Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1129A12C61A11EF9DB2494E762E951A.roa
File: F1129A12C61A11EF9DB2494E762E951A.roa (raw, json)
Hash identifier: cK32iD9F1bKp47Ivo/TGtQa+SsiUcCbNG4iYJeoieTY=
Subject key identifier: AE:31:57:0F:27:77:B9:C9:FB:D0:2D:CE:22:F3:82:E6:17:E7:8C:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012F3A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1129A12C61A11EF9DB2494E762E951A.roa
Signing time: Sun 29 Dec 2024 19:27:29 +0000
ROA not before: Sun 29 Dec 2024 19:27:25 +0000
ROA not after: Sun 12 Dec 2027 19:27:25 +0000
asID: 17561
IP address blocks: 154.217.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77626 (0x12f3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 19:27:25 2024 GMT
Not After : Dec 12 19:27:25 2027 GMT
Subject: CN=6771a2a1-74b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:69:1e:21:19:8d:e3:3f:f7:7d:20:d1:42:dc:
fc:a1:7f:41:fd:a0:88:a5:d8:4a:a5:b4:91:fa:76:
ae:be:ca:87:c4:e9:ba:fd:52:ab:d6:ff:de:0e:e5:
1c:5b:77:af:f9:3e:3b:ee:0f:64:56:7c:17:ae:af:
bd:7a:1b:3d:38:93:2f:e2:40:c0:a6:f9:6f:13:4e:
90:db:09:2f:b9:09:c5:0f:dc:e5:73:cf:b0:b8:b4:
e7:5e:21:07:7f:d5:1c:8d:aa:a1:97:d1:8d:a0:de:
07:76:d1:b4:29:41:a1:c3:2b:68:bd:f7:dd:5e:18:
47:e6:17:a1:03:c0:74:b6:20:99:7a:c9:bb:2c:ce:
c7:10:1f:1a:08:c0:b9:2a:35:98:3f:bc:b3:3a:63:
e5:c2:e0:a0:22:9f:1d:4b:00:56:ea:7c:38:e7:1f:
3c:f4:e8:5a:4a:e4:b0:91:8f:56:04:91:02:c7:f6:
fb:5f:3c:9e:b8:9c:a9:32:2c:df:fc:6e:53:78:2d:
ce:e0:5f:cb:b6:36:63:4e:c3:94:6d:08:37:8f:d8:
b0:c9:a9:6a:1f:d6:dd:c5:ce:31:5d:64:dc:1a:c8:
6f:d4:b8:ab:51:f9:8d:7d:05:cd:87:4f:d9:94:f7:
1d:e5:0c:fe:4e:4c:7b:cb:9f:1e:12:c0:e0:3c:58:
a5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:31:57:0F:27:77:B9:C9:FB:D0:2D:CE:22:F3:82:E6:17:E7:8C:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1129A12C61A11EF9DB2494E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.128.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:ef:c4:d7:e7:1e:19:4e:51:12:cc:d1:e3:e3:6a:f1:54:c9:
c9:7a:35:23:9b:79:8c:4b:de:5f:93:49:8f:3f:b7:3c:7f:5e:
f6:3a:a4:d9:8f:4b:c9:a9:5b:93:3b:f3:ce:52:75:01:71:52:
8d:c0:e2:e3:93:55:a4:09:d6:ea:fb:af:a1:56:43:e5:ca:a2:
23:d0:15:79:84:36:e9:c0:51:74:39:67:4e:a9:21:85:a3:0f:
c5:54:27:ac:aa:7c:8d:54:1d:9d:03:5e:bc:78:15:6a:b6:dd:
6a:85:33:9c:28:ee:cd:82:77:b3:8a:03:95:18:7c:32:cf:65:
7b:74:a7:9b:9c:db:3b:a2:3e:0c:f7:9b:17:ad:c5:bd:f0:bd:
3d:48:0d:a4:7b:8a:2f:82:25:50:d0:c6:62:4e:e4:e9:8c:03:
27:64:f5:94:90:08:59:d0:7a:56:f6:39:d8:5a:09:4e:42:b6:
cf:b0:39:9e:d1:35:3d:61:87:88:31:e5:34:4b:06:fa:56:3e:
57:f1:1e:33:e2:d0:ec:f1:56:62:47:43:ff:f7:02:da:68:a3:
7d:5a:d0:4a:56:37:79:8e:10:df:18:6a:9b:a6:84:fc:6c:1c:
e6:87:eb:e6:22:bd:f1:3f:da:33:30:f9:c9:a0:5a:60:b3:ee:
db:e7:07:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS86MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTkyNzI1WhcNMjcxMjEyMTkyNzI1WjAYMRYw
FAYDVQQDEw02NzcxYTJhMS03NGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnWkeIRmN4z/3fSDRQtz8oX9B/aCIpdhKpbSR+nauvsqHxOm6/VKr1v/e
DuUcW3ev+T477g9kVnwXrq+9ehs9OJMv4kDApvlvE06Q2wkvuQnFD9zlc8+wuLTn
XiEHf9Ucjaqhl9GNoN4HdtG0KUGhwytovffdXhhH5hehA8B0tiCZesm7LM7HEB8a
CMC5KjWYP7yzOmPlwuCgIp8dSwBW6nw45x889OhaSuSwkY9WBJECx/b7XzyeuJyp
Mizf/G5TeC3O4F/LtjZjTsOUbQg3j9iwyalqH9bdxc4xXWTcGshv1LirUfmNfQXN
h0/ZlPcd5Qz+Tkx7y58eEsDgPFilWQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK4x
Vw8nd7nJ+9AtziLzguYX54zhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMTEyOUExMkM2MUExMUVGOURCMjQ5NEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtmAMA0GCSqGSIb3DQEB
CwUAA4IBAQDA78TX5x4ZTlESzNHj42rxVMnJejUjm3mMS95fk0mPP7c8f172OqTZ
j0vJqVuTO/POUnUBcVKNwOLjk1WkCdbq+6+hVkPlyqIj0BV5hDbpwFF0OWdOqSGF
ow/FVCesqnyNVB2dA168eBVqtt1qhTOcKO7NgnezigOVGHwyz2V7dKebnNs7oj4M
95sXrcW98L09SA2ke4ovgiVQ0MZiTuTpjAMnZPWUkAhZ0HpW9jnYWglOQrbPsDme
0TU9YYeIMeU0Swb6Vj5X8R4z4tDs8VZiR0P/9wLaaKN9WtBKVjd5jhDfGGqbpoT8
bBzmh+vmIr3xP9ozMPnJoFpgs+7b5wdB
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:42 2025 by rpki-client