Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4F0EB0EC26411EF9E8032BD762E951A.roa
File: D4F0EB0EC26411EF9E8032BD762E951A.roa (raw, json)
Hash identifier: h5qLy0lHGPdg3ND98w0b1m2F34wk7jaFqJRHGeoX9VA=
Subject key identifier: 70:E8:CF:9F:44:4B:DB:D8:D6:11:64:2C:B8:97:7D:97:11:29:0C:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0123DC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4F0EB0EC26411EF9E8032BD762E951A.roa
Signing time: Wed 25 Dec 2024 02:06:20 +0000
ROA not before: Wed 25 Dec 2024 02:06:16 +0000
ROA not after: Wed 10 Dec 2025 02:06:16 +0000
asID: 984
IP address blocks: 154.199.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74716 (0x123dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 02:06:16 2024 GMT
Not After : Dec 10 02:06:16 2025 GMT
Subject: CN=676b689c-bdd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7a:aa:a6:fd:84:ae:53:d0:53:3e:11:d6:88:
86:66:8b:82:e8:15:77:9c:72:65:5b:68:2b:fa:20:
df:7e:a2:47:77:1e:e3:be:c0:f5:68:69:be:38:70:
8c:eb:56:d3:85:a5:e5:9c:ba:65:04:68:7d:00:c9:
b8:49:5a:a2:eb:99:c2:1d:65:fe:86:2d:24:ec:71:
0e:6e:0f:a9:ba:4e:e1:ef:77:1e:95:a9:78:7a:3f:
7a:9b:5d:f5:d4:42:bd:37:57:d9:21:11:b9:2a:32:
44:16:09:d6:4b:40:aa:ed:95:a5:2c:29:44:2f:22:
25:c1:0c:6c:38:76:97:48:ee:1a:27:18:cf:a7:d3:
09:47:c7:df:e9:7a:6d:ce:c3:ce:2f:5d:a3:9c:48:
d1:fa:0e:80:12:12:b7:e6:6e:ca:d3:c6:87:63:14:
6a:ab:df:8e:bd:94:46:e9:98:88:a1:ef:ab:68:fc:
81:de:27:31:ab:13:13:f7:be:46:a1:0f:39:f7:e3:
d4:fe:87:6f:95:35:8f:6a:1f:a6:8c:ba:ca:c6:64:
b1:14:de:21:2e:69:3b:a8:ce:d3:d9:97:d6:f7:12:
5f:36:2d:a9:67:03:d7:00:75:34:34:73:04:f7:3d:
77:a8:3c:5f:bf:40:c5:d4:51:32:c0:2d:bd:60:56:
58:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E8:CF:9F:44:4B:DB:D8:D6:11:64:2C:B8:97:7D:97:11:29:0C:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4F0EB0EC26411EF9E8032BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.123.0/24
Signature Algorithm: sha256WithRSAEncryption
43:74:0e:4f:cf:c1:93:a0:66:3a:ba:50:57:81:5a:84:38:4f:
81:75:35:c3:c0:c8:b5:2e:bb:05:25:d1:74:fb:7f:f6:ee:43:
4b:02:f0:79:c1:b8:57:36:15:9c:b3:12:38:ff:de:2a:f8:11:
eb:52:97:8e:b6:e8:97:e9:fc:a9:a3:0e:06:34:f6:d8:7e:03:
00:e9:86:b5:76:0c:5a:e8:49:f9:dc:aa:2e:91:e3:b6:8e:03:
94:32:f9:b9:52:eb:72:62:53:49:d7:ca:da:93:c6:fe:51:08:
57:0e:01:19:48:91:b5:02:82:81:74:d3:07:4a:7d:db:ad:2e:
14:4a:7a:7e:f7:cd:73:2f:48:a4:bd:18:58:b8:65:0e:c0:57:
32:f9:95:49:c8:bb:57:0a:ce:dc:7b:ad:74:dd:66:d7:5c:81:
92:f1:9d:1c:d2:38:62:f3:1d:2c:08:c5:5c:b1:e0:ca:fa:e1:
43:de:52:aa:5a:8f:bc:41:94:04:be:68:e2:60:1c:5c:2f:19:
8c:cb:fb:e8:fc:70:b6:1e:2c:fe:03:b9:6e:40:bd:c9:90:85:
b9:d4:2c:c2:d7:5e:4a:77:cc:9b:f7:08:4d:61:d0:47:fa:84:
6e:e1:4a:e8:be:f2:08:20:e7:0f:fa:94:d9:bb:12:23:8f:6b:
d1:3a:97:ad
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASPcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDIwNjE2WhcNMjUxMjEwMDIwNjE2WjAYMRYw
FAYDVQQDEw02NzZiNjg5Yy1iZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz3qqpv2ErlPQUz4R1oiGZouC6BV3nHJlW2gr+iDffqJHdx7jvsD1aGm+
OHCM61bThaXlnLplBGh9AMm4SVqi65nCHWX+hi0k7HEObg+puk7h73celal4ej96
m1311EK9N1fZIRG5KjJEFgnWS0Cq7ZWlLClELyIlwQxsOHaXSO4aJxjPp9MJR8ff
6XptzsPOL12jnEjR+g6AEhK35m7K08aHYxRqq9+OvZRG6ZiIoe+raPyB3icxqxMT
975GoQ859+PU/odvlTWPah+mjLrKxmSxFN4hLmk7qM7T2ZfW9xJfNi2pZwPXAHU0
NHME9z13qDxfv0DF1FEywC29YFZYFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHDo
z59ES9vY1hFkLLiXfZcRKQx9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENEYwRUIwRUMyNjQxMUVGOUU4MDMyQkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsd7MA0GCSqGSIb3DQEB
CwUAA4IBAQBDdA5Pz8GToGY6ulBXgVqEOE+BdTXDwMi1LrsFJdF0+3/27kNLAvB5
wbhXNhWcsxI4/94q+BHrUpeOtuiX6fypow4GNPbYfgMA6Ya1dgxa6En53KoukeO2
jgOUMvm5UutyYlNJ18rak8b+UQhXDgEZSJG1AoKBdNMHSn3brS4USnp+981zL0ik
vRhYuGUOwFcy+ZVJyLtXCs7ce6103WbXXIGS8Z0c0jhi8x0sCMVcseDK+uFD3lKq
Wo+8QZQEvmjiYBxcLxmMy/vo/HC2Hiz+A7luQL3JkIW51CzC115Kd8yb9whNYdBH
+oRu4UrovvIIIOcP+pTZuxIjj2vROpet
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:02:44 2025 by rpki-client