Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D665C9EECDD311EF8BF23676762E951A.roa
File: D665C9EECDD311EF8BF23676762E951A.roa (raw, json)
Hash identifier: T5zdcWgD9rf+gBg2b61CAEbFlX2xkh2MxM6CqWWt3aE=
Subject key identifier: 96:FA:AE:1F:A5:E9:2C:5E:D7:1D:1D:FB:49:D2:51:E9:E1:50:3E:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013759
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D665C9EECDD311EF8BF23676762E951A.roa
Signing time: Wed 08 Jan 2025 15:18:39 +0000
ROA not before: Wed 08 Jan 2025 15:18:35 +0000
ROA not after: Mon 03 Jan 2028 15:18:35 +0000
asID: 17561
IP address blocks: 154.83.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79705 (0x13759)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 15:18:35 2025 GMT
Not After : Jan 3 15:18:35 2028 GMT
Subject: CN=677e974f-4b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:51:b5:34:8b:45:7e:cb:1e:3d:20:49:55:5a:
a7:9c:f5:f3:45:5a:04:f8:2a:16:08:03:d8:b5:bf:
4e:f3:be:f8:b7:91:03:d3:37:72:76:db:7e:1e:54:
44:e0:c8:54:fd:27:fb:1d:b2:ed:28:51:81:df:d4:
70:88:32:ec:85:b0:c8:f8:bf:58:9d:e9:6c:57:0b:
80:5c:39:8f:1c:89:df:a0:84:c8:49:af:af:4e:80:
81:ea:ab:17:bd:5f:ff:79:73:fa:81:bf:2d:c4:56:
f4:ca:1f:3d:c6:2c:4f:34:33:32:a9:c3:f9:54:df:
30:51:be:94:ae:a2:82:27:f0:1a:f0:5d:43:3d:21:
de:17:fb:d4:a0:aa:98:10:a4:17:61:e1:da:78:6b:
83:ea:0a:ab:90:9a:56:57:55:8c:ce:33:89:ba:bb:
6c:6d:8b:b2:5b:52:1d:9b:48:58:d0:8e:42:dc:58:
d4:e7:cc:19:a6:7f:c0:23:59:62:c0:1a:be:ac:db:
87:2d:98:33:0a:87:cc:91:c1:05:11:47:d2:1f:a6:
69:5d:af:14:af:43:9d:55:80:20:e3:9d:20:75:ad:
a5:5f:9b:72:ef:75:47:d4:75:1e:f7:d0:36:21:33:
46:23:5a:06:65:25:21:f5:06:aa:92:66:c5:dc:e4:
dc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:FA:AE:1F:A5:E9:2C:5E:D7:1D:1D:FB:49:D2:51:E9:E1:50:3E:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D665C9EECDD311EF8BF23676762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.166.0/24
Signature Algorithm: sha256WithRSAEncryption
24:2a:14:a3:a1:44:8f:4e:32:64:17:ff:8e:dc:22:7b:63:ee:
cc:fc:93:9e:b9:5b:d4:04:be:63:80:b5:0e:8e:93:d4:17:f5:
1f:03:b6:9e:7a:16:54:b4:cb:24:3c:0b:29:9d:8b:b7:4f:ff:
35:e4:99:47:34:7e:5c:0f:a4:b1:39:9d:c2:ed:ad:0c:de:e2:
9a:c5:32:93:38:8e:01:8f:60:36:df:54:f7:cb:c5:5b:53:10:
fc:fc:03:21:aa:bb:2e:7e:68:9e:8e:34:a8:54:fa:42:c0:75:
0c:ad:81:48:0e:f9:51:5f:48:72:d3:f0:1d:71:60:1b:25:7b:
80:b0:dd:fe:f0:ab:d3:3f:10:bb:14:85:4d:0f:b0:89:c1:99:
3d:d0:93:65:a0:34:7f:0b:a1:ed:8f:9d:d3:07:3a:b4:72:e2:
31:e8:e9:34:67:9d:72:19:bc:fc:34:9e:2a:85:66:3e:fa:be:
de:73:ed:0c:ac:98:19:18:99:cc:ff:c5:7e:39:50:a6:2d:16:
72:64:25:c7:3f:a8:67:d5:22:10:e9:bc:d1:95:a7:a5:70:95:
ac:1f:59:ef:2a:fa:34:21:1c:d5:29:a3:29:e8:65:ce:02:8d:
45:a5:b2:b3:3d:e7:f5:fb:30:d9:a0:42:8c:c6:02:f5:0e:66:
73:89:8e:ff
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATdZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTUxODM1WhcNMjgwMTAzMTUxODM1WjAYMRYw
FAYDVQQDEw02NzdlOTc0Zi00YjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtFG1NItFfssePSBJVVqnnPXzRVoE+CoWCAPYtb9O8774t5ED0zdydtt+
HlRE4MhU/Sf7HbLtKFGB39RwiDLshbDI+L9YnelsVwuAXDmPHInfoITISa+vToCB
6qsXvV//eXP6gb8txFb0yh89xixPNDMyqcP5VN8wUb6UrqKCJ/Aa8F1DPSHeF/vU
oKqYEKQXYeHaeGuD6gqrkJpWV1WMzjOJurtsbYuyW1Idm0hY0I5C3FjU58wZpn/A
I1liwBq+rNuHLZgzCofMkcEFEUfSH6ZpXa8Ur0OdVYAg450gda2lX5ty73VH1HUe
99A2ITNGI1oGZSUh9QaqkmbF3OTcLwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJb6
rh+l6Sxe1x0d+0nSUenhUD5rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjY1QzlFRUNERDMxMUVGOEJGMjM2NzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOmMA0GCSqGSIb3DQEB
CwUAA4IBAQAkKhSjoUSPTjJkF/+O3CJ7Y+7M/JOeuVvUBL5jgLUOjpPUF/UfA7ae
ehZUtMskPAspnYu3T/815JlHNH5cD6SxOZ3C7a0M3uKaxTKTOI4Bj2A231T3y8Vb
UxD8/AMhqrsufmiejjSoVPpCwHUMrYFIDvlRX0hy0/AdcWAbJXuAsN3+8KvTPxC7
FIVND7CJwZk90JNloDR/C6Htj53TBzq0cuIx6Ok0Z51yGbz8NJ4qhWY++r7ec+0M
rJgZGJnM/8V+OVCmLRZyZCXHP6hn1SIQ6bzRlaelcJWsH1nvKvo0IRzVKaMp6GXO
Ao1FpbKzPef1+zDZoEKMxgL1DmZziY7/
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:07 2025 by rpki-client