Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED0A13F0C3DB11EF9331BE88762E951A.roa
File: ED0A13F0C3DB11EF9331BE88762E951A.roa (raw, json)
Hash identifier: 3Ku9B3q35TMn/aEIj1hTFz4DdFYszL0yhhOLA3GJ9SY=
Subject key identifier: A3:F3:7A:E1:38:11:61:64:10:31:96:16:E1:09:9D:8E:FA:00:63:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0128AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED0A13F0C3DB11EF9331BE88762E951A.roa
Signing time: Thu 26 Dec 2024 22:51:21 +0000
ROA not before: Thu 26 Dec 2024 22:51:18 +0000
ROA not after: Sun 12 Dec 2027 22:51:18 +0000
asID: 17561
IP address blocks: 154.86.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75950 (0x128ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 22:51:18 2024 GMT
Not After : Dec 12 22:51:18 2027 GMT
Subject: CN=676ddde9-754e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:67:58:7e:71:d0:2f:98:08:be:b7:0b:82:d2:
86:5e:86:a6:4f:ec:47:e5:f5:59:69:09:75:60:5d:
60:1c:4f:1a:0b:3e:89:a6:50:f1:3c:67:45:fa:a8:
e5:ca:d3:a1:25:b4:2c:7d:1e:2a:11:7c:38:8b:39:
b2:43:a8:ba:18:6c:db:15:b3:53:7d:5e:70:e7:66:
d0:7c:91:fb:fa:29:c1:d5:4a:e3:f7:12:52:79:0f:
72:1d:a3:11:0d:e7:37:a1:28:85:3d:a5:a3:66:ac:
6c:5f:57:db:e1:7c:ed:cf:de:13:41:fe:4a:66:67:
0a:e5:e2:d1:e9:6c:ca:f4:2f:97:7a:17:ca:f8:32:
11:32:81:f0:c1:e9:7a:86:45:80:ad:4e:06:25:0f:
34:d6:8a:fc:38:a7:d6:60:2f:31:2d:16:84:3d:fe:
27:2f:2b:38:fa:20:14:ff:2b:e7:ae:72:c7:89:9c:
aa:eb:d1:79:65:87:9b:4a:e6:63:21:c2:b3:38:d4:
b3:8d:bf:40:7f:a8:69:12:0e:5d:0a:a9:2f:55:1a:
db:b9:e1:1d:af:a8:03:69:bf:55:df:e6:b0:ef:a1:
02:be:02:de:9b:b0:30:57:87:2d:06:94:93:03:c4:
77:9c:bc:fb:78:ea:85:3b:90:cc:da:26:0a:44:e6:
d1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F3:7A:E1:38:11:61:64:10:31:96:16:E1:09:9D:8E:FA:00:63:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED0A13F0C3DB11EF9331BE88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.2.0/24
Signature Algorithm: sha256WithRSAEncryption
32:3a:13:b6:1c:24:56:3c:0e:6e:c7:7d:61:b8:54:5c:8e:73:
a6:4a:a7:a6:24:62:fe:fe:9f:b6:1d:77:84:7f:d8:68:71:ca:
02:65:97:12:1e:9d:c2:74:4c:a2:14:de:28:63:49:8b:25:42:
8e:79:a8:40:ba:01:c5:f2:fa:20:92:e0:f1:8f:32:cf:58:17:
aa:40:41:25:a1:f0:71:fc:42:b7:0d:a1:ec:b8:e2:58:91:54:
8d:b5:ec:76:d3:13:60:19:b6:2a:f1:ba:2d:38:10:33:8b:31:
f6:db:54:d8:d5:a7:45:21:33:61:8f:ac:5e:e7:6e:96:3b:c3:
b1:cf:4e:4e:0b:f2:a0:e9:9b:74:cc:7c:c7:ef:4a:61:43:89:
00:ea:d5:da:f1:2e:93:94:bc:88:a2:72:3e:1d:d4:ac:15:00:
8d:da:df:ff:c3:9c:dd:ed:30:41:75:56:83:cc:99:b6:71:44:
63:6b:9f:19:e6:55:de:71:3b:0d:d4:ae:b0:1c:b0:af:72:e1:
ee:a6:71:b7:cb:9b:cc:4b:10:40:4f:7d:11:69:e7:db:3e:1a:
50:4b:9d:94:70:19:16:7d:56:81:8f:d9:94:fb:46:af:b0:0b:
95:12:c1:ec:e0:a6:ca:95:9f:4c:fd:9d:1b:69:7c:ad:1e:12:
a2:6c:a3:ef
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASiuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjI1MTE4WhcNMjcxMjEyMjI1MTE4WjAYMRYw
FAYDVQQDEw02NzZkZGRlOS03NTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtWdYfnHQL5gIvrcLgtKGXoamT+xH5fVZaQl1YF1gHE8aCz6JplDxPGdF
+qjlytOhJbQsfR4qEXw4izmyQ6i6GGzbFbNTfV5w52bQfJH7+inB1Urj9xJSeQ9y
HaMRDec3oSiFPaWjZqxsX1fb4Xztz94TQf5KZmcK5eLR6WzK9C+XehfK+DIRMoHw
wel6hkWArU4GJQ801or8OKfWYC8xLRaEPf4nLys4+iAU/yvnrnLHiZyq69F5ZYeb
SuZjIcKzONSzjb9Af6hpEg5dCqkvVRrbueEdr6gDab9V3+aw76ECvgLem7AwV4ct
BpSTA8R3nLz7eOqFO5DM2iYKRObR4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKPz
euE4EWFkEDGWFuEJnY76AGOtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRDBBMTNGMEMzREIxMUVGOTMzMUJFODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlYCMA0GCSqGSIb3DQEB
CwUAA4IBAQAyOhO2HCRWPA5ux31huFRcjnOmSqemJGL+/p+2HXeEf9hoccoCZZcS
Hp3CdEyiFN4oY0mLJUKOeahAugHF8vogkuDxjzLPWBeqQEElofBx/EK3DaHsuOJY
kVSNtex20xNgGbYq8botOBAzizH221TY1adFITNhj6xe526WO8Oxz05OC/Kg6Zt0
zHzH70phQ4kA6tXa8S6TlLyIonI+HdSsFQCN2t//w5zd7TBBdVaDzJm2cURja58Z
5lXecTsN1K6wHLCvcuHupnG3y5vMSxBAT30RaefbPhpQS52UcBkWfVaBj9mU+0av
sAuVEsHs4KbKlZ9M/Z0baXytHhKibKPv
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:02:20 2025 by rpki-client