Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F07BD5B2911A11EF961B9399762E951A.roa
File: F07BD5B2911A11EF961B9399762E951A.roa (raw, json)
Hash identifier: 9gtv5NGE2P7xawfn/TMEsbzrfO5NcG5mIFdoqvart80=
Subject key identifier: 74:4E:8B:05:67:CA:F5:CA:D0:83:5D:D2:C8:28:F6:AC:79:84:FF:DF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0100D4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F07BD5B2911A11EF961B9399762E951A.roa
Signing time: Wed 23 Oct 2024 08:43:56 +0000
ROA not before: Wed 23 Oct 2024 08:43:52 +0000
ROA not after: Thu 23 Oct 2025 08:43:52 +0000
asID: 29802
IP address blocks: 154.81.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65748 (0x100d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Oct 23 08:43:52 2024 GMT
Not After : Oct 23 08:43:52 2025 GMT
Subject: CN=6718b74c-5a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:22:61:c7:8f:b5:8d:85:f3:47:d6:3f:9b:2c:
0b:3c:78:f4:cd:32:d9:f1:00:24:07:14:66:58:24:
b5:ee:f7:04:a4:ed:ad:4b:22:ae:54:b3:e0:60:b8:
d1:37:a6:ef:0f:d3:a5:94:e5:6f:b4:eb:92:90:4d:
a3:24:ab:d1:40:26:ee:31:d5:3f:96:e5:ae:e0:71:
de:57:c2:c6:39:96:7c:ec:4e:df:0c:4d:db:a2:e7:
b3:d9:44:a9:e1:67:c9:5a:7c:30:07:d2:16:cd:66:
8a:5b:19:84:56:a9:22:ec:bf:91:8a:d9:7c:24:a7:
ee:b9:d5:87:01:8c:23:a8:85:4d:07:b5:1f:b4:04:
09:16:1c:e0:f5:62:88:95:c4:33:da:a9:80:b1:2f:
dd:e6:d5:f3:ec:26:e0:07:23:bf:2d:8f:3c:f7:f6:
c2:9f:df:5d:7e:33:19:59:6c:c6:7b:ba:87:1e:6b:
c1:16:bf:8c:88:fd:23:a0:16:43:0c:32:e7:71:13:
58:6a:43:e7:23:fb:cd:39:7d:57:e6:e7:9d:de:5c:
94:d3:8e:79:4a:56:53:05:ae:16:ce:24:d0:dd:e1:
22:3e:50:f0:34:f7:a8:65:e3:da:96:60:d3:be:68:
1e:02:c5:f7:8e:0f:55:71:0f:49:35:e3:ea:fd:4b:
a1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4E:8B:05:67:CA:F5:CA:D0:83:5D:D2:C8:28:F6:AC:79:84:FF:DF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F07BD5B2911A11EF961B9399762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.56.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:68:de:a0:3e:1a:b1:ac:c4:e7:de:aa:3d:56:b8:88:e7:0e:
c6:f2:64:9a:e4:1b:8f:c4:3f:a9:94:01:d0:50:4b:02:84:e3:
0b:34:69:ae:09:49:41:7c:a0:e0:9c:38:f9:7d:ad:d0:b0:48:
96:34:88:6c:28:46:d6:9d:72:69:4b:47:f4:65:e9:66:9d:4b:
67:eb:4f:18:cc:1a:af:54:2b:c2:af:16:90:3d:9d:84:b0:f5:
52:33:d7:41:51:9b:23:35:e2:da:73:08:48:09:0e:30:f6:72:
c6:af:2b:5c:8e:5d:d5:78:3d:2b:f9:41:d9:43:b5:49:8e:36:
56:1a:63:23:e7:8a:e7:e9:5b:ad:88:9b:f4:f8:58:43:f0:36:
b1:90:51:af:07:5a:3e:32:a6:28:1c:e3:50:0e:21:ef:f4:40:
92:6d:36:e0:08:1c:c5:d2:c2:3f:68:4b:e9:d3:a6:e8:89:2c:
aa:1c:d3:30:38:4a:b9:c7:8e:35:bb:3c:23:46:e5:16:57:27:
d8:6d:71:32:34:c4:ae:54:db:f7:73:49:d0:f3:28:4f:35:df:
0b:f6:c0:fb:7b:19:df:c4:fd:c1:e7:0b:7e:aa:0d:bb:31:b4:
0a:bd:18:bc:1b:9a:54:a0:e3:47:47:94:63:31:3b:3b:3d:51:
f9:07:e1:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQDUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDIzMDg0MzUyWhcNMjUxMDIzMDg0MzUyWjAYMRYw
FAYDVQQDEw02NzE4Yjc0Yy01YTRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3yJhx4+1jYXzR9Y/mywLPHj0zTLZ8QAkBxRmWCS17vcEpO2tSyKuVLPg
YLjRN6bvD9OllOVvtOuSkE2jJKvRQCbuMdU/luWu4HHeV8LGOZZ87E7fDE3bouez
2USp4WfJWnwwB9IWzWaKWxmEVqki7L+Ritl8JKfuudWHAYwjqIVNB7UftAQJFhzg
9WKIlcQz2qmAsS/d5tXz7CbgByO/LY889/bCn99dfjMZWWzGe7qHHmvBFr+MiP0j
oBZDDDLncRNYakPnI/vNOX1X5ued3lyU0455SlZTBa4WziTQ3eEiPlDwNPeoZePa
lmDTvmgeAsX3jg9VcQ9JNePq/UuhewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHRO
iwVnyvXK0INd0sgo9qx5hP/fMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMDdCRDVCMjkxMUExMUVGOTYxQjkzOTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlE4MA0GCSqGSIb3DQEB
CwUAA4IBAQCtaN6gPhqxrMTn3qo9VriI5w7G8mSa5BuPxD+plAHQUEsChOMLNGmu
CUlBfKDgnDj5fa3QsEiWNIhsKEbWnXJpS0f0ZelmnUtn608YzBqvVCvCrxaQPZ2E
sPVSM9dBUZsjNeLacwhICQ4w9nLGrytcjl3VeD0r+UHZQ7VJjjZWGmMj54rn6Vut
iJv0+FhD8DaxkFGvB1o+MqYoHONQDiHv9ECSbTbgCBzF0sI/aEvp06boiSyqHNMw
OEq5x441uzwjRuUWVyfYbXEyNMSuVNv3c0nQ8yhPNd8L9sD7exnfxP3B5wt+qg27
MbQKvRi8G5pUoONHR5RjMTs7PVH5B+HV
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:25 2025 by rpki-client