Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBC3FD66C37E11EFA7F97542762E951A.roa
File: DBC3FD66C37E11EFA7F97542762E951A.roa (raw, json)
Hash identifier: AmLnUTv/0vAxjagNGkR+GaEMZ2/1a858QVRLwuEdK7Q=
Subject key identifier: A6:09:F8:AC:EA:67:CD:05:21:AF:51:C6:5D:9B:60:D8:E8:DD:0A:06
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012748
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBC3FD66C37E11EFA7F97542762E951A.roa
Signing time: Thu 26 Dec 2024 11:45:09 +0000
ROA not before: Thu 26 Dec 2024 11:45:05 +0000
ROA not after: Fri 12 Dec 2025 11:45:05 +0000
asID: 984
IP address blocks: 154.94.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75592 (0x12748)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 11:45:05 2024 GMT
Not After : Dec 12 11:45:05 2025 GMT
Subject: CN=676d41c5-da8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:08:44:18:4f:20:58:e5:80:ce:5c:a3:a4:b1:
2e:b3:7b:1d:f6:95:32:ca:5a:cc:79:cc:1a:19:3e:
46:58:57:69:e1:66:c3:98:ff:77:e1:04:72:c2:55:
b8:9e:bf:49:1b:02:d2:74:f2:a0:ea:64:2d:ed:5d:
53:9f:1e:70:a4:87:21:d0:c0:a5:7d:7a:a2:86:6d:
1b:61:28:11:dd:0c:63:03:33:35:ba:7f:19:c0:3a:
7e:33:41:36:a2:55:29:18:1f:b5:31:a1:6c:13:8c:
4b:af:2b:4f:1e:30:e3:57:69:94:b1:63:b0:b5:3c:
f6:30:3b:89:bc:41:f8:bc:ac:17:c0:f0:c2:e9:ce:
11:e8:4e:04:9c:93:e3:90:38:2f:fc:fc:dd:85:ed:
27:bc:59:6d:64:64:80:41:05:8e:f7:6a:74:25:05:
0a:96:d9:a9:ad:24:36:3f:65:6d:79:2e:66:c8:2a:
92:82:99:e1:90:0b:05:35:ef:9b:34:4b:5a:9b:67:
63:62:9e:d7:37:72:07:da:e3:50:b4:bd:cd:02:90:
2c:31:5c:66:3d:ea:c0:7f:21:7b:b7:71:37:e9:09:
54:cd:bb:04:21:b8:c3:bf:0e:1e:b6:9c:f1:5f:95:
c8:3a:dd:17:78:21:67:da:5c:2d:4d:43:7a:63:e5:
45:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:09:F8:AC:EA:67:CD:05:21:AF:51:C6:5D:9B:60:D8:E8:DD:0A:06
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBC3FD66C37E11EFA7F97542762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.187.0/24
Signature Algorithm: sha256WithRSAEncryption
21:83:16:f0:11:aa:e2:ff:e4:02:de:bc:f8:c1:21:1f:8c:93:
bc:d0:85:0b:21:5b:26:7c:e1:36:7d:05:c9:be:48:da:67:eb:
89:c9:fd:8f:0e:f0:d3:89:ad:91:26:bd:50:1d:b9:84:af:47:
eb:17:0d:b5:2f:27:78:44:f3:23:38:42:b1:9e:fc:6b:aa:86:
89:24:1e:71:d3:63:f0:5b:36:a7:f5:15:f6:bd:ff:98:9c:bc:
6f:f4:76:33:5c:ab:88:e6:2c:19:86:e1:29:19:bc:9a:3f:17:
f1:2f:d6:1b:ca:02:da:37:60:e2:e9:d8:08:5e:f2:a9:b5:7f:
9c:1e:e9:11:7a:31:6e:87:bc:05:98:ed:e1:4f:9a:6e:91:31:
fe:52:bb:55:3e:d8:8b:02:ac:d5:62:d3:7b:48:c4:36:3e:d3:
bc:e4:f8:50:f0:32:af:ce:86:e6:fd:e5:fc:86:34:db:2c:7a:
95:69:af:42:9e:f8:49:82:f6:1c:72:fc:2a:d9:fe:0b:6a:29:
5f:39:fe:6a:85:4e:d7:3a:38:05:0f:cf:e6:0f:29:4d:75:7b:
41:ed:31:10:29:89:1a:1a:76:cb:ca:d3:b8:91:03:5a:ad:f5:
c9:60:87:ba:be:3b:07:17:23:85:4e:1b:13:17:f9:f3:5d:32:
4d:f9:d4:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASdIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTE0NTA1WhcNMjUxMjEyMTE0NTA1WjAYMRYw
FAYDVQQDEw02NzZkNDFjNS1kYThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQhEGE8gWOWAzlyjpLEus3sd9pUyylrMecwaGT5GWFdp4WbDmP934QRy
wlW4nr9JGwLSdPKg6mQt7V1Tnx5wpIch0MClfXqihm0bYSgR3QxjAzM1un8ZwDp+
M0E2olUpGB+1MaFsE4xLrytPHjDjV2mUsWOwtTz2MDuJvEH4vKwXwPDC6c4R6E4E
nJPjkDgv/Pzdhe0nvFltZGSAQQWO92p0JQUKltmprSQ2P2VteS5myCqSgpnhkAsF
Ne+bNEtam2djYp7XN3IH2uNQtL3NApAsMVxmPerAfyF7t3E36QlUzbsEIbjDvw4e
tpzxX5XIOt0XeCFn2lwtTUN6Y+VFdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKYJ
+KzqZ80FIa9Rxl2bYNjo3QoGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQkMzRkQ2NkMzN0UxMUVGQTdGOTc1NDI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml67MA0GCSqGSIb3DQEB
CwUAA4IBAQAhgxbwEari/+QC3rz4wSEfjJO80IULIVsmfOE2fQXJvkjaZ+uJyf2P
DvDTia2RJr1QHbmEr0frFw21Lyd4RPMjOEKxnvxrqoaJJB5x02PwWzan9RX2vf+Y
nLxv9HYzXKuI5iwZhuEpGbyaPxfxL9YbygLaN2Di6dgIXvKptX+cHukRejFuh7wF
mO3hT5pukTH+UrtVPtiLAqzVYtN7SMQ2PtO85PhQ8DKvzobm/eX8hjTbLHqVaa9C
nvhJgvYccvwq2f4LailfOf5qhU7XOjgFD8/mDylNdXtB7TEQKYkaGnbLytO4kQNa
rfXJYIe6vjsHFyOFThsTF/nzXTJN+dSo
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:43:02 2025 by rpki-client