Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD411FCCC62911EF9EE9FBAA762E951A.roa
File: DD411FCCC62911EF9EE9FBAA762E951A.roa (raw, json)
Hash identifier: ATY6V0WgaMCEho4W56Idj1v51P92N7jX6l4F88s8z0o=
Subject key identifier: 85:FC:49:C8:58:90:F6:EA:B6:A9:39:75:DB:5C:18:02:63:33:BF:58
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012FB6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD411FCCC62911EF9EE9FBAA762E951A.roa
Signing time: Sun 29 Dec 2024 21:14:18 +0000
ROA not before: Sun 29 Dec 2024 21:14:14 +0000
ROA not after: Sun 12 Dec 2027 21:14:14 +0000
asID: 17561
IP address blocks: 154.217.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77750 (0x12fb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 21:14:14 2024 GMT
Not After : Dec 12 21:14:14 2027 GMT
Subject: CN=6771bbaa-324e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e1:8a:8d:56:31:60:e0:b9:78:3e:5f:27:65:
36:b6:d0:bd:81:8f:08:ec:20:2b:cd:8e:0a:15:6b:
70:d0:1e:86:de:56:19:36:af:82:95:c1:6c:ad:8b:
7e:30:22:02:6a:7f:6d:7a:01:64:50:98:3a:da:78:
5e:fb:ed:a2:c5:ba:b0:c0:e9:0a:6f:b0:35:e0:7e:
03:f6:fc:37:74:b0:94:48:d5:d6:69:48:20:57:12:
a8:a3:35:1b:f9:80:da:c5:c4:33:38:20:69:e9:df:
5c:d8:43:b4:0e:9d:84:0c:ac:f9:14:99:dc:9c:c4:
2a:8c:64:6e:87:9a:d0:d0:f6:18:11:a8:c3:45:f7:
74:e2:54:da:d0:30:a3:1e:fd:bc:ad:4d:d1:19:c2:
de:a2:98:6c:0d:75:ed:0e:55:ee:38:08:60:af:b9:
44:44:1b:c6:7c:c7:f3:46:24:b0:70:e3:49:fe:99:
4b:cd:dd:eb:76:7e:70:4d:22:f5:5f:8f:04:e1:13:
b1:f4:1d:d6:9d:44:2e:8f:22:6f:f5:43:fa:77:a3:
25:ef:d8:94:71:ea:f3:3f:c1:13:04:0b:d1:62:83:
ac:55:d2:f0:83:e0:73:b6:a6:05:22:ce:7b:7c:29:
6c:22:f1:86:09:08:6f:fd:5a:d5:16:26:d5:ed:9c:
13:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FC:49:C8:58:90:F6:EA:B6:A9:39:75:DB:5C:18:02:63:33:BF:58
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD411FCCC62911EF9EE9FBAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.190.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:43:03:c3:0a:dd:36:08:55:9c:de:26:6c:87:86:21:df:cd:
61:cb:c3:3d:e2:f6:3a:a2:6d:8f:c9:14:3a:d2:8d:af:a2:25:
14:e8:16:8e:4b:2d:c4:e6:ca:a5:8b:32:92:37:48:b7:28:63:
c6:c0:89:09:c4:d3:96:af:9f:d0:98:fd:c8:67:dd:ec:a9:34:
f3:25:05:69:9f:03:c9:cf:24:7b:c8:5c:ad:6b:29:4a:49:1a:
ce:e6:33:74:ff:59:e7:82:d2:cc:7b:c2:fe:26:ed:df:b8:15:
92:c3:3e:54:a0:d5:64:aa:cc:f8:18:b0:03:cb:a5:59:40:a9:
11:16:79:da:44:1f:36:1d:be:9c:e4:bb:fd:7c:53:74:41:67:
5a:0c:de:99:13:e7:9c:bd:49:18:8e:7f:7b:e1:db:ba:d8:df:
e0:9b:f4:86:55:d5:6b:55:d2:2d:fd:d2:5c:85:38:1e:4e:3d:
4f:c5:d6:14:1f:3a:ae:40:2d:03:5f:cb:c4:a2:20:08:9f:05:
b6:ce:e1:3c:bd:26:42:9a:d7:1e:ca:36:76:b9:0c:73:39:c8:
d3:2b:80:fa:89:ac:d3:8a:aa:e2:eb:f1:0b:75:4c:21:85:36:
5a:b3:3d:fa:d3:9b:11:24:b1:ec:28:7a:6b:fc:54:6a:4f:3b:
98:ee:2b:29
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS+2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjExNDE0WhcNMjcxMjEyMjExNDE0WjAYMRYw
FAYDVQQDEw02NzcxYmJhYS0zMjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuuGKjVYxYOC5eD5fJ2U2ttC9gY8I7CArzY4KFWtw0B6G3lYZNq+ClcFs
rYt+MCICan9tegFkUJg62nhe++2ixbqwwOkKb7A14H4D9vw3dLCUSNXWaUggVxKo
ozUb+YDaxcQzOCBp6d9c2EO0Dp2EDKz5FJncnMQqjGRuh5rQ0PYYEajDRfd04lTa
0DCjHv28rU3RGcLeophsDXXtDlXuOAhgr7lERBvGfMfzRiSwcONJ/plLzd3rdn5w
TSL1X48E4ROx9B3WnUQujyJv9UP6d6Ml79iUcerzP8ETBAvRYoOsVdLwg+BztqYF
Is57fClsIvGGCQhv/VrVFibV7ZwT8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIX8
SchYkPbqtqk5ddtcGAJjM79YMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDQxMUZDQ0M2MjkxMUVGOUVFOUZCQUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtm+MA0GCSqGSIb3DQEB
CwUAA4IBAQCKQwPDCt02CFWc3iZsh4Yh381hy8M94vY6om2PyRQ60o2voiUU6BaO
Sy3E5sqlizKSN0i3KGPGwIkJxNOWr5/QmP3IZ93sqTTzJQVpnwPJzyR7yFytaylK
SRrO5jN0/1nngtLMe8L+Ju3fuBWSwz5UoNVkqsz4GLADy6VZQKkRFnnaRB82Hb6c
5Lv9fFN0QWdaDN6ZE+ecvUkYjn974du62N/gm/SGVdVrVdIt/dJchTgeTj1PxdYU
HzquQC0DX8vEoiAInwW2zuE8vSZCmtceyjZ2uQxzOcjTK4D6iazTiqri6/ELdUwh
hTZasz3605sRJLHsKHpr/FRqTzuY7isp
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:14 2025 by rpki-client