Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB197BD2C1DB11EF93C16C4E762E951A.roa
File: EB197BD2C1DB11EF93C16C4E762E951A.roa (raw, json)
Hash identifier: YCJt4jO5Go3iqPV5sA/n4wYidnGiVMUY6xMJFBq7YD4=
Subject key identifier: BE:E6:74:6E:B7:8D:AD:A0:41:36:DD:D4:CE:F5:5B:34:DC:77:40:E9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01230B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB197BD2C1DB11EF93C16C4E762E951A.roa
Signing time: Tue 24 Dec 2024 09:46:16 +0000
ROA not before: Tue 24 Dec 2024 09:46:12 +0000
ROA not after: Wed 10 Dec 2025 09:46:12 +0000
asID: 984
IP address blocks: 154.194.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74507 (0x1230b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 09:46:12 2024 GMT
Not After : Dec 10 09:46:12 2025 GMT
Subject: CN=676a82e8-4120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:28:68:7f:d8:30:af:49:49:2e:75:60:20:3a:
80:63:6c:f8:b8:9e:30:fd:01:a5:f0:49:1f:8a:37:
08:4b:d6:ac:6b:4f:75:47:51:1e:c6:e9:ec:f0:00:
84:71:16:39:20:20:f4:f2:f1:d3:0d:5d:42:e9:96:
1b:bd:da:e3:47:54:52:00:5e:76:e2:03:76:65:7f:
72:4c:af:f7:00:80:c9:71:4a:4e:c2:04:00:67:ee:
74:a2:71:2f:a8:6b:11:c5:66:c0:2a:d8:3e:96:6e:
3a:22:a1:1c:8d:a4:41:cf:eb:3d:d0:83:df:36:7c:
a7:36:db:12:c2:82:ad:b8:43:8d:ea:c4:93:fa:31:
0f:4d:a7:d1:ee:fb:63:45:4c:09:f1:d4:d1:19:51:
be:42:fb:b7:09:fc:8f:36:19:76:21:52:3f:fc:66:
33:88:39:94:24:a6:14:ca:17:c5:53:c1:79:c3:70:
05:b7:03:be:f8:9b:46:35:90:38:75:84:fa:ea:ba:
2f:18:a4:c5:78:73:d9:90:3d:9e:0e:a8:6f:49:05:
7f:9a:be:c3:46:08:2a:5c:26:30:48:db:3e:68:a1:
a3:65:68:50:38:23:8e:a7:95:e4:a0:74:33:69:cc:
c6:78:c2:5a:41:ee:7f:32:5a:26:ad:4b:fa:7d:36:
43:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E6:74:6E:B7:8D:AD:A0:41:36:DD:D4:CE:F5:5B:34:DC:77:40:E9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB197BD2C1DB11EF93C16C4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.250.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:58:4e:da:77:8f:11:71:60:9c:fa:fc:37:ba:73:a7:3a:a0:
90:f2:1f:08:4f:7a:ba:76:99:06:89:e9:40:14:0a:ea:cd:8d:
ea:8b:0b:e8:65:cd:79:78:d6:9c:98:49:6d:8f:96:97:f1:65:
1f:c1:b6:0a:b0:1a:e6:e8:a1:2d:33:f1:94:aa:3b:56:bc:66:
d2:39:42:b6:0e:a3:13:dc:58:e4:04:33:46:16:c7:60:ef:18:
d7:a7:37:8b:51:e3:0a:46:00:ff:90:8d:43:ad:2f:dc:42:09:
aa:98:24:8c:6e:c1:10:c1:ed:af:2c:a2:7a:86:84:7d:d6:98:
01:2a:ff:1e:6e:10:3d:b1:63:0d:3c:17:b2:51:36:76:3a:14:
68:0c:09:72:71:4c:e8:f3:db:c3:f8:7a:27:fd:f7:9b:8d:d4:
ff:90:ae:db:4f:7d:d4:05:02:ef:63:5d:30:3d:5c:1e:aa:6a:
19:65:82:96:71:32:a8:67:df:ee:3c:08:ad:9a:cb:04:0e:a3:
57:f6:b4:73:0d:c6:67:02:b5:a9:01:b8:c7:c5:b7:bf:cf:66:
8a:6c:67:64:62:46:a1:c8:0b:58:1c:f8:46:b7:01:09:8c:ba:
d4:52:06:47:cf:77:5c:1c:e5:53:d9:03:d3:da:00:9b:6c:8e:
05:4b:e0:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASMLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDk0NjEyWhcNMjUxMjEwMDk0NjEyWjAYMRYw
FAYDVQQDEw02NzZhODJlOC00MTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArChof9gwr0lJLnVgIDqAY2z4uJ4w/QGl8EkfijcIS9asa091R1Eexuns
8ACEcRY5ICD08vHTDV1C6ZYbvdrjR1RSAF524gN2ZX9yTK/3AIDJcUpOwgQAZ+50
onEvqGsRxWbAKtg+lm46IqEcjaRBz+s90IPfNnynNtsSwoKtuEON6sST+jEPTafR
7vtjRUwJ8dTRGVG+Qvu3CfyPNhl2IVI//GYziDmUJKYUyhfFU8F5w3AFtwO++JtG
NZA4dYT66rovGKTFeHPZkD2eDqhvSQV/mr7DRggqXCYwSNs+aKGjZWhQOCOOp5Xk
oHQzaczGeMJaQe5/MlomrUv6fTZD6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL7m
dG63ja2gQTbd1M71WzTcd0DpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQjE5N0JEMkMxREIxMUVGOTNDMTZDNEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsL6MA0GCSqGSIb3DQEB
CwUAA4IBAQDEWE7ad48RcWCc+vw3unOnOqCQ8h8IT3q6dpkGielAFArqzY3qiwvo
Zc15eNacmEltj5aX8WUfwbYKsBrm6KEtM/GUqjtWvGbSOUK2DqMT3FjkBDNGFsdg
7xjXpzeLUeMKRgD/kI1DrS/cQgmqmCSMbsEQwe2vLKJ6hoR91pgBKv8ebhA9sWMN
PBeyUTZ2OhRoDAlycUzo89vD+Hon/febjdT/kK7bT33UBQLvY10wPVweqmoZZYKW
cTKoZ9/uPAitmssEDqNX9rRzDcZnArWpAbjHxbe/z2aKbGdkYkahyAtYHPhGtwEJ
jLrUUgZHz3dcHOVT2QPT2gCbbI4FS+Cr
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:58 2025 by rpki-client