Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E55F165AC37C11EFA4553FB4762E951A.roa
File: E55F165AC37C11EFA4553FB4762E951A.roa (raw, json)
Hash identifier: emPgYYJh6OaWTt7gx+qWJ0uRgA8t68ja9QIKVrfGI1o=
Subject key identifier: 15:98:AE:98:75:6D:EB:57:21:CA:D2:2F:25:D2:1F:F4:C3:B9:DD:03
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012734
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E55F165AC37C11EFA4553FB4762E951A.roa
Signing time: Thu 26 Dec 2024 11:31:06 +0000
ROA not before: Thu 26 Dec 2024 11:31:03 +0000
ROA not after: Sun 12 Dec 2027 11:31:03 +0000
asID: 17561
IP address blocks: 154.94.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75572 (0x12734)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 11:31:03 2024 GMT
Not After : Dec 12 11:31:03 2027 GMT
Subject: CN=676d3e7a-5a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:71:f9:da:f6:cb:9a:0a:d7:63:47:29:32:0f:
aa:c9:9e:17:7f:1e:9b:3a:6c:fc:80:f0:d0:a6:b4:
a1:40:e0:89:9f:12:9f:1a:36:a8:bc:87:5b:2b:89:
28:88:2e:a3:aa:50:24:db:89:de:b3:3c:f1:64:ae:
c9:03:d9:97:2b:23:09:f4:30:65:d5:a5:52:49:10:
d5:8d:89:9f:0e:ce:31:70:03:e3:31:20:4c:ca:da:
b2:5c:0d:b1:5b:8d:b9:71:30:2a:1e:81:47:ba:ca:
2b:40:7c:d4:6a:07:e3:c8:22:59:00:26:31:b5:9b:
67:c2:83:6c:07:38:de:f3:93:46:88:8d:4b:09:8c:
cd:99:c6:df:36:70:7a:b9:de:36:6d:22:11:67:2e:
1a:53:55:96:32:3f:43:67:c6:01:ed:c9:2a:21:01:
16:55:fa:7d:96:fc:e3:df:2b:20:b6:7a:93:4f:25:
7a:9e:d4:0a:44:28:6a:de:a2:4f:61:a5:7c:f8:2a:
3c:38:5a:b3:a9:6f:65:fb:93:a8:7d:c1:a5:a9:b9:
b2:61:db:02:88:cc:53:b6:09:bf:5a:e1:87:1b:bb:
86:74:63:11:2c:70:f4:1b:19:d3:d5:9c:94:07:ea:
36:d0:1a:99:2f:e2:e4:43:c4:b6:5f:36:ef:24:12:
22:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:98:AE:98:75:6D:EB:57:21:CA:D2:2F:25:D2:1F:F4:C3:B9:DD:03
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E55F165AC37C11EFA4553FB4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.177.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:35:14:48:73:5a:48:49:c3:ec:3b:58:04:d6:fb:1b:d7:37:
fc:1d:77:29:8a:c3:80:9a:a6:8f:12:94:41:12:9c:5e:66:99:
43:6e:f0:b3:3d:ea:c0:a3:c7:81:af:f0:41:01:67:22:45:40:
33:53:e9:09:57:6f:14:35:f8:ae:b1:e6:f3:f0:e7:83:f0:3a:
fd:37:7a:75:6d:71:1b:6f:da:1f:ae:6a:d8:89:ad:73:c5:c2:
71:4b:86:1c:b4:ea:9a:e1:18:86:ec:c2:5e:ff:0b:f4:c0:10:
4f:7d:c3:bf:4f:f3:fc:69:b4:9b:8a:80:e7:75:95:8b:35:cf:
a2:d7:bb:4d:c3:79:49:81:ba:50:5e:fb:75:96:7c:29:af:4e:
3d:87:09:56:ac:ea:35:39:b9:8e:92:68:5e:7a:69:d1:5b:63:
8c:b8:44:d2:3c:89:11:56:2f:be:9a:96:f6:a6:95:dd:b5:48:
23:0b:61:69:f6:2c:f7:21:33:4a:44:f1:77:20:a3:05:fe:2c:
bc:50:55:2c:fb:41:a7:35:e2:b0:80:de:b7:01:18:9c:cb:f3:
61:08:8e:0b:4a:70:58:8c:2f:20:6f:fb:3d:14:78:f4:4b:0f:
1a:c4:f0:24:a9:12:ca:ec:60:2d:49:8a:f7:f5:67:b4:42:07:
d9:95:93:ea
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASc0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTEzMTAzWhcNMjcxMjEyMTEzMTAzWjAYMRYw
FAYDVQQDEw02NzZkM2U3YS01YTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0XH52vbLmgrXY0cpMg+qyZ4Xfx6bOmz8gPDQprShQOCJnxKfGjaovIdb
K4koiC6jqlAk24neszzxZK7JA9mXKyMJ9DBl1aVSSRDVjYmfDs4xcAPjMSBMytqy
XA2xW425cTAqHoFHusorQHzUagfjyCJZACYxtZtnwoNsBzje85NGiI1LCYzNmcbf
NnB6ud42bSIRZy4aU1WWMj9DZ8YB7ckqIQEWVfp9lvzj3ysgtnqTTyV6ntQKRChq
3qJPYaV8+Co8OFqzqW9l+5OofcGlqbmyYdsCiMxTtgm/WuGHG7uGdGMRLHD0GxnT
1ZyUB+o20BqZL+LkQ8S2XzbvJBIiEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBWY
rph1betXIcrSLyXSH/TDud0DMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNTVGMTY1QUMzN0MxMUVGQTQ1NTNGQjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml6xMA0GCSqGSIb3DQEB
CwUAA4IBAQBPNRRIc1pIScPsO1gE1vsb1zf8HXcpisOAmqaPEpRBEpxeZplDbvCz
PerAo8eBr/BBAWciRUAzU+kJV28UNfiusebz8OeD8Dr9N3p1bXEbb9ofrmrYia1z
xcJxS4YctOqa4RiG7MJe/wv0wBBPfcO/T/P8abSbioDndZWLNc+i17tNw3lJgbpQ
Xvt1lnwpr049hwlWrOo1ObmOkmheemnRW2OMuETSPIkRVi++mpb2ppXdtUgjC2Fp
9iz3ITNKRPF3IKMF/iy8UFUs+0GnNeKwgN63ARicy/NhCI4LSnBYjC8gb/s9FHj0
Sw8axPAkqRLK7GAtSYr39We0QgfZlZPq
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:38 2025 by rpki-client