Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD206018C35C11EF813CD86A762E951A.roa
File: DD206018C35C11EF813CD86A762E951A.roa (raw, json)
Hash identifier: 3xHzMARrdhHeSsRk/pICC2Z/B91KaaNCJMaOPk9BXu0=
Subject key identifier: 59:EC:84:16:CB:9D:76:D9:45:AA:23:12:2B:26:5D:C7:BF:6D:00:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0125FF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD206018C35C11EF813CD86A762E951A.roa
Signing time: Thu 26 Dec 2024 07:41:49 +0000
ROA not before: Thu 26 Dec 2024 07:41:45 +0000
ROA not after: Sun 12 Dec 2027 07:41:45 +0000
asID: 17561
IP address blocks: 154.88.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75263 (0x125ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 07:41:45 2024 GMT
Not After : Dec 12 07:41:45 2027 GMT
Subject: CN=676d08bc-62f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:57:8a:14:47:4b:54:69:30:59:a8:16:ad:64:
b0:42:e2:88:97:08:86:99:e3:43:c3:d5:cd:83:fd:
9f:e6:36:b5:39:56:d4:9e:83:c8:27:0f:74:f7:90:
31:f0:88:9c:f2:7f:c5:c1:1a:88:3f:66:99:03:bc:
d6:80:40:d6:96:64:07:4c:c5:e5:cd:6e:e2:2c:ec:
96:64:40:07:10:a2:3c:07:b7:a7:1b:26:42:dd:3e:
b4:52:6e:f9:90:db:dc:7d:75:b0:d8:f1:e8:aa:2a:
ab:45:2a:d2:83:8e:f9:75:fa:c7:87:c6:4e:77:29:
59:ea:fa:14:cb:fc:05:78:2c:74:af:1d:fa:8b:50:
85:30:b5:1c:be:c4:33:5b:c6:31:e6:2e:fe:96:a3:
0e:ab:2f:97:5f:53:c4:19:94:e0:c2:c3:fb:77:8f:
c0:b2:3a:a9:1c:ad:ce:b2:c0:73:96:7f:ce:4e:f1:
4c:cb:ee:c6:58:0b:a5:0d:c9:d4:54:f6:b0:2e:50:
5c:ba:c4:b4:61:d6:3a:2e:bc:6c:78:f4:02:62:3b:
2f:0e:e5:66:da:55:1e:24:c8:3f:f1:98:24:be:f0:
b4:96:25:8f:0e:60:db:a7:fb:98:32:37:5f:b0:77:
27:87:5a:92:3a:75:97:6d:8d:a3:58:e3:a8:76:7c:
3e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:EC:84:16:CB:9D:76:D9:45:AA:23:12:2B:26:5D:C7:BF:6D:00:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD206018C35C11EF813CD86A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.54.0/24
Signature Algorithm: sha256WithRSAEncryption
23:48:3d:97:06:8b:41:70:52:11:ea:0f:02:26:de:00:6e:c4:
08:d5:e4:89:64:b8:a0:b7:10:c5:21:59:cb:ef:1e:37:71:59:
3d:86:ca:b5:27:e4:a9:db:e0:13:5d:5f:6a:e9:7c:e3:bd:71:
54:70:9d:79:ee:ae:0a:0a:bf:c2:06:6c:05:a3:05:08:67:fa:
30:77:06:20:4a:08:e9:41:65:4b:5d:28:bb:c4:22:61:71:8f:
29:03:d3:f1:af:97:17:e7:ec:1d:d8:88:fa:e4:07:55:35:bc:
69:a8:b1:c7:05:2b:ab:47:1d:1d:8b:b6:5a:7e:6e:12:d7:46:
5b:72:37:0c:1a:bf:86:12:7d:d7:d1:8d:1a:87:6b:40:10:6f:
8b:10:68:ff:00:60:bc:e6:e9:25:df:da:56:94:d9:ec:70:e7:
4c:16:6b:61:7d:b4:00:62:2a:b3:a1:37:08:62:91:24:88:76:
e4:9e:c5:ad:8d:59:f2:5b:4b:c5:6c:a8:ac:7e:bb:37:9f:e7:
cb:11:78:89:7a:90:62:d1:75:09:50:7d:84:54:65:39:1b:10:
f2:3e:78:c2:e7:ed:69:d3:b1:6b:42:86:b3:50:46:3c:47:ee:
cc:ef:2e:1e:c5:00:37:80:87:3b:2b:69:5a:f2:ac:52:5f:1d:
ae:91:98:4f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASX/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDc0MTQ1WhcNMjcxMjEyMDc0MTQ1WjAYMRYw
FAYDVQQDEw02NzZkMDhiYy02MmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp1eKFEdLVGkwWagWrWSwQuKIlwiGmeNDw9XNg/2f5ja1OVbUnoPIJw90
95Ax8Iic8n/FwRqIP2aZA7zWgEDWlmQHTMXlzW7iLOyWZEAHEKI8B7enGyZC3T60
Um75kNvcfXWw2PHoqiqrRSrSg475dfrHh8ZOdylZ6voUy/wFeCx0rx36i1CFMLUc
vsQzW8Yx5i7+lqMOqy+XX1PEGZTgwsP7d4/AsjqpHK3OssBzln/OTvFMy+7GWAul
DcnUVPawLlBcusS0YdY6LrxsePQCYjsvDuVm2lUeJMg/8ZgkvvC0liWPDmDbp/uY
MjdfsHcnh1qSOnWXbY2jWOOodnw+BQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFns
hBbLnXbZRaojEismXce/bQCDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDIwNjAxOEMzNUMxMUVGODEzQ0Q4NkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlg2MA0GCSqGSIb3DQEB
CwUAA4IBAQAjSD2XBotBcFIR6g8CJt4AbsQI1eSJZLigtxDFIVnL7x43cVk9hsq1
J+Sp2+ATXV9q6XzjvXFUcJ157q4KCr/CBmwFowUIZ/owdwYgSgjpQWVLXSi7xCJh
cY8pA9Pxr5cX5+wd2Ij65AdVNbxpqLHHBSurRx0di7Zafm4S10ZbcjcMGr+GEn3X
0Y0ah2tAEG+LEGj/AGC85ukl39pWlNnscOdMFmthfbQAYiqzoTcIYpEkiHbknsWt
jVnyW0vFbKisfrs3n+fLEXiJepBi0XUJUH2EVGU5GxDyPnjC5+1p07FrQoazUEY8
R+7M7y4exQA3gIc7K2la8qxSXx2ukZhP
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:14 2025 by rpki-client