Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E11B6248BE8F11EFB178F289762E951A.roa
File: E11B6248BE8F11EFB178F289762E951A.roa (raw, json)
Hash identifier: 8bfyakEHza8cG/i/zy07XKK1toCoAuW2oYhAd+dCdx4=
Subject key identifier: 83:68:82:B9:6B:9C:44:E4:70:34:CC:75:6C:0C:06:0C:4F:13:0D:AC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011BFC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E11B6248BE8F11EFB178F289762E951A.roa
Signing time: Fri 20 Dec 2024 05:04:24 +0000
ROA not before: Fri 20 Dec 2024 05:04:20 +0000
ROA not after: Wed 10 Dec 2025 05:04:20 +0000
asID: 984
IP address blocks: 154.82.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72700 (0x11bfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 20 05:04:20 2024 GMT
Not After : Dec 10 05:04:20 2025 GMT
Subject: CN=6764fad8-9102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fe:e2:eb:35:31:db:f4:a7:9e:de:3c:04:46:
24:15:88:75:48:d7:34:b8:93:f4:64:30:40:59:52:
19:e0:ad:99:ed:e7:07:5b:12:97:27:c5:4e:b6:56:
0f:d4:e7:1d:87:7c:be:ca:47:65:42:47:1a:b4:77:
c2:e5:13:70:c7:1d:67:ee:c1:da:7c:c1:94:71:8c:
f8:5a:21:eb:06:e3:64:a9:3e:dc:eb:cc:eb:32:21:
b3:d9:f3:d0:dc:12:bd:df:a8:5d:7b:6c:46:98:f4:
9b:7b:9d:77:22:9c:12:58:ea:37:b2:00:f6:c0:06:
7a:6a:ca:b9:f3:08:07:7c:1f:eb:1f:dd:8e:8e:8b:
6f:78:76:8f:9e:ed:a8:92:20:52:4e:9b:df:79:a6:
ef:4f:99:be:c9:50:b2:20:0e:df:ae:55:f8:ae:68:
13:88:95:4d:47:6f:bb:b2:90:4c:b4:75:ed:dc:6f:
4e:df:80:00:6b:fc:c5:c2:1c:26:6a:93:e3:d5:91:
5a:bb:48:0f:9e:70:6d:04:71:56:ee:21:85:dd:6a:
a4:20:ca:62:ea:98:1b:60:21:7b:06:88:d1:23:18:
a8:0e:81:cf:6b:2d:be:22:07:91:29:c1:36:aa:46:
53:07:19:7c:94:f3:00:38:af:96:38:0a:a9:9e:e1:
e5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:68:82:B9:6B:9C:44:E4:70:34:CC:75:6C:0C:06:0C:4F:13:0D:AC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E11B6248BE8F11EFB178F289762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.171.0/24
Signature Algorithm: sha256WithRSAEncryption
22:6e:64:98:39:66:7d:2d:e9:83:bf:ad:94:64:b5:f7:e4:ff:
46:72:81:d2:db:3e:90:3a:c5:91:50:83:69:12:d1:a0:81:a0:
a2:ef:e8:83:5f:5e:c1:82:14:3b:70:5c:44:26:20:75:d1:a9:
75:9e:28:3c:b0:84:81:5a:f3:09:7c:53:b4:cb:a6:8e:a0:16:
3b:a3:dc:11:6e:72:fb:48:d9:59:d7:d2:72:41:aa:ca:fe:67:
e7:38:3c:63:c9:f4:8a:d2:8e:d9:68:39:01:a9:a4:9a:48:ec:
d1:73:f2:00:6c:7d:ae:52:72:df:0e:57:f8:34:1d:58:82:24:
f5:7b:dc:0f:57:20:d6:5a:fe:46:23:be:26:00:91:54:dd:47:
ac:f8:0b:df:4d:39:8f:18:d4:2b:0a:00:f4:37:ba:49:11:f6:
7d:39:f5:a9:c5:06:96:1b:10:2c:a9:ae:21:3b:45:40:52:7f:
5d:da:b7:85:ba:a1:65:f8:58:89:fa:ce:0a:ce:c5:51:51:6a:
9f:61:d5:3e:36:54:a0:a8:75:33:19:4e:96:9a:7f:bb:d1:77:
58:24:ff:27:89:cc:fb:30:67:76:e2:98:71:7c:2f:b4:00:d8:
4f:e8:b6:06:69:96:db:c4:a5:01:89:54:a2:a4:10:43:1d:d0:
3e:1a:16:e9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARv8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMDUwNDIwWhcNMjUxMjEwMDUwNDIwWjAYMRYw
FAYDVQQDEw02NzY0ZmFkOC05MTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2P7i6zUx2/Snnt48BEYkFYh1SNc0uJP0ZDBAWVIZ4K2Z7ecHWxKXJ8VO
tlYP1Ocdh3y+ykdlQkcatHfC5RNwxx1n7sHafMGUcYz4WiHrBuNkqT7c68zrMiGz
2fPQ3BK936hde2xGmPSbe513IpwSWOo3sgD2wAZ6asq58wgHfB/rH92OjotveHaP
nu2okiBSTpvfeabvT5m+yVCyIA7frlX4rmgTiJVNR2+7spBMtHXt3G9O34AAa/zF
whwmapPj1ZFau0gPnnBtBHFW7iGF3WqkIMpi6pgbYCF7BojRIxioDoHPay2+IgeR
KcE2qkZTBxl8lPMAOK+WOAqpnuHlMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFINo
grlrnETkcDTMdWwMBgxPEw2sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMTFCNjI0OEJFOEYxMUVGQjE3OEYyODk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlKrMA0GCSqGSIb3DQEB
CwUAA4IBAQAibmSYOWZ9LemDv62UZLX35P9GcoHS2z6QOsWRUINpEtGggaCi7+iD
X17BghQ7cFxEJiB10al1nig8sISBWvMJfFO0y6aOoBY7o9wRbnL7SNlZ19JyQarK
/mfnODxjyfSK0o7ZaDkBqaSaSOzRc/IAbH2uUnLfDlf4NB1YgiT1e9wPVyDWWv5G
I74mAJFU3Ues+AvfTTmPGNQrCgD0N7pJEfZ9OfWpxQaWGxAsqa4hO0VAUn9d2reF
uqFl+FiJ+s4KzsVRUWqfYdU+NlSgqHUzGU6Wmn+70XdYJP8nicz7MGd24phxfC+0
ANhP6LYGaZbbxKUBiVSipBBDHdA+Ghbp
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:43:31 2025 by rpki-client