Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF8C51DEC62E11EF877BDC4C762E951A.roa
File: DF8C51DEC62E11EF877BDC4C762E951A.roa (raw, json)
Hash identifier: mrr6iKXSi4k7nhUW1cD8siZNX3bODLI0cN19eKtiB4w=
Subject key identifier: FB:BC:AF:E8:C7:98:16:A4:A8:06:6A:9A:2A:6C:EE:9B:AB:37:A0:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012FE0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF8C51DEC62E11EF877BDC4C762E951A.roa
Signing time: Sun 29 Dec 2024 21:50:09 +0000
ROA not before: Sun 29 Dec 2024 21:50:06 +0000
ROA not after: Sun 12 Dec 2027 21:50:06 +0000
asID: 17561
IP address blocks: 154.217.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77792 (0x12fe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 21:50:06 2024 GMT
Not After : Dec 12 21:50:06 2027 GMT
Subject: CN=6771c411-3506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:51:50:50:3c:98:ee:65:45:15:b3:fa:91:bf:
b6:c4:8b:af:a0:47:72:00:01:61:27:30:fd:ac:72:
7a:0d:fe:12:cc:69:40:91:19:2a:fd:c6:ff:0b:91:
e6:ac:2f:7b:ce:6a:2a:8b:34:27:d8:01:5d:00:da:
6f:ac:cd:50:ed:1d:45:e5:f1:1e:44:91:5d:60:9c:
f5:99:e2:b0:28:f4:30:4e:cd:2d:91:69:48:7a:e7:
96:6f:91:1b:66:80:7c:b0:f4:a4:a6:54:71:24:8e:
0b:99:1b:3e:94:56:a4:a7:72:84:30:3a:8c:26:dc:
0d:f9:bf:aa:6a:2b:37:fe:23:76:69:c1:27:74:5b:
d4:b0:d6:e0:54:61:23:f4:a0:f5:0e:e3:19:db:7b:
75:f8:3c:dd:4b:62:ca:f2:eb:ad:e3:55:f0:bc:d6:
8a:46:21:22:16:ec:95:0a:ea:ae:b9:74:17:72:a4:
14:86:b4:cc:de:5c:fd:aa:eb:95:21:65:77:f0:da:
f6:69:90:4e:8e:18:76:0d:9b:b0:ec:e8:90:28:aa:
2f:5c:cb:ea:d1:0e:19:a4:47:63:e3:9a:95:44:8c:
1d:3b:63:23:e9:0c:a6:4f:88:63:45:55:45:a0:eb:
5d:bc:59:07:9a:07:f1:7c:93:e7:72:4e:d2:97:54:
bc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BC:AF:E8:C7:98:16:A4:A8:06:6A:9A:2A:6C:EE:9B:AB:37:A0:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF8C51DEC62E11EF877BDC4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.211.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:fc:53:58:4b:d0:4e:94:99:38:92:25:af:c2:86:c4:43:2d:
bc:a8:e5:4a:c6:57:34:a2:f4:1e:19:33:44:ac:fe:63:6b:28:
e1:1b:ae:22:6e:db:a7:43:b7:12:48:e1:23:94:ab:83:ee:28:
d6:c8:1a:f7:f8:c6:de:cd:fa:3c:21:08:b2:40:4a:02:fa:9d:
d0:4e:70:44:7f:34:0a:cc:8f:17:f9:94:8c:e5:3d:95:14:12:
be:f9:83:7d:84:bc:7b:ef:fe:c6:20:a5:a1:99:22:c9:f7:88:
22:ba:da:c5:73:8c:ba:dd:b5:47:6d:91:82:f1:6b:2c:ad:28:
4d:ee:96:2c:87:5b:bc:20:cc:95:92:7f:38:f6:50:91:cd:63:
83:3a:66:19:e0:e2:05:cc:b1:e9:43:39:f6:7a:29:41:00:f2:
b0:ce:27:2c:64:22:be:12:3e:24:11:7c:bc:f5:e6:f5:66:f6:
02:eb:4e:89:b7:67:ab:25:75:da:36:ff:7a:96:f8:2b:5c:0c:
9e:48:12:e3:bb:ae:88:2d:4d:16:6a:55:76:b3:b4:5d:a1:b8:
c1:6a:fa:86:91:10:b8:a8:82:a5:0e:45:95:5d:26:f3:a4:b1:
01:8a:d4:bb:07:c9:5d:32:8d:be:ce:2d:9d:cb:87:b6:f4:61:
96:6b:a9:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS/gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjE1MDA2WhcNMjcxMjEyMjE1MDA2WjAYMRYw
FAYDVQQDEw02NzcxYzQxMS0zNTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq1FQUDyY7mVFFbP6kb+2xIuvoEdyAAFhJzD9rHJ6Df4SzGlAkRkq/cb/
C5HmrC97zmoqizQn2AFdANpvrM1Q7R1F5fEeRJFdYJz1meKwKPQwTs0tkWlIeueW
b5EbZoB8sPSkplRxJI4LmRs+lFakp3KEMDqMJtwN+b+qais3/iN2acEndFvUsNbg
VGEj9KD1DuMZ23t1+DzdS2LK8uut41XwvNaKRiEiFuyVCuquuXQXcqQUhrTM3lz9
quuVIWV38Nr2aZBOjhh2DZuw7OiQKKovXMvq0Q4ZpEdj45qVRIwdO2Mj6QymT4hj
RVVFoOtdvFkHmgfxfJPnck7Sl1S8YQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPu8
r+jHmBakqAZqmips7purN6BIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERjhDNTFERUM2MkUxMUVGODc3QkRDNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtnTMA0GCSqGSIb3DQEB
CwUAA4IBAQDG/FNYS9BOlJk4kiWvwobEQy28qOVKxlc0ovQeGTNErP5jayjhG64i
btunQ7cSSOEjlKuD7ijWyBr3+Mbezfo8IQiyQEoC+p3QTnBEfzQKzI8X+ZSM5T2V
FBK++YN9hLx77/7GIKWhmSLJ94giutrFc4y63bVHbZGC8WssrShN7pYsh1u8IMyV
kn849lCRzWODOmYZ4OIFzLHpQzn2eilBAPKwzicsZCK+Ej4kEXy89eb1ZvYC606J
t2erJXXaNv96lvgrXAyeSBLju66ILU0WalV2s7RdobjBavqGkRC4qIKlDkWVXSbz
pLEBitS7B8ldMo2+zi2dy4e29GGWa6lo
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:13:47 2025 by rpki-client