Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3E932AEC25711EFA987FA5F762E951A.roa
File: E3E932AEC25711EFA987FA5F762E951A.roa (raw, json)
Hash identifier: 11NI/0gjf3mxnCJjCgWzh1D5BXZ7/8km2ZxN/Bw/75I=
Subject key identifier: EF:89:6B:EE:07:77:12:76:13:99:AE:C1:CF:26:56:35:AE:2F:64:E5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012347
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3E932AEC25711EFA987FA5F762E951A.roa
Signing time: Wed 25 Dec 2024 00:33:42 +0000
ROA not before: Wed 25 Dec 2024 00:00:37 +0000
ROA not after: Wed 10 Dec 2025 00:00:37 +0000
asID: 984
IP address blocks: 154.199.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74567 (0x12347)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 00:00:37 2024 GMT
Not After : Dec 10 00:00:37 2025 GMT
Subject: CN=676b52e5-ffc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:80:8b:9f:95:67:56:18:fb:07:da:57:99:ff:
23:22:83:23:fe:83:2d:31:bb:a2:9d:ca:b3:7e:68:
7d:78:b7:f1:2d:c7:5a:fd:18:e2:df:ce:15:f9:40:
ce:9b:fe:4c:3c:69:e5:1b:be:e7:5d:74:e6:0a:5b:
bf:07:6a:db:17:de:5a:b4:dd:7c:68:f9:78:26:35:
4b:90:9a:29:0f:06:27:7d:35:5a:e7:2d:41:57:29:
f7:75:c3:e0:b3:dc:e5:7c:1a:a9:f3:cd:fe:46:b6:
8a:1e:a7:8d:8f:90:3f:a8:43:c5:f8:a7:ba:49:b5:
87:4c:b8:39:b5:0a:00:96:86:2c:66:b8:1b:88:34:
63:c8:22:f3:2a:40:ca:8f:ec:c5:a8:4b:0b:1d:c1:
6e:45:7e:8c:04:f5:81:f7:d0:3b:53:16:f0:3f:c2:
c4:2d:7e:ce:ee:4d:33:fa:5c:58:0f:47:cf:ab:81:
4c:34:da:f0:4b:d8:52:be:ab:da:42:c2:ff:5e:e3:
f2:49:df:df:ae:f8:8c:64:1a:da:b6:e7:87:ad:00:
68:4b:86:81:b3:14:8d:c7:dd:0e:41:65:38:da:2d:
5b:1c:54:1e:49:52:46:7b:3c:5f:08:b2:1a:6f:ac:
9c:b2:10:ac:b2:99:67:a9:ba:8c:36:3b:51:51:39:
11:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:89:6B:EE:07:77:12:76:13:99:AE:C1:CF:26:56:35:AE:2F:64:E5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3E932AEC25711EFA987FA5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.49.0/24
Signature Algorithm: sha256WithRSAEncryption
20:45:1f:1a:df:0e:7c:7c:76:6f:3a:38:d9:53:98:47:b5:85:
ca:10:12:97:27:11:10:3f:76:1a:62:6a:57:19:6e:f0:e9:c7:
20:08:ea:cc:11:e0:d7:49:06:b5:35:a4:fe:df:4e:15:84:9d:
67:41:dd:8b:45:0f:23:50:f9:1f:4b:82:fc:c9:c3:8a:2f:c5:
f5:04:d5:09:f2:68:0f:71:37:a8:c7:99:ae:9c:f8:9f:9a:f3:
69:04:a4:28:7e:20:93:78:65:92:fe:9b:ab:e9:78:9e:95:1b:
cc:b7:85:cd:cb:a7:81:46:91:0f:57:65:2e:58:fc:08:1e:a2:
93:63:0a:5f:8a:54:74:1e:38:ab:62:2d:17:45:54:b9:a1:b7:
04:c6:c2:c0:9a:e5:0f:1b:f7:2d:c5:db:20:b5:0d:04:6e:f8:
1a:72:39:ac:f8:39:02:63:af:79:43:47:06:eb:87:68:5d:0b:
b5:fb:db:1b:af:ea:d8:94:84:5d:c7:87:a5:17:9d:cd:2d:58:
76:f7:bc:e7:32:60:c8:cd:1e:02:bf:12:f5:60:86:0c:76:d4:
9f:22:4c:61:f8:5a:76:8f:9e:57:0f:f0:26:1d:1c:01:3b:7b:
2e:9a:c0:81:e8:eb:20:e8:83:04:0e:b7:31:b2:9a:1c:61:78:
d5:e3:78:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASNHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDAwMDM3WhcNMjUxMjEwMDAwMDM3WjAYMRYw
FAYDVQQDEw02NzZiNTJlNS1mZmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArYCLn5VnVhj7B9pXmf8jIoMj/oMtMbuincqzfmh9eLfxLcda/Rji384V
+UDOm/5MPGnlG77nXXTmClu/B2rbF95atN18aPl4JjVLkJopDwYnfTVa5y1BVyn3
dcPgs9zlfBqp883+RraKHqeNj5A/qEPF+Ke6SbWHTLg5tQoAloYsZrgbiDRjyCLz
KkDKj+zFqEsLHcFuRX6MBPWB99A7UxbwP8LELX7O7k0z+lxYD0fPq4FMNNrwS9hS
vqvaQsL/XuPySd/frviMZBratueHrQBoS4aBsxSNx90OQWU42i1bHFQeSVJGezxf
CLIab6ycshCssplnqbqMNjtRUTkRFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO+J
a+4HdxJ2E5muwc8mVjWuL2TlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FM0U5MzJBRUMyNTcxMUVGQTk4N0ZBNUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscxMA0GCSqGSIb3DQEB
CwUAA4IBAQAgRR8a3w58fHZvOjjZU5hHtYXKEBKXJxEQP3YaYmpXGW7w6ccgCOrM
EeDXSQa1NaT+304VhJ1nQd2LRQ8jUPkfS4L8ycOKL8X1BNUJ8mgPcTeox5munPif
mvNpBKQofiCTeGWS/pur6XielRvMt4XNy6eBRpEPV2UuWPwIHqKTYwpfilR0Hjir
Yi0XRVS5obcExsLAmuUPG/ctxdsgtQ0Ebvgacjms+DkCY695Q0cG64doXQu1+9sb
r+rYlIRdx4elF53NLVh297znMmDIzR4CvxL1YIYMdtSfIkxh+Fp2j55XD/AmHRwB
O3sumsCB6Osg6IMEDrcxspocYXjV43jo
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:40 2025 by rpki-client