Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA5E27A0C63711EFBEE82984762E951A.roa
File: EA5E27A0C63711EFBEE82984762E951A.roa (raw, json)
Hash identifier: 9ni9d+u05/g3k+oJIgW824fBkegiROEW0T5p1T4/oxI=
Subject key identifier: 82:12:45:C2:04:F4:D0:65:26:CA:16:63:16:EC:E7:B6:C4:7A:75:21
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01302B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA5E27A0C63711EFBEE82984762E951A.roa
Signing time: Sun 29 Dec 2024 22:54:53 +0000
ROA not before: Sun 29 Dec 2024 22:54:49 +0000
ROA not after: Sun 12 Dec 2027 22:54:49 +0000
asID: 17561
IP address blocks: 154.217.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77867 (0x1302b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 22:54:49 2024 GMT
Not After : Dec 12 22:54:49 2027 GMT
Subject: CN=6771d33d-b131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9d:56:14:b5:84:fa:b2:9b:3c:12:65:0c:ea:
21:ae:f9:62:76:a2:a0:07:4c:c1:a4:0d:73:f2:3e:
a6:ee:3f:c7:f2:75:a6:77:e5:b5:78:8e:ed:de:96:
fb:39:6b:4d:c6:9a:9b:b8:d2:4d:05:b6:a1:e8:18:
57:ae:7a:8a:b3:b3:21:ae:a9:e6:87:b4:a2:9e:c7:
0a:f2:47:3d:95:de:be:f9:1e:ab:96:f5:34:c2:7b:
33:88:b7:db:1d:17:85:b4:a8:e6:88:8c:7b:71:10:
f7:4c:f5:29:c4:49:38:06:04:f9:bb:55:32:34:e9:
6e:c1:7b:e1:c3:3f:d6:db:00:a0:d0:1b:ab:f2:8e:
5a:c8:8f:6e:61:98:b4:38:bc:c7:1d:cf:8f:c6:50:
b4:b0:7b:a3:be:7f:97:da:9b:92:f6:df:c2:34:1c:
d4:f3:06:29:92:97:32:df:56:55:3a:36:21:b3:1b:
f6:a4:14:f1:d1:e4:a2:ac:8d:de:6a:e5:f2:be:ce:
44:2b:43:29:e1:3d:11:55:d2:af:22:1f:b9:c4:eb:
49:b0:63:98:bf:2d:8a:05:90:61:da:49:96:a0:2c:
3f:85:41:31:1e:76:9b:7e:c8:4e:f7:cc:0e:20:8d:
55:57:08:67:4f:21:2a:26:68:fc:6c:27:0f:54:d4:
9e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:12:45:C2:04:F4:D0:65:26:CA:16:63:16:EC:E7:B6:C4:7A:75:21
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA5E27A0C63711EFBEE82984762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.249.0/24
Signature Algorithm: sha256WithRSAEncryption
08:0c:96:82:a1:0f:6a:00:5e:ee:ae:29:d3:35:76:3c:96:ad:
65:7e:fc:be:d7:6d:a1:71:87:23:f5:56:8a:7f:4a:cf:c8:4c:
bb:eb:76:9d:34:39:8f:ef:75:1e:a0:8f:ec:e9:f9:3a:73:31:
21:f7:05:35:6b:dc:a8:87:ef:41:b0:8d:a0:ca:d9:52:85:ea:
47:8e:ba:a8:d5:05:c0:8f:77:d8:41:ec:d5:13:1b:71:e5:d7:
8d:ea:40:24:ff:22:e0:a6:d4:07:b8:95:e3:41:dc:71:70:6b:
c0:38:a6:b4:29:ae:e4:8c:42:bf:42:02:d8:a4:aa:05:57:d3:
d4:c2:1b:3b:0d:1c:25:4f:06:14:a4:d4:72:64:cc:69:6a:d0:
01:49:35:1e:71:69:2b:1b:e9:51:a3:87:6d:2e:a7:94:83:da:
10:b2:b4:dd:de:09:c4:15:b1:ac:01:b1:6e:19:32:0a:49:89:
0e:a7:cc:04:87:db:58:57:11:cf:a2:ca:b9:54:bf:15:d0:b3:
f5:37:a0:2a:1b:c3:61:f5:b6:4f:ec:24:65:48:a1:e7:6d:fc:
f8:35:9d:7e:e4:fb:ad:12:80:66:bc:da:fb:4f:32:f8:4c:4b:
54:f2:fc:8e:c4:c6:89:eb:a0:15:47:31:ef:77:61:3a:f7:42:
65:15:42:39
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATArMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjI1NDQ5WhcNMjcxMjEyMjI1NDQ5WjAYMRYw
FAYDVQQDEw02NzcxZDMzZC1iMTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0J1WFLWE+rKbPBJlDOohrvlidqKgB0zBpA1z8j6m7j/H8nWmd+W1eI7t
3pb7OWtNxpqbuNJNBbah6BhXrnqKs7Mhrqnmh7SinscK8kc9ld6++R6rlvU0wnsz
iLfbHReFtKjmiIx7cRD3TPUpxEk4BgT5u1UyNOluwXvhwz/W2wCg0Bur8o5ayI9u
YZi0OLzHHc+PxlC0sHujvn+X2puS9t/CNBzU8wYpkpcy31ZVOjYhsxv2pBTx0eSi
rI3eauXyvs5EK0Mp4T0RVdKvIh+5xOtJsGOYvy2KBZBh2kmWoCw/hUExHnabfshO
98wOII1VVwhnTyEqJmj8bCcPVNSeIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIIS
RcIE9NBlJsoWYxbs57bEenUhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQTVFMjdBMEM2MzcxMUVGQkVFODI5ODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtn5MA0GCSqGSIb3DQEB
CwUAA4IBAQAIDJaCoQ9qAF7urinTNXY8lq1lfvy+122hcYcj9VaKf0rPyEy763ad
NDmP73UeoI/s6fk6czEh9wU1a9yoh+9BsI2gytlShepHjrqo1QXAj3fYQezVExtx
5deN6kAk/yLgptQHuJXjQdxxcGvAOKa0Ka7kjEK/QgLYpKoFV9PUwhs7DRwlTwYU
pNRyZMxpatABSTUecWkrG+lRo4dtLqeUg9oQsrTd3gnEFbGsAbFuGTIKSYkOp8wE
h9tYVxHPosq5VL8V0LP1N6AqG8Nh9bZP7CRlSKHnbfz4NZ1+5PutEoBmvNr7TzL4
TEtU8vyOxMaJ66AVRzHvd2E690JlFUI5
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:25:22 2025 by rpki-client