Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC38CEF0C5F511EF9945E665762E951A.roa
File: EC38CEF0C5F511EF9945E665762E951A.roa (raw, json)
Hash identifier: nlXE8rsGAbdTrnbLvw+LqPeNtBlH2e1YgCZCewjBec0=
Subject key identifier: B3:06:ED:F5:3A:AF:8C:70:EA:CF:B1:CA:76:B3:8A:71:EA:F7:83:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E00
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC38CEF0C5F511EF9945E665762E951A.roa
Signing time: Sun 29 Dec 2024 15:02:29 +0000
ROA not before: Sun 29 Dec 2024 15:02:26 +0000
ROA not after: Sun 12 Dec 2027 15:02:26 +0000
asID: 17561
IP address blocks: 154.213.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77312 (0x12e00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 15:02:26 2024 GMT
Not After : Dec 12 15:02:26 2027 GMT
Subject: CN=67716485-689f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:42:a7:51:47:fb:77:b7:d3:a8:23:f5:aa:98:
55:0a:92:59:57:d1:21:19:e6:ae:69:c0:a0:26:68:
25:c3:79:2c:de:c5:eb:66:c0:4b:de:79:ac:1a:b2:
d6:5c:3c:c2:e7:f8:a5:cd:4f:45:b9:c7:6a:65:3c:
7f:d7:6c:1d:30:ef:9a:be:e5:fe:53:b2:83:b7:82:
56:af:0c:fe:90:08:b7:01:2c:49:35:0b:7b:82:53:
84:cb:0f:2d:96:ab:14:db:77:20:d7:7e:02:7b:23:
e6:9f:61:72:93:ee:0b:7e:55:10:ae:e6:c1:e0:0c:
7f:0c:de:8c:f2:fb:a3:32:a5:5e:7a:d9:6b:50:71:
9e:35:6e:41:fc:09:b6:e6:fb:12:27:d1:fc:cd:30:
3a:f5:f6:88:59:a4:c2:55:18:2c:74:d3:72:56:74:
0b:43:9a:52:6f:0d:72:f5:ea:37:f3:e9:ad:a3:af:
58:61:8e:d9:fc:e8:aa:cc:d7:07:91:d0:26:1e:1d:
31:cc:c8:07:5f:82:e3:77:35:53:cf:67:a3:17:e3:
79:5a:e7:b3:0e:7e:34:bd:7b:b0:9f:ed:96:94:b7:
9d:38:24:c0:21:68:9e:87:00:96:40:6a:07:e9:14:
4a:ce:52:84:c6:25:4b:f7:08:fe:8c:bf:5f:6f:a9:
c3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:06:ED:F5:3A:AF:8C:70:EA:CF:B1:CA:76:B3:8A:71:EA:F7:83:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC38CEF0C5F511EF9945E665762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.206.0/24
Signature Algorithm: sha256WithRSAEncryption
57:29:1a:e2:5d:40:10:b2:1e:4c:23:dd:39:91:7a:96:9c:50:
7c:2a:fb:88:e4:13:97:f2:35:8d:37:5c:1c:98:4a:0a:f0:be:
9e:ad:db:ad:89:c1:3c:32:e1:7a:c3:6d:3e:e0:9f:97:d4:80:
c5:31:d2:02:d9:59:d9:db:2f:b6:37:10:bc:c4:3a:be:c9:29:
43:33:e2:f6:8a:8f:0c:2d:43:f1:4d:ef:7e:e4:71:40:e3:a7:
5c:da:b0:03:e2:ff:7e:80:b5:16:80:af:a3:2d:e0:0b:8a:f3:
61:82:57:14:79:73:6b:30:c1:13:8f:dc:d5:42:20:08:fb:d8:
bd:bb:29:be:87:3a:42:e8:17:b2:f2:00:c9:e0:ae:c6:fb:60:
45:51:1b:9e:97:95:1c:f5:55:f5:ef:47:ff:19:47:24:e0:e8:
f2:03:a5:8a:61:bb:27:92:47:ff:59:97:a0:11:c6:81:7b:36:
7c:85:d5:2a:f1:92:8e:90:0b:cf:d1:bd:14:52:75:26:fa:03:
20:f5:55:b9:a5:72:71:59:9b:a4:60:43:34:98:cd:e7:91:fa:
25:14:2a:5d:eb:9e:90:76:18:6a:70:e4:3a:ca:79:67:bb:85:
67:16:84:df:b1:d2:b5:5b:bc:43:fb:ed:26:7e:56:84:f5:a8:
9a:bd:49:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS4AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTUwMjI2WhcNMjcxMjEyMTUwMjI2WjAYMRYw
FAYDVQQDEw02NzcxNjQ4NS02ODlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs0KnUUf7d7fTqCP1qphVCpJZV9EhGeauacCgJmglw3ks3sXrZsBL3nms
GrLWXDzC5/ilzU9FucdqZTx/12wdMO+avuX+U7KDt4JWrwz+kAi3ASxJNQt7glOE
yw8tlqsU23cg134CeyPmn2Fyk+4LflUQrubB4Ax/DN6M8vujMqVeetlrUHGeNW5B
/Am25vsSJ9H8zTA69faIWaTCVRgsdNNyVnQLQ5pSbw1y9eo38+mto69YYY7Z/Oiq
zNcHkdAmHh0xzMgHX4LjdzVTz2ejF+N5WuezDn40vXuwn+2WlLedOCTAIWiehwCW
QGoH6RRKzlKExiVL9wj+jL9fb6nD1wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLMG
7fU6r4xw6s+xynazinHq94NLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQzM4Q0VGMEM1RjUxMUVGOTk0NUU2NjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtXOMA0GCSqGSIb3DQEB
CwUAA4IBAQBXKRriXUAQsh5MI905kXqWnFB8KvuI5BOX8jWNN1wcmEoK8L6erdut
icE8MuF6w20+4J+X1IDFMdIC2VnZ2y+2NxC8xDq+ySlDM+L2io8MLUPxTe9+5HFA
46dc2rAD4v9+gLUWgK+jLeALivNhglcUeXNrMMETj9zVQiAI+9i9uym+hzpC6Bey
8gDJ4K7G+2BFURuel5Uc9VX170f/GUck4OjyA6WKYbsnkkf/WZegEcaBezZ8hdUq
8ZKOkAvP0b0UUnUm+gMg9VW5pXJxWZukYEM0mM3nkfolFCpd656QdhhqcOQ6ynln
u4VnFoTfsdK1W7xD++0mflaE9aiavUn6
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:17:09 2025 by rpki-client