Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3972660C1A611EFAB7F7B80762E951A.roa
File: D3972660C1A611EFAB7F7B80762E951A.roa (raw, json)
Hash identifier: t0XWKfbNjdysNoNDef2NU+tSf6rrmvMlJdMltV5o26Y=
Subject key identifier: 6B:34:5E:D3:96:49:32:8B:46:55:FB:00:69:FD:6B:32:AB:8E:CE:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0120F9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3972660C1A611EFAB7F7B80762E951A.roa
Signing time: Tue 24 Dec 2024 03:26:13 +0000
ROA not before: Tue 24 Dec 2024 03:26:09 +0000
ROA not after: Wed 10 Dec 2025 03:26:09 +0000
asID: 984
IP address blocks: 154.92.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73977 (0x120f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 03:26:09 2024 GMT
Not After : Dec 10 03:26:09 2025 GMT
Subject: CN=676a29d5-163f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:31:e7:4b:ff:a9:42:9f:f3:4b:4e:68:d7:ef:
fa:73:a5:c1:ec:fe:6b:31:ef:f1:6e:2e:6d:75:8f:
e1:f6:a1:1f:17:03:79:e6:3d:94:9c:51:65:bd:fd:
57:55:52:e6:14:0e:68:6c:be:d0:f7:bd:34:29:29:
65:d7:60:e8:bf:cf:9f:a8:d2:d0:50:c4:4a:06:8b:
65:72:2c:a5:29:fa:13:38:94:bc:db:fc:5d:99:21:
52:67:b5:78:13:0f:d7:d7:4b:a3:01:57:8b:3a:ac:
73:1b:ab:e9:f0:99:d5:66:4d:11:36:86:fd:1b:9b:
10:60:8d:17:da:c3:37:e8:27:4c:11:b4:fa:79:9b:
db:b4:6b:ac:b7:a5:96:9a:2d:75:b0:3a:7c:57:f1:
14:e1:79:e2:e5:cd:44:73:7e:15:f0:4e:56:d5:4a:
7c:3c:b9:2c:c7:58:00:b9:fc:4f:5d:38:42:70:b9:
43:47:1b:a2:2b:b1:2e:75:20:37:57:d7:76:7e:4c:
dd:10:2c:70:aa:a3:10:db:5d:1b:97:7a:4a:43:78:
e2:7d:75:1d:7d:50:4d:49:f9:89:09:fd:b8:ac:ba:
ce:4c:f6:c0:d7:bf:24:fb:36:35:d1:08:65:36:34:
99:2b:f2:9f:e1:8a:77:3f:5b:3c:c0:ff:3f:54:b7:
31:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:34:5E:D3:96:49:32:8B:46:55:FB:00:69:FD:6B:32:AB:8E:CE:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3972660C1A611EFAB7F7B80762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.196.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:79:a0:23:94:74:df:24:ab:83:7d:99:61:68:1c:c3:2f:26:
b2:f8:f4:40:66:3a:77:c6:b8:34:7f:30:96:b5:7f:7c:f9:e7:
9a:c0:96:8d:bb:bc:69:e2:94:8c:34:3f:0a:c8:21:3e:d9:55:
05:93:8c:8c:bf:29:e6:cb:aa:c1:d8:ea:7f:e6:af:f1:1b:f3:
53:2d:44:71:ef:a8:04:59:85:67:d1:ee:3f:11:28:6b:08:61:
4b:36:c3:f9:fe:9a:98:5d:d6:43:e6:b9:bc:f0:b2:2a:7b:55:
b9:ad:fa:3f:9d:ab:eb:86:06:1f:67:d0:8d:f8:a1:f4:2a:c1:
d2:83:b0:00:5a:36:c5:3b:1c:ec:d7:e2:87:2f:e5:da:63:40:
bf:14:cf:e4:fb:82:a0:82:27:bc:e0:4e:6b:cc:db:ae:7e:5e:
62:0f:7b:65:9f:ee:78:b3:3f:6b:75:6b:1d:9c:f4:86:1d:8f:
fb:81:c3:66:f9:88:34:cb:f2:08:24:d8:bd:f8:3b:99:4c:c4:
b6:5c:9d:2a:ed:68:3d:40:20:00:d6:4c:07:38:89:0d:fc:bd:
19:ba:88:04:6e:fb:f8:37:06:a6:40:22:13:86:45:71:24:0c:
2f:6e:a6:07:33:75:33:b2:1d:33:4e:69:49:f4:36:ae:67:47:
11:ce:8a:61
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASD5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDMyNjA5WhcNMjUxMjEwMDMyNjA5WjAYMRYw
FAYDVQQDEw02NzZhMjlkNS0xNjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsjHnS/+pQp/zS05o1+/6c6XB7P5rMe/xbi5tdY/h9qEfFwN55j2UnFFl
vf1XVVLmFA5obL7Q9700KSll12Dov8+fqNLQUMRKBotlciylKfoTOJS82/xdmSFS
Z7V4Ew/X10ujAVeLOqxzG6vp8JnVZk0RNob9G5sQYI0X2sM36CdMEbT6eZvbtGus
t6WWmi11sDp8V/EU4Xni5c1Ec34V8E5W1Up8PLksx1gAufxPXThCcLlDRxuiK7Eu
dSA3V9d2fkzdECxwqqMQ210bl3pKQ3jifXUdfVBNSfmJCf24rLrOTPbA178k+zY1
0QhlNjSZK/Kf4Yp3P1s8wP8/VLcxVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGs0
XtOWSTKLRlX7AGn9azKrjs4PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzk3MjY2MEMxQTYxMUVGQUI3RjdCODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlzEMA0GCSqGSIb3DQEB
CwUAA4IBAQAseaAjlHTfJKuDfZlhaBzDLyay+PRAZjp3xrg0fzCWtX98+eeawJaN
u7xp4pSMND8KyCE+2VUFk4yMvynmy6rB2Op/5q/xG/NTLURx76gEWYVn0e4/EShr
CGFLNsP5/pqYXdZD5rm88LIqe1W5rfo/navrhgYfZ9CN+KH0KsHSg7AAWjbFOxzs
1+KHL+XaY0C/FM/k+4Kggie84E5rzNuufl5iD3tln+54sz9rdWsdnPSGHY/7gcNm
+Yg0y/IIJNi9+DuZTMS2XJ0q7Wg9QCAA1kwHOIkN/L0ZuogEbvv4NwamQCIThkVx
JAwvbqYHM3Uzsh0zTmlJ9DauZ0cRzoph
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:11 2025 by rpki-client