Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9AE70B8C60A11EFAEE7DE68762E951A.roa
File: D9AE70B8C60A11EFAEE7DE68762E951A.roa (raw, json)
Hash identifier: ZDB+7SMdVD7Pd5QLthA0pEgCMraePsoCHLeFjQi5PKI=
Subject key identifier: A4:F1:31:02:25:20:E7:4A:11:14:71:FC:EC:E6:A2:3E:21:FC:84:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012EB2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9AE70B8C60A11EFAEE7DE68762E951A.roa
Signing time: Sun 29 Dec 2024 17:32:18 +0000
ROA not before: Sun 29 Dec 2024 17:32:14 +0000
ROA not after: Sun 12 Dec 2027 17:32:14 +0000
asID: 17561
IP address blocks: 154.217.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77490 (0x12eb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 17:32:14 2024 GMT
Not After : Dec 12 17:32:14 2027 GMT
Subject: CN=677187a1-3467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6c:f1:f7:60:87:75:0e:96:d8:5d:c2:40:fe:
1d:a5:7a:53:08:75:50:c6:5f:3c:ec:d8:01:bd:d7:
9f:90:8e:b1:ef:73:17:b0:56:34:f2:e9:4e:10:c5:
29:b7:79:11:b6:5b:86:bf:b6:6b:97:1e:a2:35:ae:
f1:06:2d:a3:d0:bf:53:41:ea:4c:8e:46:33:e5:c9:
6b:4e:0b:85:e3:50:89:b2:7d:9b:bb:19:0e:b3:0b:
cb:02:5e:27:8e:63:d9:af:80:81:72:ce:9a:19:38:
f1:1c:6e:dd:90:45:bb:9f:47:ef:1b:e0:3d:60:39:
cb:15:07:3c:21:be:9b:5c:dd:50:19:35:09:33:90:
1f:ce:46:9f:06:35:a2:01:1a:96:4a:ff:88:d9:b5:
2a:34:47:50:53:b2:80:17:1e:2f:c1:09:99:ff:8a:
ab:0b:d1:e0:eb:6a:45:d1:05:e9:05:22:76:32:55:
e0:6b:00:49:47:12:f6:35:bf:e9:db:29:79:42:58:
ce:3d:1b:22:fa:c2:59:c6:70:0e:20:34:7c:74:32:
b8:70:51:5f:b9:13:dc:ce:8c:bf:d6:d2:9d:4f:71:
ed:22:97:a6:76:34:6c:fc:f2:e9:0a:6c:89:59:aa:
67:f7:e7:92:63:1c:9c:06:97:80:ea:c6:ea:9a:19:
58:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F1:31:02:25:20:E7:4A:11:14:71:FC:EC:E6:A2:3E:21:FC:84:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9AE70B8C60A11EFAEE7DE68762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.60.0/24
Signature Algorithm: sha256WithRSAEncryption
40:15:46:9b:68:1a:e5:b3:ef:72:e8:56:c8:c4:0c:23:f2:ab:
02:38:7c:da:a8:51:40:05:60:41:06:d4:5c:59:40:d2:01:02:
64:2a:4d:c4:fb:b5:df:b8:79:2d:2c:ae:b4:a2:96:11:be:19:
70:71:15:80:03:d1:18:ca:f3:b4:db:08:2e:25:fa:87:f1:d5:
e4:fc:ce:34:23:07:5a:03:39:14:b9:a8:a7:f4:3c:22:27:db:
51:85:b8:9c:38:b9:03:91:b8:5b:11:35:78:27:1f:a0:e5:f9:
5e:27:b8:60:2f:16:36:6a:81:0a:e9:ca:88:c0:ea:f1:45:03:
8b:16:4e:2d:09:b6:2e:c4:a1:98:55:4d:47:30:ae:95:c5:da:
c0:ef:5e:bc:19:ba:37:83:1d:9a:fd:bd:81:82:cc:79:bf:a4:
4a:1d:75:0b:25:3c:68:5b:e9:4b:23:f0:c7:00:a1:9a:0c:74:
de:a1:58:39:bf:da:3f:d9:f6:7b:b5:4b:67:93:1e:0d:a8:b7:
f8:13:9a:aa:ad:00:af:5c:79:87:16:67:ca:39:d0:0f:01:67:
4d:4c:02:9b:bd:b9:95:14:96:00:fa:81:27:d4:0d:e3:63:b1:
d3:0b:bf:07:0a:93:3e:43:0e:da:bc:dd:ab:01:e1:42:0e:e4:
a0:4d:17:17
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS6yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTczMjE0WhcNMjcxMjEyMTczMjE0WjAYMRYw
FAYDVQQDEw02NzcxODdhMS0zNDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGzx92CHdQ6W2F3CQP4dpXpTCHVQxl887NgBvdefkI6x73MXsFY08ulO
EMUpt3kRtluGv7Zrlx6iNa7xBi2j0L9TQepMjkYz5clrTguF41CJsn2buxkOswvL
Al4njmPZr4CBcs6aGTjxHG7dkEW7n0fvG+A9YDnLFQc8Ib6bXN1QGTUJM5Afzkaf
BjWiARqWSv+I2bUqNEdQU7KAFx4vwQmZ/4qrC9Hg62pF0QXpBSJ2MlXgawBJRxL2
Nb/p2yl5QljOPRsi+sJZxnAOIDR8dDK4cFFfuRPczoy/1tKdT3HtIpemdjRs/PLp
CmyJWapn9+eSYxycBpeA6sbqmhlYUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKTx
MQIlIOdKERRx/Ozmoj4h/IQkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOUFFNzBCOEM2MEExMUVGQUVFN0RFNjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtk8MA0GCSqGSIb3DQEB
CwUAA4IBAQBAFUabaBrls+9y6FbIxAwj8qsCOHzaqFFABWBBBtRcWUDSAQJkKk3E
+7XfuHktLK60opYRvhlwcRWAA9EYyvO02wguJfqH8dXk/M40IwdaAzkUuain9Dwi
J9tRhbicOLkDkbhbETV4Jx+g5fleJ7hgLxY2aoEK6cqIwOrxRQOLFk4tCbYuxKGY
VU1HMK6VxdrA7168Gbo3gx2a/b2Bgsx5v6RKHXULJTxoW+lLI/DHAKGaDHTeoVg5
v9o/2fZ7tUtnkx4NqLf4E5qqrQCvXHmHFmfKOdAPAWdNTAKbvbmVFJYA+oEn1A3j
Y7HTC78HCpM+Qw7avN2rAeFCDuSgTRcX
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:37:14 2025 by rpki-client