Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1C2D758CF5F11EF92C81652762E951A.roa
File: F1C2D758CF5F11EF92C81652762E951A.roa (raw, json)
Hash identifier: 7l1FS5Q+QvU81QbOp4ataqo8SGGnKDdYhf09D2w7TqE=
Subject key identifier: 71:4C:18:FF:61:14:57:91:96:6F:5A:7C:89:85:AB:B2:05:DE:C0:CD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013A07
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1C2D758CF5F11EF92C81652762E951A.roa
Signing time: Fri 10 Jan 2025 14:34:06 +0000
ROA not before: Fri 10 Jan 2025 14:34:02 +0000
ROA not after: Sun 12 Dec 2027 14:34:02 +0000
asID: 17561
IP address blocks: 154.81.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80391 (0x13a07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 10 14:34:02 2025 GMT
Not After : Dec 12 14:34:02 2027 GMT
Subject: CN=67812fde-8502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c8:fd:f1:b0:54:ea:59:58:67:1b:7a:f7:da:
48:48:bc:12:c4:80:00:34:d8:1c:54:8d:66:81:45:
7a:20:82:be:6b:8d:47:f6:89:ad:06:99:c9:79:9a:
e2:c6:66:56:22:82:51:52:51:29:7b:06:f9:c9:6c:
ee:5e:73:9f:ca:da:3f:c9:ae:ed:ed:08:da:b2:27:
ec:e1:34:03:11:60:89:3b:47:46:3c:1f:87:c4:4a:
d0:f5:9a:bb:eb:d4:2e:78:16:ca:cd:0c:56:50:c6:
60:52:75:08:30:5f:c0:0a:6c:18:29:19:3c:81:3c:
c3:f6:87:31:3b:9f:c2:75:d3:ae:9e:80:ac:fc:94:
71:26:43:e4:fa:cf:f1:f1:71:8b:40:f2:c3:fb:d5:
26:be:0a:af:df:3d:38:0c:d3:bd:7a:6c:a9:98:a2:
7d:70:d2:65:0a:e4:c9:66:a5:2a:e5:ec:14:b7:72:
94:38:f0:0f:cd:f4:d4:21:9b:e8:8c:9c:8a:89:6c:
f4:30:37:22:74:19:95:fe:f5:d1:4e:a5:f9:89:21:
89:43:b6:88:f0:4c:ae:ba:48:ba:a2:d3:1d:57:8b:
39:c2:0e:b2:39:de:f5:df:d6:21:1c:c6:52:64:d4:
6b:83:3a:2b:4c:a7:9a:46:f8:10:62:89:43:aa:18:
65:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4C:18:FF:61:14:57:91:96:6F:5A:7C:89:85:AB:B2:05:DE:C0:CD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1C2D758CF5F11EF92C81652762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.134.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:47:6e:9b:e1:91:5f:93:b8:ac:6b:12:e0:3c:bf:6a:0e:4b:
76:c7:7a:e8:f5:d5:d6:fe:49:6a:c8:c3:2c:6e:69:03:e4:50:
0d:d8:35:35:6a:25:c9:0c:91:96:ec:0c:b3:ae:34:5d:1f:b8:
3f:34:d1:5c:01:06:ee:20:23:73:ff:b9:34:5c:1c:5e:f2:ea:
6d:65:b1:66:c3:cd:ab:51:6b:45:5f:c2:ae:89:8e:f1:84:0e:
fe:c1:ac:53:01:b8:84:74:9a:bc:8b:23:27:76:3b:78:1b:b8:
66:fb:91:8f:be:d6:40:e1:91:fa:c4:19:55:32:85:d1:8f:77:
40:d4:9d:79:9c:c5:06:19:6c:8f:28:24:a3:99:c5:e6:14:7f:
c2:0c:eb:5e:63:18:e9:53:14:a2:73:3d:4a:a1:06:d8:9c:ca:
a3:38:40:f2:10:0d:33:b7:fa:10:26:1d:be:8d:00:ab:d7:17:
3e:40:76:07:fc:6c:f7:64:33:72:fd:f4:51:16:3b:72:c3:1a:
5b:7f:48:37:d0:1d:47:fb:f8:17:90:d3:74:10:8c:91:48:bd:
36:80:86:1a:14:73:cf:e9:1a:1e:ba:6d:71:23:4d:36:1d:88:
dc:b9:4e:bc:48:c6:69:51:8b:1e:e3:ab:1d:19:65:8f:52:b7:
57:ba:af:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAToHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEwMTQzNDAyWhcNMjcxMjEyMTQzNDAyWjAYMRYw
FAYDVQQDEw02NzgxMmZkZS04NTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3sj98bBU6llYZxt699pISLwSxIAANNgcVI1mgUV6IIK+a41H9omtBpnJ
eZrixmZWIoJRUlEpewb5yWzuXnOfyto/ya7t7Qjasifs4TQDEWCJO0dGPB+HxErQ
9Zq769QueBbKzQxWUMZgUnUIMF/ACmwYKRk8gTzD9ocxO5/CddOunoCs/JRxJkPk
+s/x8XGLQPLD+9Umvgqv3z04DNO9emypmKJ9cNJlCuTJZqUq5ewUt3KUOPAPzfTU
IZvojJyKiWz0MDcidBmV/vXRTqX5iSGJQ7aI8Eyuuki6otMdV4s5wg6yOd7139Yh
HMZSZNRrgzorTKeaRvgQYolDqhhlfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHFM
GP9hFFeRlm9afImFq7IF3sDNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMUMyRDc1OENGNUYxMUVGOTJDODE2NTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlGGMA0GCSqGSIb3DQEB
CwUAA4IBAQAqR26b4ZFfk7isaxLgPL9qDkt2x3ro9dXW/klqyMMsbmkD5FAN2DU1
aiXJDJGW7AyzrjRdH7g/NNFcAQbuICNz/7k0XBxe8uptZbFmw82rUWtFX8KuiY7x
hA7+waxTAbiEdJq8iyMndjt4G7hm+5GPvtZA4ZH6xBlVMoXRj3dA1J15nMUGGWyP
KCSjmcXmFH/CDOteYxjpUxSicz1KoQbYnMqjOEDyEA0zt/oQJh2+jQCr1xc+QHYH
/Gz3ZDNy/fRRFjtywxpbf0g30B1H+/gXkNN0EIyRSL02gIYaFHPP6Roeum1xI002
HYjcuU68SMZpUYse46sdGWWPUrdXuq+L
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:42 2025 by rpki-client