Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC9A7470C93D11EF9EC48343762E951A.roa
File: EC9A7470C93D11EF9EC48343762E951A.roa (raw, json)
Hash identifier: wbG7Ej50hRs+axWuy81QEWhAdJV9F54E+K7N778ANtM=
Subject key identifier: 9E:FE:8A:87:D2:0B:C7:4F:DB:54:0D:BB:6E:2F:0E:1D:FF:90:83:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013411
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC9A7470C93D11EF9EC48343762E951A.roa
Signing time: Thu 02 Jan 2025 19:15:27 +0000
ROA not before: Thu 02 Jan 2025 19:15:23 +0000
ROA not after: Mon 13 Dec 2027 19:15:23 +0000
asID: 17561
IP address blocks: 154.223.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78865 (0x13411)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 19:15:23 2025 GMT
Not After : Dec 13 19:15:23 2027 GMT
Subject: CN=6776e5cf-3e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:21:24:99:0d:f8:81:9d:86:1a:81:0b:2b:c8:
3f:ce:e5:b0:b7:b3:73:6c:0e:15:4e:2d:f3:95:1c:
ec:3b:d1:01:a8:e1:72:c4:f7:a0:0a:56:3b:8e:8c:
bb:75:b2:4c:5a:ed:86:75:16:c2:5a:a9:30:0a:65:
30:5c:54:78:8f:0a:c8:1b:96:c8:a1:80:42:57:ff:
0e:17:04:bf:0e:b9:62:3d:99:57:bf:e7:28:e2:38:
32:f2:82:f5:30:02:9a:58:ce:b3:05:05:b2:b6:2b:
a0:a0:f9:b6:1c:a1:60:6c:7c:a3:a0:68:24:51:ba:
8d:8f:0c:fb:fb:00:e3:f3:4c:81:46:6e:9b:bf:cc:
6d:39:f2:17:69:90:4e:ad:ea:02:d5:72:51:0f:dc:
db:fb:22:22:5e:64:e4:8e:a7:75:9e:28:f2:bf:8f:
47:98:53:27:b3:68:49:98:41:80:54:ea:4e:ea:01:
9d:dd:83:81:ab:71:76:7c:a1:14:fc:93:23:88:a6:
60:a8:ac:cb:b6:5b:c3:75:3f:d5:c6:dd:02:65:c5:
bd:0e:21:df:84:b1:5b:3e:4b:43:9d:8a:ae:9e:3b:
f0:3a:63:56:7c:19:c1:90:30:a9:ef:87:f8:33:93:
c1:39:93:8c:ee:70:ff:47:bc:a4:38:ae:3c:2e:cd:
ca:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FE:8A:87:D2:0B:C7:4F:DB:54:0D:BB:6E:2F:0E:1D:FF:90:83:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC9A7470C93D11EF9EC48343762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.236.0/24
Signature Algorithm: sha256WithRSAEncryption
48:62:f3:f2:ae:63:31:16:c5:8d:f9:92:ef:05:ee:09:f5:8b:
b7:c3:ff:23:dd:6f:6d:3d:be:7c:ce:1c:ee:5f:53:db:94:8c:
b2:1a:d7:f4:dc:4f:23:47:a8:55:8c:93:ea:16:74:65:72:9c:
30:26:80:a2:10:88:2c:0f:2a:5a:c5:61:4c:9c:38:d4:aa:e0:
56:cf:e5:6e:b2:a7:33:06:85:25:39:21:3f:06:30:0d:c4:df:
da:85:21:3c:ae:f7:03:2a:86:c7:f4:bb:aa:54:5a:b6:39:6c:
11:1f:51:46:23:66:e1:c5:f0:ac:87:f2:0f:d9:71:86:76:2f:
4a:29:50:35:a1:64:88:19:d9:c9:d9:63:1c:35:88:33:8b:5d:
1f:b2:9a:6d:64:89:44:77:ae:64:32:5e:69:f7:a9:14:9f:1c:
1d:b7:6a:73:5d:2e:d3:3d:f8:8e:f4:2a:07:aa:f3:51:09:22:
44:90:fa:e6:51:21:cd:ae:9e:1b:70:6f:f1:d4:53:1f:b6:d0:
77:dd:b6:30:f5:95:d6:cf:68:5f:74:73:e8:ba:08:39:63:7e:
15:08:fb:19:66:53:fe:ba:37:a4:3d:2e:de:d6:00:03:e5:e4:
d7:85:a2:55:a1:ca:7d:bc:d8:cd:25:34:9f:34:eb:fd:49:5f:
59:f6:aa:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATQRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTkxNTIzWhcNMjcxMjEzMTkxNTIzWjAYMRYw
FAYDVQQDEw02Nzc2ZTVjZi0zZTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6yEkmQ34gZ2GGoELK8g/zuWwt7NzbA4VTi3zlRzsO9EBqOFyxPegClY7
joy7dbJMWu2GdRbCWqkwCmUwXFR4jwrIG5bIoYBCV/8OFwS/DrliPZlXv+co4jgy
8oL1MAKaWM6zBQWytiugoPm2HKFgbHyjoGgkUbqNjwz7+wDj80yBRm6bv8xtOfIX
aZBOreoC1XJRD9zb+yIiXmTkjqd1nijyv49HmFMns2hJmEGAVOpO6gGd3YOBq3F2
fKEU/JMjiKZgqKzLtlvDdT/Vxt0CZcW9DiHfhLFbPktDnYqunjvwOmNWfBnBkDCp
74f4M5PBOZOM7nD/R7ykOK48Ls3KlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ7+
iofSC8dP21QNu24vDh3/kINKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQzlBNzQ3MEM5M0QxMUVGOUVDNDgzNDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/sMA0GCSqGSIb3DQEB
CwUAA4IBAQBIYvPyrmMxFsWN+ZLvBe4J9Yu3w/8j3W9tPb58zhzuX1PblIyyGtf0
3E8jR6hVjJPqFnRlcpwwJoCiEIgsDypaxWFMnDjUquBWz+VusqczBoUlOSE/BjAN
xN/ahSE8rvcDKobH9LuqVFq2OWwRH1FGI2bhxfCsh/IP2XGGdi9KKVA1oWSIGdnJ
2WMcNYgzi10fspptZIlEd65kMl5p96kUnxwdt2pzXS7TPfiO9CoHqvNRCSJEkPrm
USHNrp4bcG/x1FMfttB33bYw9ZXWz2hfdHPougg5Y34VCPsZZlP+ujekPS7e1gAD
5eTXhaJVocp9vNjNJTSfNOv9SV9Z9qoj
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:17:12 2025 by rpki-client