Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E528C798AD5211EFA224F582762E951A.roa
File: E528C798AD5211EFA224F582762E951A.roa (raw, json)
Hash identifier: 8DE7InE3S7Ssk5mhokyeeJLWZbNpLcm2m8e6E1tc+0E=
Subject key identifier: B2:BA:D7:07:B3:E6:56:6E:D3:C1:8E:A7:7D:4B:52:86:27:1F:F1:87
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0114D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E528C798AD5211EFA224F582762E951A.roa
Signing time: Thu 28 Nov 2024 06:35:02 +0000
ROA not before: Thu 28 Nov 2024 06:34:58 +0000
ROA not after: Sun 30 Nov 2025 06:34:58 +0000
asID: 37517
IP address blocks: 154.203.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70867 (0x114d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 28 06:34:58 2024 GMT
Not After : Nov 30 06:34:58 2025 GMT
Subject: CN=67480f15-eebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:98:ba:8f:dc:ef:8e:73:d9:a7:7c:dd:85:8f:
47:b9:61:b1:95:ec:8d:e6:8b:ed:1d:09:04:b7:70:
57:7c:15:9c:88:9d:2d:74:e9:93:6e:89:4e:9f:14:
7a:66:78:83:42:88:f6:ba:25:c1:37:8e:c4:34:97:
d6:88:87:fb:07:2c:7f:b0:5e:a2:ff:fd:cf:20:84:
40:2a:f3:1a:07:82:d0:77:9c:90:21:b9:85:ac:dd:
84:96:8d:6d:4c:d3:93:96:03:35:78:69:32:58:20:
4b:15:08:05:95:e2:54:e5:22:5e:50:0b:41:5d:71:
b7:90:85:76:3b:6e:a7:c3:f5:68:bc:58:be:1e:74:
62:f8:7e:fb:00:92:fb:22:c0:b0:43:0f:58:48:ef:
87:5e:38:92:a9:ab:7c:0e:06:59:d0:81:61:60:a7:
63:89:7a:e4:f6:5f:f6:4b:7c:68:55:b4:1a:75:8c:
51:01:19:44:4e:09:b8:7c:b6:54:f9:b0:92:97:2c:
95:68:e5:e5:5b:7a:7e:5d:40:22:8a:12:71:c1:19:
7c:32:77:bf:44:5f:71:3e:46:08:cc:83:9b:fb:30:
9a:df:d9:ed:60:8c:cf:9d:4c:36:af:bc:9a:a2:69:
70:91:91:f4:87:c0:37:0c:8b:1e:ed:c8:ce:c7:cc:
34:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:BA:D7:07:B3:E6:56:6E:D3:C1:8E:A7:7D:4B:52:86:27:1F:F1:87
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E528C798AD5211EFA224F582762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.232.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:51:52:93:dd:fd:74:7c:5e:f5:0a:d4:cc:2b:de:ce:65:fe:
a3:72:6e:fb:77:df:e1:0f:28:ff:75:8a:70:fb:2b:8d:77:d1:
14:fd:9f:24:60:cc:4e:81:8e:23:b2:2a:4a:06:c9:31:87:83:
9c:d8:e1:80:62:74:ac:31:da:7a:3d:d8:02:f9:92:01:d3:eb:
d8:77:ca:a6:50:56:61:db:f3:4e:8b:5b:0d:c1:1c:59:5b:c0:
56:e0:c3:6e:ed:dc:d0:31:a2:f5:cc:99:c2:b2:93:fa:8b:cf:
1f:1d:f3:ec:e1:5f:2e:fd:cd:a9:4f:7b:cd:6f:89:70:f0:61:
bb:90:b2:cf:94:97:e5:f7:6f:7e:dc:e1:a9:9c:4a:47:d4:75:
db:06:31:17:da:1e:22:77:08:2b:ee:23:3a:74:26:f5:0c:8c:
76:2b:b2:bc:ba:c7:dd:00:6b:c2:34:65:3f:0f:bb:5e:49:25:
d7:24:46:b5:71:2b:f7:6d:4e:80:40:d8:03:df:1f:42:ef:f6:
cb:ff:b5:87:27:82:43:96:63:53:f3:9b:b1:8e:f3:bd:2c:f7:
f5:92:03:6d:8e:b0:d3:2c:be:db:8f:ec:a7:bd:2b:34:b1:87:
1b:78:09:85:07:a1:48:60:c8:30:5e:ba:83:b3:8e:65:ba:00:
0a:52:d3:47
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARTTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTI4MDYzNDU4WhcNMjUxMTMwMDYzNDU4WjAYMRYw
FAYDVQQDEw02NzQ4MGYxNS1lZWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnZi6j9zvjnPZp3zdhY9HuWGxleyN5ovtHQkEt3BXfBWciJ0tdOmTbolO
nxR6ZniDQoj2uiXBN47ENJfWiIf7Byx/sF6i//3PIIRAKvMaB4LQd5yQIbmFrN2E
lo1tTNOTlgM1eGkyWCBLFQgFleJU5SJeUAtBXXG3kIV2O26nw/VovFi+HnRi+H77
AJL7IsCwQw9YSO+HXjiSqat8DgZZ0IFhYKdjiXrk9l/2S3xoVbQadYxRARlETgm4
fLZU+bCSlyyVaOXlW3p+XUAiihJxwRl8Mne/RF9xPkYIzIOb+zCa39ntYIzPnUw2
r7yaomlwkZH0h8A3DIse7cjOx8w0vwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLK6
1wez5lZu08GOp31LUoYnH/GHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNTI4Qzc5OEFENTIxMUVGQTIyNEY1ODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsvoMA0GCSqGSIb3DQEB
CwUAA4IBAQCbUVKT3f10fF71CtTMK97OZf6jcm77d9/hDyj/dYpw+yuNd9EU/Z8k
YMxOgY4jsipKBskxh4Oc2OGAYnSsMdp6PdgC+ZIB0+vYd8qmUFZh2/NOi1sNwRxZ
W8BW4MNu7dzQMaL1zJnCspP6i88fHfPs4V8u/c2pT3vNb4lw8GG7kLLPlJfl929+
3OGpnEpH1HXbBjEX2h4idwgr7iM6dCb1DIx2K7K8usfdAGvCNGU/D7teSSXXJEa1
cSv3bU6AQNgD3x9C7/bL/7WHJ4JDlmNT85uxjvO9LPf1kgNtjrDTLL7bj+ynvSs0
sYcbeAmFB6FIYMgwXrqDs45lugAKUtNH
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:45 2025 by rpki-client