Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5AEDC40C62411EFA159F28B762E951A.roa
File: D5AEDC40C62411EFA159F28B762E951A.roa (raw, json)
Hash identifier: wQ4FBBuerdr4+2bR37j/NSRGoSsswxVCRRpaVCx3tHc=
Subject key identifier: 17:F1:F0:D6:E7:C6:A6:0C:C8:7F:34:B4:D8:E8:FB:1D:A6:CD:1E:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012F8C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5AEDC40C62411EFA159F28B762E951A.roa
Signing time: Sun 29 Dec 2024 20:38:18 +0000
ROA not before: Sun 29 Dec 2024 20:38:14 +0000
ROA not after: Sun 12 Dec 2027 20:38:14 +0000
asID: 17561
IP address blocks: 154.217.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77708 (0x12f8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 20:38:14 2024 GMT
Not After : Dec 12 20:38:14 2027 GMT
Subject: CN=6771b33a-9040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e7:7c:c8:c5:b1:e8:f5:25:d5:7b:7b:8a:b0:
85:29:9c:ba:e2:2c:91:74:bd:22:d3:11:80:a7:8a:
ec:92:15:db:6f:52:69:3d:ba:f0:8a:1b:c1:b4:05:
0e:b8:25:c8:17:61:90:0a:78:4b:e2:b7:ba:6e:0a:
24:74:12:ff:7d:8e:fa:eb:b8:03:a9:96:36:4a:a3:
33:71:2d:b8:2f:52:01:67:d9:01:a6:c7:b8:31:ee:
50:b5:4a:01:0c:b2:05:2f:30:87:c3:08:f4:ba:79:
ab:9f:1e:ad:d6:30:0e:04:ab:df:f0:8a:cc:b3:74:
7a:91:bd:03:0b:df:7b:11:74:85:f5:70:0d:1c:c5:
b9:ea:be:2b:ce:ef:f5:fa:c2:6a:8c:63:14:da:fa:
0d:b4:54:c1:d7:1c:87:7e:60:39:4d:6b:95:0f:64:
b3:4c:78:db:ff:7b:b6:67:d5:12:b8:3f:78:08:ba:
43:30:f3:cc:54:8e:82:60:a4:fe:09:dd:b3:2c:35:
18:5d:64:3e:4d:01:73:03:fd:ae:40:15:88:0b:1d:
1a:8c:87:ad:39:41:8b:40:33:c9:d4:31:7e:94:7c:
d2:d2:32:a6:b6:c7:aa:ae:a3:87:21:3c:4e:1e:de:
d0:f3:e7:c5:64:9c:cd:78:e8:3f:20:b0:c0:05:5b:
84:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F1:F0:D6:E7:C6:A6:0C:C8:7F:34:B4:D8:E8:FB:1D:A6:CD:1E:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5AEDC40C62411EFA159F28B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.169.0/24
Signature Algorithm: sha256WithRSAEncryption
49:a5:0b:b5:f0:66:67:2a:4d:ca:af:f8:fa:3e:e3:74:3c:ed:
9e:c9:cb:e3:19:07:73:91:49:a9:43:10:04:b2:5a:e7:ac:8d:
66:c5:5e:ec:cf:63:64:f7:3c:0d:eb:4a:08:f3:ba:d3:2a:c8:
26:77:e7:9d:f2:20:9b:64:07:70:a7:0b:3b:78:06:01:25:77:
d8:53:02:ad:bb:0c:26:ba:4e:63:11:8f:08:01:f7:fd:83:ff:
67:ef:35:67:9e:a4:8d:33:9a:e7:7b:6c:fd:52:63:d1:9d:87:
cf:c4:6c:25:4c:0d:68:86:2f:52:32:89:3b:f4:e7:70:c5:b1:
1b:f1:18:9a:33:05:da:f9:27:c3:60:86:34:67:6e:b7:bd:b7:
8d:5d:42:53:56:d2:1e:16:55:db:51:66:ec:d0:82:73:ae:3c:
7c:1f:a6:d9:aa:7f:d1:6d:38:14:50:77:6e:bb:20:b8:da:39:
eb:55:36:d5:d6:06:b1:70:3e:c8:4e:78:28:4d:a7:48:a1:bd:
51:8f:a3:fa:09:9d:ac:e8:c0:57:41:9a:76:a9:29:16:a1:a3:
22:b4:44:d8:fc:6c:ac:52:86:15:a1:08:79:65:2c:6e:df:4c:
28:40:90:63:7e:95:40:c4:52:86:69:0d:8b:3a:1e:61:2d:ed:
f3:fa:04:10
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS+MMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjAzODE0WhcNMjcxMjEyMjAzODE0WjAYMRYw
FAYDVQQDEw02NzcxYjMzYS05MDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyOd8yMWx6PUl1Xt7irCFKZy64iyRdL0i0xGAp4rskhXbb1JpPbrwihvB
tAUOuCXIF2GQCnhL4re6bgokdBL/fY7667gDqZY2SqMzcS24L1IBZ9kBpse4Me5Q
tUoBDLIFLzCHwwj0unmrnx6t1jAOBKvf8IrMs3R6kb0DC997EXSF9XANHMW56r4r
zu/1+sJqjGMU2voNtFTB1xyHfmA5TWuVD2SzTHjb/3u2Z9USuD94CLpDMPPMVI6C
YKT+Cd2zLDUYXWQ+TQFzA/2uQBWICx0ajIetOUGLQDPJ1DF+lHzS0jKmtseqrqOH
ITxOHt7Q8+fFZJzNeOg/ILDABVuE+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBfx
8NbnxqYMyH80tNjo+x2mzR61MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENUFFREM0MEM2MjQxMUVGQTE1OUYyOEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtmpMA0GCSqGSIb3DQEB
CwUAA4IBAQBJpQu18GZnKk3Kr/j6PuN0PO2eycvjGQdzkUmpQxAEslrnrI1mxV7s
z2Nk9zwN60oI87rTKsgmd+ed8iCbZAdwpws7eAYBJXfYUwKtuwwmuk5jEY8IAff9
g/9n7zVnnqSNM5rne2z9UmPRnYfPxGwlTA1ohi9SMok79OdwxbEb8RiaMwXa+SfD
YIY0Z263vbeNXUJTVtIeFlXbUWbs0IJzrjx8H6bZqn/RbTgUUHduuyC42jnrVTbV
1gaxcD7ITngoTadIob1Rj6P6CZ2s6MBXQZp2qSkWoaMitETY/GysUoYVoQh5ZSxu
30woQJBjfpVAxFKGaQ2LOh5hLe3z+gQQ
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:47 2025 by rpki-client