c9:20:f4:a2:87:43:06:3a:ee:dc:
ee:e6:21:b2:2d:65:fb:d8:da:92:67:c3:ba:ff:94:
27:50:8c:ba:77:f5:59:09:54:0b:86:06:b9:1f:f6:
c7:78:04:5d:cc:97:27:ca:6c:23:a6:31:03:54:bf:
e3:44:4e:6a:86:c7:64:ca:6d:4b:75:7f:d7:55:eb:
d1:48:50:be:d4:43:62:01:1d:35:36:32:3c:59:e8:
a7:0d:b6:d4:53:e7:27:cc:1f:5c:63:86:9d:5f:52:
08:64:83:e4:e6:fc:a7:62:64:df:7d:fc:a4:0b:5e:
40:06:16:f7:6f:5b:28:11:b8:6d:d5:fa:db:3b:de:
72:f0:0f:37:1d:64:8f:5f:4c:d1:0d:1c:ab:fb:40:
1f:dc:8d:65:0d:0d:ee:ac:46:ef:de:d4:60:e6:7c:
13:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A8:8D:0A:E8:16:EF:90:76:71:A2:42:BF:07:65:46:49:41:CB:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D385C1ECC0CD11EFB2C40995762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.73.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:c6:55:c4:03:70:89:8a:c2:ad:34:50:4c:b7:22:7a:f2:e1:
f0:bc:37:64:6e:44:33:b2:9f:85:3f:ab:c1:a0:3d:05:11:47:
c1:2d:f9:1d:41:ba:2a:f7:6c:5e:a1:38:77:87:08:dd:fd:82:
9a:e8:81:a1:5c:11:a4:56:ab:ee:af:c6:85:08:95:b0:88:dd:
36:41:50:f7:65:6d:85:f6:5f:54:e9:26:f0:9b:e0:66:3a:18:
81:e6:86:00:ff:bc:3a:c3:71:8c:75:f4:e0:50:0a:2e:36:17:
80:3e:b7:2d:f4:5f:1d:34:9d:20:dd:32:ac:fe:1a:50:4b:70:
27:65:64:5d:19:97:f5:0b:96:a9:04:72:ed:2f:b5:e7:14:e2:
bf:08:28:9c:cd:19:b3:9f:bf:f2:16:d9:55:3c:8f:4a:b7:60:
9b:b1:51:63:f3:91:18:32:77:50:92:09:a7:96:07:1c:6f:b9:
5b:a7:d0:48:ce:44:66:61:c7:7a:05:36:64:54:a0:e2:3b:42:
5f:f2:74:eb:bc:e7:60:73:b7:68:23:11:2f:51:fc:6f:7f:40:
98:32:38:d6:56:f8:44:6b:b6:57:74:4c:98:43:75:ce:b9:4b:
d9:ff:0a:80:69:0b:57:d6:82:e0:3c:e1:25:3b:e4:81:9f:c0:
06:4b:01:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR4eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDEzMjQ5WhcNMjcxMjEwMDEzMjQ5WjAYMRYw
FAYDVQQDEw02NzY4YmRjNC00ZTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv+2wR04Dd/JTtJFwPqVLf7lroOoKvbS3Hh08SZCJ5CES9vf8SRx+jtvC
K4adXwAhNhfmfSwxLUU6vH/SfQuDSCjpOv0rdWpfqgK95ergPPcHzXD2Iv4BsRXr
arUYp8kg9KKHQwY67tzu5iGyLWX72NqSZ8O6/5QnUIy6d/VZCVQLhga5H/bHeARd
zJcnymwjpjEDVL/jRE5qhsdkym1LdX/XVevRSFC+1ENiAR01NjI8WeinDbbUU+cn
zB9cY4adX1IIZIPk5vynYmTfffykC15ABhb3b1soEbht1frbO95y8A83HWSPX0zR
DRyr+0Af3I1lDQ3urEbv3tRg5nwTTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGio
jQroFu+QdnGiQr8HZUZJQcuPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzg1QzFFQ0MwQ0QxMUVGQjJDNDA5OTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlNJMA0GCSqGSIb3DQEB
CwUAA4IBAQCOxlXEA3CJisKtNFBMtyJ68uHwvDdkbkQzsp+FP6vBoD0FEUfBLfkd
Qboq92xeoTh3hwjd/YKa6IGhXBGkVqvur8aFCJWwiN02QVD3ZW2F9l9U6Sbwm+Bm
OhiB5oYA/7w6w3GMdfTgUAouNheAPrct9F8dNJ0g3TKs/hpQS3AnZWRdGZf1C5ap
BHLtL7XnFOK/CCiczRmzn7/yFtlVPI9Kt2CbsVFj85EYMndQkgmnlgccb7lbp9BI
zkRmYcd6BTZkVKDiO0Jf8nTrvOdgc7doIxEvUfxvf0CYMjjWVvhEa7ZXdEyYQ3XO
uUvZ/wqAaQtX1oLgPOElO+SBn8AGSwHi
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:13:04 2025 by rpki-client