Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7BBC936B5F711EF8B53A57C762E951A.roa
File: D7BBC936B5F711EF8B53A57C762E951A.roa (raw, json)
Hash identifier: RDq27dqmehC6h9m0n7kuIfy613cGYLax7ys3Gdh4YtA=
Subject key identifier: 66:0C:4C:F9:8D:E5:30:7A:C6:5A:AC:BE:C1:F4:E0:30:3F:20:B8:CE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0119B3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7BBC936B5F711EF8B53A57C762E951A.roa
Signing time: Mon 09 Dec 2024 06:35:55 +0000
ROA not before: Mon 09 Dec 2024 06:35:51 +0000
ROA not after: Mon 19 Oct 2026 06:35:51 +0000
asID: 149014
IP address blocks: 154.91.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72115 (0x119b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 9 06:35:51 2024 GMT
Not After : Oct 19 06:35:51 2026 GMT
Subject: CN=67568fcb-f0cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e7:76:da:06:68:c3:23:83:56:f4:b6:49:dd:
34:06:16:68:f2:5e:cd:9c:3d:c6:ef:cd:bb:98:51:
fa:0d:e0:77:c4:a4:d3:2a:40:14:cb:07:62:d6:b7:
50:e5:4d:5f:3d:c0:b3:6e:9b:76:92:a7:85:a1:a0:
34:cf:52:97:3d:29:5c:5a:b8:8c:c4:6a:19:dc:1c:
0c:e9:59:81:3e:e6:a2:d6:48:27:3c:6c:f5:63:fb:
3c:7c:9d:31:e1:eb:90:60:bc:03:4d:99:da:dd:47:
a8:61:98:4d:86:39:88:52:78:31:fe:2e:78:76:43:
02:90:b6:9a:71:33:d0:59:01:fd:8c:c1:d6:d7:82:
a3:22:77:e1:96:56:78:46:24:b6:91:8c:5b:9c:6e:
c7:e4:fd:ce:76:a8:d9:a5:01:3f:aa:e9:95:67:34:
d2:9b:45:b8:1a:a3:5f:ad:64:8f:aa:b6:e8:fd:6c:
61:a8:ff:76:2d:6a:dc:30:3e:08:68:b2:3a:fa:74:
b5:ff:3a:ed:4b:17:de:72:cb:dd:9b:18:d4:f8:9c:
88:8c:2e:07:fc:4c:47:4b:3d:2f:53:67:fb:50:65:
8b:f3:73:e1:22:96:df:fb:d9:53:f2:2f:50:d0:19:
1c:e7:5f:73:ae:b7:87:de:7d:3d:4c:41:8e:60:7a:
03:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:0C:4C:F9:8D:E5:30:7A:C6:5A:AC:BE:C1:F4:E0:30:3F:20:B8:CE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7BBC936B5F711EF8B53A57C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.32.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:6b:12:46:6e:a8:da:67:98:e1:ed:fe:b0:50:b7:32:a1:a6:
b3:46:16:fa:73:72:63:0b:80:fa:81:86:01:f7:47:91:fe:12:
5a:86:d5:b8:2c:c7:f8:b0:c8:50:7c:3b:8e:e3:0a:b7:57:45:
bf:23:15:6e:12:d7:62:95:42:e1:ea:8d:63:d1:e5:9e:0f:12:
0e:0b:43:0c:30:b0:07:7d:6a:65:5b:e3:df:4e:cf:5a:d0:39:
95:af:7c:e7:95:b1:28:0b:a2:7c:e6:37:e4:a0:00:d6:60:74:
91:6c:2b:7f:5b:1d:e7:04:ad:35:c6:71:7a:63:6f:74:8b:25:
ab:8d:a5:a4:32:db:1b:6a:db:a3:cd:09:cc:57:54:58:a9:6c:
7b:1e:11:f6:ae:4f:a2:94:04:3d:09:60:1a:77:99:1b:62:d0:
6b:80:70:23:ba:87:95:9f:e8:17:91:8d:a9:5c:72:a0:a7:cd:
2b:29:68:2e:b5:02:d1:6f:aa:80:67:5c:75:e6:18:09:32:fc:
cb:b7:d8:1b:6c:d6:e0:fd:da:18:de:95:93:11:2c:b4:b4:c9:
cb:bc:42:b8:47:e8:36:06:9a:d5:5a:c9:e0:a8:e5:f6:9f:36:
3d:0a:d1:20:ac:ab:f6:7b:bc:ef:63:2d:db:9f:26:f6:67:dd:
be:3d:84:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARmzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjA5MDYzNTUxWhcNMjYxMDE5MDYzNTUxWjAYMRYw
FAYDVQQDEw02NzU2OGZjYi1mMGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Od22gZowyODVvS2Sd00BhZo8l7NnD3G7827mFH6DeB3xKTTKkAUywdi
1rdQ5U1fPcCzbpt2kqeFoaA0z1KXPSlcWriMxGoZ3BwM6VmBPuai1kgnPGz1Y/s8
fJ0x4euQYLwDTZna3UeoYZhNhjmIUngx/i54dkMCkLaacTPQWQH9jMHW14KjInfh
llZ4RiS2kYxbnG7H5P3OdqjZpQE/qumVZzTSm0W4GqNfrWSPqrbo/WxhqP92LWrc
MD4IaLI6+nS1/zrtSxfecsvdmxjU+JyIjC4H/ExHSz0vU2f7UGWL83PhIpbf+9lT
8i9Q0Bkc519zrreH3n09TEGOYHoDhwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGYM
TPmN5TB6xlqsvsH04DA/ILjOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EN0JCQzkzNkI1RjcxMUVGOEI1M0E1N0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlsgMA0GCSqGSIb3DQEB
CwUAA4IBAQBeaxJGbqjaZ5jh7f6wULcyoaazRhb6c3JjC4D6gYYB90eR/hJahtW4
LMf4sMhQfDuO4wq3V0W/IxVuEtdilULh6o1j0eWeDxIOC0MMMLAHfWplW+PfTs9a
0DmVr3znlbEoC6J85jfkoADWYHSRbCt/Wx3nBK01xnF6Y290iyWrjaWkMtsbatuj
zQnMV1RYqWx7HhH2rk+ilAQ9CWAad5kbYtBrgHAjuoeVn+gXkY2pXHKgp80rKWgu
tQLRb6qAZ1x15hgJMvzLt9gbbNbg/doY3pWTESy0tMnLvEK4R+g2BprVWsngqOX2
nzY9CtEgrKv2e7zvYy3bnyb2Z92+PYS8
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:46:24 2025 by rpki-client