Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5DBB2BCD57211EFA97229A9762E951A.roa
File: D5DBB2BCD57211EFA97229A9762E951A.roa (raw, json)
Hash identifier: P1V5djDrunNmtBYtULE65p9yrqU1QU9czaDk+uZVrGU=
Subject key identifier: 90:BF:93:B6:6B:9A:F7:F3:98:88:F4:F6:3F:DE:41:F7:F2:7F:FE:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013DB8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5DBB2BCD57211EFA97229A9762E951A.roa
Signing time: Sat 18 Jan 2025 08:04:26 +0000
ROA not before: Sat 18 Jan 2025 08:04:23 +0000
ROA not after: Sat 22 Feb 2025 08:04:23 +0000
asID: 400619
IP address blocks: 154.217.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 11:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81336 (0x13db8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 18 08:04:23 2025 GMT
Not After : Feb 22 08:04:23 2025 GMT
Subject: CN=678b608a-fbe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:2b:90:3c:37:96:b6:ef:40:17:71:e7:84:
0e:73:28:35:98:f7:76:d3:de:4e:09:d9:e6:25:b3:
f3:12:ec:2c:a4:1e:ad:9c:3d:4c:dd:ee:0e:5c:f4:
cf:b0:5d:70:72:fd:43:8c:33:5a:7f:90:02:3c:f4:
96:58:6d:64:f9:01:e1:14:60:24:99:5c:a2:1a:cd:
a0:0d:44:a5:15:97:e5:c4:18:a6:51:d7:6b:23:24:
87:7f:93:47:ae:16:f8:06:60:fd:05:f7:d0:88:86:
6d:36:12:0f:f7:7b:11:95:93:2f:32:cb:79:f0:13:
46:9f:87:b3:a5:e0:11:36:3c:ac:55:a0:5b:39:b8:
bd:37:a1:02:61:b0:a8:80:d5:d1:de:66:d7:d6:19:
99:cf:78:e4:ee:8d:2b:d6:ff:2d:69:e9:4e:1e:e6:
ab:d0:32:a9:99:d0:79:40:8f:08:56:f2:85:36:be:
6d:1f:f6:79:c4:9b:a7:ab:e2:d6:d6:f8:aa:c1:6a:
78:f6:ae:57:22:72:f1:b3:f9:0b:57:c7:12:ed:eb:
e1:8f:08:6d:bd:f9:24:2d:8e:53:57:e1:68:16:a6:
a7:20:e3:0b:8e:6b:47:d9:d3:46:c9:3a:49:a0:f4:
b8:36:b1:8e:07:36:ce:ca:93:fe:3a:b6:2c:f7:5b:
05:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BF:93:B6:6B:9A:F7:F3:98:88:F4:F6:3F:DE:41:F7:F2:7F:FE:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5DBB2BCD57211EFA97229A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.236.0/22
Signature Algorithm: sha256WithRSAEncryption
d6:c5:af:d1:23:ed:fd:64:a5:17:9d:29:8e:22:d8:b1:13:06:
2c:57:50:8a:69:02:7a:af:ce:80:e4:7e:e3:a1:83:7d:4a:3f:
30:9f:30:5a:e6:e0:5e:50:78:99:ee:e7:4f:37:c3:01:f5:01:
0d:50:5d:17:d0:f5:78:00:bd:e3:8a:c8:7a:0e:09:61:fd:c4:
69:2c:c1:fd:24:13:b1:26:79:ad:05:eb:f9:8d:46:ec:55:ab:
c5:bd:b3:df:f0:4d:c6:59:ea:6c:6e:9e:8a:25:4b:76:94:ef:
80:02:25:32:95:d8:ef:58:18:54:0a:85:97:59:0c:ef:ee:e9:
0d:6c:dd:c6:08:d2:da:20:00:14:b7:6f:45:7e:b3:9f:a7:86:
92:4a:9c:44:36:cc:d0:5b:28:7b:94:5c:ce:76:b8:0c:cc:35:
ac:2d:05:47:30:65:b4:f4:6d:01:39:b0:ef:79:44:34:fb:1b:
7f:71:eb:cd:0c:57:e5:27:ef:35:ea:18:8c:70:f7:c1:bf:f3:
ca:be:73:2f:c5:68:54:eb:28:ff:c2:c2:00:67:af:a7:2d:8a:
ae:e3:07:78:6c:31:fc:5f:24:c1:5c:e2:88:ad:9f:6a:b3:ba:
9c:5d:fd:78:b3:e6:63:0b:23:8f:b7:95:71:31:c7:3d:d9:02:
c8:3c:4c:6b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT24MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDgwNDIzWhcNMjUwMjIyMDgwNDIzWjAYMRYw
FAYDVQQDEw02NzhiNjA4YS1mYmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt1MrkDw3lrbvQBdx54QOcyg1mPd2095OCdnmJbPzEuwspB6tnD1M3e4O
XPTPsF1wcv1DjDNaf5ACPPSWWG1k+QHhFGAkmVyiGs2gDUSlFZflxBimUddrIySH
f5NHrhb4BmD9BffQiIZtNhIP93sRlZMvMst58BNGn4ezpeARNjysVaBbObi9N6EC
YbCogNXR3mbX1hmZz3jk7o0r1v8taelOHuar0DKpmdB5QI8IVvKFNr5tH/Z5xJun
q+LW1viqwWp49q5XInLxs/kLV8cS7evhjwhtvfkkLY5TV+FoFqanIOMLjmtH2dNG
yTpJoPS4NrGOBzbOypP+OrYs91sF2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJC/
k7ZrmvfzmIj09j/eQffyf/4NMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENURCQjJCQ0Q1NzIxMUVGQTk3MjI5QTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtnsMA0GCSqGSIb3DQEB
CwUAA4IBAQDWxa/RI+39ZKUXnSmOItixEwYsV1CKaQJ6r86A5H7joYN9Sj8wnzBa
5uBeUHiZ7udPN8MB9QENUF0X0PV4AL3jish6Dglh/cRpLMH9JBOxJnmtBev5jUbs
VavFvbPf8E3GWepsbp6KJUt2lO+AAiUyldjvWBhUCoWXWQzv7ukNbN3GCNLaIAAU
t29FfrOfp4aSSpxENszQWyh7lFzOdrgMzDWsLQVHMGW09G0BObDveUQ0+xt/cevN
DFflJ+816hiMcPfBv/PKvnMvxWhU6yj/wsIAZ6+nLYqu4wd4bDH8XyTBXOKIrZ9q
s7qcXf14s+ZjCyOPt5VxMcc92QLIPExr
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:42:27 2025 by rpki-client