Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F0D4F614C1A911EFA1829E93762E951A.roa
File: F0D4F614C1A911EFA1829E93762E951A.roa (raw, json)
Hash identifier: mAL5AC8GqHSCz/hL2pu0BP+bI+QQAfUDhgEIeF/zTZg=
Subject key identifier: 72:C7:ED:C8:BB:FE:6C:7E:41:5C:A4:2F:C2:B9:72:64:8D:B0:56:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01211F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F0D4F614C1A911EFA1829E93762E951A.roa
Signing time: Tue 24 Dec 2024 03:48:31 +0000
ROA not before: Tue 24 Dec 2024 03:48:27 +0000
ROA not after: Wed 10 Dec 2025 03:48:27 +0000
asID: 984
IP address blocks: 154.92.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74015 (0x1211f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 03:48:27 2024 GMT
Not After : Dec 10 03:48:27 2025 GMT
Subject: CN=676a2f0e-1384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:33:9e:7f:42:81:77:18:a8:34:6c:3c:a6:75:
b2:b0:ff:c9:2d:88:a5:fa:30:13:f5:de:84:9f:77:
c7:ef:49:3a:a2:84:b9:4b:af:1c:37:2d:06:f3:d8:
64:93:d0:1e:a9:49:b6:27:54:f6:ac:46:bf:56:23:
e3:b9:b5:e5:65:93:f5:bd:a4:5c:3c:4d:93:bb:10:
2e:75:a8:f6:d2:94:7d:1f:6f:8b:ec:4d:c3:1f:d9:
53:2e:76:e0:5d:0e:b7:65:94:80:30:dc:51:98:90:
60:50:aa:bf:0e:13:15:d5:44:f0:2a:69:1d:d2:b4:
d7:07:48:71:b1:85:75:9e:e9:aa:49:01:52:41:6d:
e1:8b:92:a3:1e:67:68:0f:76:82:18:81:5c:70:b5:
58:88:40:80:d0:78:ce:c0:07:83:37:6f:ee:fb:69:
27:9d:7d:17:bf:5f:c1:2d:7b:54:61:f4:b7:cf:5d:
af:55:3f:44:2f:a4:5b:bb:c4:d7:7f:8c:3b:a4:7e:
9b:7a:73:21:e6:58:09:2b:89:89:7f:71:34:b9:d4:
22:89:89:74:bf:a9:39:bc:e2:4e:a8:62:d3:5c:05:
b4:16:64:fb:ca:c4:3b:66:cb:22:a3:7b:fc:7b:96:
54:57:ff:c6:e5:9c:d8:28:6d:80:f0:cf:4b:4c:57:
06:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C7:ED:C8:BB:FE:6C:7E:41:5C:A4:2F:C2:B9:72:64:8D:B0:56:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F0D4F614C1A911EFA1829E93762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.215.0/24
Signature Algorithm: sha256WithRSAEncryption
79:a4:d5:f2:e2:9e:5f:d0:30:50:a7:58:11:98:4b:06:97:ab:
11:9d:59:ae:c4:d0:ee:c1:03:f2:9d:45:3f:75:3e:6b:d7:16:
74:fd:d0:18:0a:13:5b:2a:66:5b:a8:4f:3e:77:73:36:18:1e:
b9:b1:f5:56:59:8c:ac:a1:52:1d:b1:53:e9:0a:9f:02:e9:7a:
41:7e:2a:c7:8d:d3:f2:c4:7c:8b:e2:b9:a8:52:53:17:ed:c9:
da:eb:a8:bf:bb:d6:a0:1d:a4:f2:e4:46:2a:32:64:b7:50:6c:
10:bc:85:3b:4f:40:b2:d0:e7:c1:5d:e9:49:1d:89:fe:13:e1:
55:da:05:56:46:c6:79:bd:b1:5d:65:74:32:c6:f9:33:64:fc:
fa:00:bc:7e:d2:9d:4a:80:d2:51:74:49:36:2a:53:cd:8f:04:
e6:b8:5c:bb:e1:42:46:e0:79:83:76:d9:95:1d:7f:43:76:e5:
71:a3:58:07:19:8e:47:41:f0:c5:c0:e0:a1:bc:ae:d2:d3:3a:
5a:12:c5:5c:97:87:b5:53:cd:52:e6:43:fa:db:aa:fe:2f:64:
34:1b:10:9d:fc:f8:2c:26:9f:96:4a:c8:2c:fc:94:ed:f4:43:
5e:65:21:e9:78:d5:8f:c9:81:15:4a:20:c7:30:04:f9:db:16:
c1:b1:e6:c1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASEfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDM0ODI3WhcNMjUxMjEwMDM0ODI3WjAYMRYw
FAYDVQQDEw02NzZhMmYwZS0xMzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnTOef0KBdxioNGw8pnWysP/JLYil+jAT9d6En3fH70k6ooS5S68cNy0G
89hkk9AeqUm2J1T2rEa/ViPjubXlZZP1vaRcPE2TuxAudaj20pR9H2+L7E3DH9lT
LnbgXQ63ZZSAMNxRmJBgUKq/DhMV1UTwKmkd0rTXB0hxsYV1numqSQFSQW3hi5Kj
HmdoD3aCGIFccLVYiECA0HjOwAeDN2/u+2knnX0Xv1/BLXtUYfS3z12vVT9EL6Rb
u8TXf4w7pH6benMh5lgJK4mJf3E0udQiiYl0v6k5vOJOqGLTXAW0FmT7ysQ7Zssi
o3v8e5ZUV//G5ZzYKG2A8M9LTFcGJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHLH
7ci7/mx+QVykL8K5cmSNsFZ4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMEQ0RjYxNEMxQTkxMUVGQTE4MjlFOTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlzXMA0GCSqGSIb3DQEB
CwUAA4IBAQB5pNXy4p5f0DBQp1gRmEsGl6sRnVmuxNDuwQPynUU/dT5r1xZ0/dAY
ChNbKmZbqE8+d3M2GB65sfVWWYysoVIdsVPpCp8C6XpBfirHjdPyxHyL4rmoUlMX
7cna66i/u9agHaTy5EYqMmS3UGwQvIU7T0Cy0OfBXelJHYn+E+FV2gVWRsZ5vbFd
ZXQyxvkzZPz6ALx+0p1KgNJRdEk2KlPNjwTmuFy74UJG4HmDdtmVHX9DduVxo1gH
GY5HQfDFwOChvK7S0zpaEsVcl4e1U81S5kP626r+L2Q0GxCd/PgsJp+WSsgs/JTt
9ENeZSHpeNWPyYEVSiDHMAT52xbBsebB
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:52 2025 by rpki-client