Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC8E1A4CC8AB11EF84C46EA2762E951A.roa
File: DC8E1A4CC8AB11EF84C46EA2762E951A.roa (raw, json)
Hash identifier: KPNnerg8TlExKOVzMHFElrc53oCoz+plnj0uxCXjILw=
Subject key identifier: 35:49:65:03:1A:E9:F2:55:51:0E:C8:22:46:9F:B1:64:1C:87:57:FD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01317C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC8E1A4CC8AB11EF84C46EA2762E951A.roa
Signing time: Thu 02 Jan 2025 01:49:54 +0000
ROA not before: Thu 02 Jan 2025 01:49:50 +0000
ROA not after: Mon 13 Dec 2027 01:49:50 +0000
asID: 17561
IP address blocks: 154.220.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78204 (0x1317c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 01:49:50 2025 GMT
Not After : Dec 13 01:49:50 2027 GMT
Subject: CN=6775f0c2-3636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:23:ca:12:fa:66:9e:31:16:9c:fe:f6:00:c8:
23:f3:40:11:d4:08:75:87:e5:f7:a5:82:51:ea:24:
e2:e0:a8:f0:d6:86:d5:a8:88:41:b2:7c:0f:ea:c6:
bf:29:3d:ed:0f:f8:2a:47:46:3e:1a:24:a6:cc:c1:
9a:fe:09:7c:eb:a1:88:f7:9a:3c:7d:61:6e:04:03:
74:fa:4b:cf:91:d5:8a:ec:cf:78:2e:64:45:ee:a9:
1e:4a:97:e9:81:a2:b7:fc:54:9b:30:05:97:ef:d8:
89:ab:10:4a:74:c2:cf:5b:07:dd:bf:d0:96:37:ca:
6f:b7:cf:99:6e:e1:88:04:ad:63:32:7a:39:f5:6a:
2e:0d:3c:8a:1b:0b:fe:92:53:5c:71:3e:4a:b0:e7:
b1:b1:4a:82:42:62:82:31:1c:2b:b3:82:a8:a2:d7:
a9:7f:4e:a9:9e:95:f5:9e:cf:74:f9:62:75:e7:49:
da:17:c1:7b:dc:7d:5c:37:62:74:74:bc:f1:b3:96:
e8:61:6a:e1:bf:2d:7e:01:4c:1a:5b:3d:0d:41:da:
69:77:89:54:fa:e2:f4:ec:d7:51:d5:88:8d:4e:06:
48:e1:52:18:e4:4e:a9:ba:ea:61:1b:53:5b:85:de:
a6:7c:d5:12:7b:5c:13:1f:22:5d:16:c2:58:d9:e4:
e9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:49:65:03:1A:E9:F2:55:51:0E:C8:22:46:9F:B1:64:1C:87:57:FD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC8E1A4CC8AB11EF84C46EA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.153.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:21:69:96:fb:ef:f8:8b:9f:d2:17:75:0f:7a:11:fe:8f:3b:
a4:64:5d:8d:20:c0:ec:09:a2:c2:5b:1e:c1:e5:99:35:10:12:
85:7c:83:3e:32:57:53:bb:08:c8:87:1b:51:5d:de:31:e9:82:
b2:5e:0f:21:ed:d1:f5:78:4c:14:c8:5a:ce:d6:ab:04:63:e2:
e6:fe:64:30:cd:0b:0e:1a:c1:33:36:78:a9:0d:d7:b1:74:20:
3b:ee:fd:6d:66:2a:14:b8:bd:78:3c:af:dd:00:f7:47:35:0f:
fb:22:bd:69:17:b9:d0:21:b0:3e:77:44:85:0b:11:76:4d:cc:
c2:ea:b4:36:85:3a:86:77:e9:40:48:db:bb:bd:c5:88:ea:9b:
b1:93:44:8a:19:9e:1f:dc:31:1b:ca:3a:be:c4:1d:6c:0d:b3:
27:35:10:bb:d8:90:59:4f:5d:6c:e3:28:51:4e:58:ed:9c:41:
50:7e:7b:43:c3:d8:25:ed:96:50:ed:b7:f4:5f:30:31:98:da:
52:d2:93:2e:4f:f8:b2:20:ee:fc:e2:bb:cb:b9:d0:ba:73:03:
33:d9:70:a6:a2:4d:2d:c6:5e:d0:29:80:3e:e1:08:8e:26:71:
00:e8:4a:27:ba:38:4a:c7:1c:36:95:e4:7a:6a:c1:7b:25:ac:
f5:e4:48:45
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATF8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDE0OTUwWhcNMjcxMjEzMDE0OTUwWjAYMRYw
FAYDVQQDEw02Nzc1ZjBjMi0zNjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2SPKEvpmnjEWnP72AMgj80AR1Ah1h+X3pYJR6iTi4Kjw1obVqIhBsnwP
6sa/KT3tD/gqR0Y+GiSmzMGa/gl866GI95o8fWFuBAN0+kvPkdWK7M94LmRF7qke
SpfpgaK3/FSbMAWX79iJqxBKdMLPWwfdv9CWN8pvt8+ZbuGIBK1jMno59WouDTyK
Gwv+klNccT5KsOexsUqCQmKCMRwrs4Kootepf06pnpX1ns90+WJ150naF8F73H1c
N2J0dLzxs5boYWrhvy1+AUwaWz0NQdppd4lU+uL07NdR1YiNTgZI4VIY5E6puuph
G1Nbhd6mfNUSe1wTHyJdFsJY2eTpxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDVJ
ZQMa6fJVUQ7IIkafsWQch1f9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQzhFMUE0Q0M4QUIxMUVGODRDNDZFQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtyZMA0GCSqGSIb3DQEB
CwUAA4IBAQAcIWmW++/4i5/SF3UPehH+jzukZF2NIMDsCaLCWx7B5Zk1EBKFfIM+
MldTuwjIhxtRXd4x6YKyXg8h7dH1eEwUyFrO1qsEY+Lm/mQwzQsOGsEzNnipDdex
dCA77v1tZioUuL14PK/dAPdHNQ/7Ir1pF7nQIbA+d0SFCxF2TczC6rQ2hTqGd+lA
SNu7vcWI6puxk0SKGZ4f3DEbyjq+xB1sDbMnNRC72JBZT11s4yhRTljtnEFQfntD
w9gl7ZZQ7bf0XzAxmNpS0pMuT/iyIO784rvLudC6cwMz2XCmok0txl7QKYA+4QiO
JnEA6EonujhKxxw2leR6asF7Jaz15EhF
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:13 2025 by rpki-client