Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E28ACD36C5E111EF81FDD668762E951A.roa
File: E28ACD36C5E111EF81FDD668762E951A.roa (raw, json)
Hash identifier: 5nAufc0Cxr9jAff/GQM13bNxu+UQW2X0YkIPng2GL3M=
Subject key identifier: FE:A5:BF:F3:6E:45:62:AB:80:F3:1D:79:E1:82:95:7B:97:1B:11:1A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D56
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E28ACD36C5E111EF81FDD668762E951A.roa
Signing time: Sun 29 Dec 2024 12:39:03 +0000
ROA not before: Sun 29 Dec 2024 12:38:59 +0000
ROA not after: Sun 12 Dec 2027 12:38:59 +0000
asID: 17561
IP address blocks: 154.210.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 14:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77142 (0x12d56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 12:38:59 2024 GMT
Not After : Dec 12 12:38:59 2027 GMT
Subject: CN=677142e7-0996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bf:d4:ba:f3:af:c9:ea:ec:4d:d1:e3:cf:71:
c5:70:57:3e:80:97:1f:e1:b9:be:30:46:9b:66:f9:
cc:8f:a4:41:6a:ad:87:35:d6:0b:df:94:29:ca:53:
92:2f:1b:3a:0c:d3:a2:c6:da:9d:18:c0:4c:1d:db:
f3:c3:73:0e:87:44:e2:bb:6d:b2:43:ff:75:4e:b9:
b6:c3:40:f8:9a:92:05:06:56:1f:31:3d:57:62:ad:
91:0b:b6:64:51:08:bb:24:04:e6:73:87:03:7c:24:
f4:8e:37:fc:ba:3d:46:0c:ea:2c:87:5f:db:a0:85:
92:4b:0e:66:39:96:77:d8:03:67:d4:2c:52:2a:62:
49:45:60:4f:88:34:cc:15:7f:06:d7:e5:5e:78:cc:
07:f8:37:e8:50:f2:e7:cd:d6:8c:9e:ee:83:98:ec:
10:92:b2:5c:ab:64:93:1b:bd:b1:a8:d4:09:07:dd:
16:f3:46:d6:48:bc:5c:50:b0:c7:5e:86:98:96:95:
39:75:e2:33:50:1a:fc:e1:c6:fa:fe:d1:24:97:20:
db:a1:e2:66:4b:98:4c:7c:dd:65:f4:80:10:5b:3a:
06:79:ba:b0:81:12:97:61:30:80:ce:34:07:2c:45:
36:c5:0e:49:41:6a:2b:94:c4:fc:8b:aa:fa:68:5b:
b6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A5:BF:F3:6E:45:62:AB:80:F3:1D:79:E1:82:95:7B:97:1B:11:1A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E28ACD36C5E111EF81FDD668762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.109.0/24
Signature Algorithm: sha256WithRSAEncryption
36:b6:91:82:13:75:99:19:f8:6d:40:06:b7:a1:1d:08:ac:4f:
37:ab:89:f2:97:3b:a6:30:0a:34:3d:67:89:a9:9f:a1:29:1a:
a9:45:45:99:14:bd:ef:dd:15:67:83:3f:98:de:95:d8:8a:7e:
24:e7:05:3e:d6:2d:b1:89:92:50:be:1a:a6:c1:ba:fe:51:8d:
b5:0e:fe:65:76:09:31:cb:3e:f1:91:34:29:5d:2b:65:70:07:
e6:09:5e:bf:43:b9:83:e4:b0:e7:85:fb:38:7d:2d:b9:19:48:
64:5f:81:0f:0a:84:9e:19:0c:d8:cc:a6:86:37:14:fd:e1:2a:
05:59:46:9f:88:01:36:de:30:a8:34:43:45:9e:b1:41:e6:62:
09:90:d5:75:74:af:70:24:04:bf:15:81:09:69:55:01:d2:7b:
01:f4:35:a8:69:61:76:75:35:ff:48:5e:da:77:c7:e2:e7:87:
b8:6c:a4:d2:3c:63:9a:aa:db:f1:c5:e4:59:2e:2e:60:49:e7:
4d:0a:75:15:61:64:cb:f4:62:21:63:42:d2:af:9a:aa:bc:73:
74:92:db:fc:01:04:02:28:16:60:4c:d0:de:70:bd:bb:19:30:
5a:e9:28:76:1c:e2:08:1b:8b:3e:d2:53:38:ca:52:41:ad:b9:
e3:5c:be:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS1WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTIzODU5WhcNMjcxMjEyMTIzODU5WjAYMRYw
FAYDVQQDEw02NzcxNDJlNy0wOTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4b/UuvOvyersTdHjz3HFcFc+gJcf4bm+MEabZvnMj6RBaq2HNdYL35Qp
ylOSLxs6DNOixtqdGMBMHdvzw3MOh0Tiu22yQ/91Trm2w0D4mpIFBlYfMT1XYq2R
C7ZkUQi7JATmc4cDfCT0jjf8uj1GDOosh1/boIWSSw5mOZZ32ANn1CxSKmJJRWBP
iDTMFX8G1+VeeMwH+DfoUPLnzdaMnu6DmOwQkrJcq2STG72xqNQJB90W80bWSLxc
ULDHXoaYlpU5deIzUBr84cb6/tEklyDboeJmS5hMfN1l9IAQWzoGebqwgRKXYTCA
zjQHLEU2xQ5JQWorlMT8i6r6aFu2iwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP6l
v/NuRWKrgPMdeeGClXuXGxEaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMjhBQ0QzNkM1RTExMUVGODFGREQ2Njg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJtMA0GCSqGSIb3DQEB
CwUAA4IBAQA2tpGCE3WZGfhtQAa3oR0IrE83q4nylzumMAo0PWeJqZ+hKRqpRUWZ
FL3v3RVngz+Y3pXYin4k5wU+1i2xiZJQvhqmwbr+UY21Dv5ldgkxyz7xkTQpXStl
cAfmCV6/Q7mD5LDnhfs4fS25GUhkX4EPCoSeGQzYzKaGNxT94SoFWUafiAE23jCo
NENFnrFB5mIJkNV1dK9wJAS/FYEJaVUB0nsB9DWoaWF2dTX/SF7ad8fi54e4bKTS
PGOaqtvxxeRZLi5gSedNCnUVYWTL9GIhY0LSr5qqvHN0ktv8AQQCKBZgTNDecL27
GTBa6Sh2HOIIG4s+0lM4ylJBrbnjXL52
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:39:22 2025 by rpki-client