Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1D68B32C26611EF9A1E5F4E762E951A.roa
File: F1D68B32C26611EF9A1E5F4E762E951A.roa (raw, json)
Hash identifier: W3ANHGyJN43XQHI+MDhxilrvtQDeGS+1QnPhuxsIuMc=
Subject key identifier: 06:31:47:8B:3A:07:8D:18:7B:9C:3D:30:D2:F8:BE:82:3E:C3:F1:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0123F4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1D68B32C26611EF9A1E5F4E762E951A.roa
Signing time: Wed 25 Dec 2024 02:21:27 +0000
ROA not before: Wed 25 Dec 2024 02:21:23 +0000
ROA not after: Wed 10 Dec 2025 02:21:23 +0000
asID: 984
IP address blocks: 154.199.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74740 (0x123f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 02:21:23 2024 GMT
Not After : Dec 10 02:21:23 2025 GMT
Subject: CN=676b6c27-86ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1b:10:b0:47:4a:56:ce:5f:f6:df:87:1a:01:
2a:c3:d8:8e:8f:bb:c2:7b:5d:c5:af:a6:de:ac:45:
db:5c:a2:2e:59:0d:c8:78:84:6c:63:04:3d:ff:e1:
d6:8a:5f:c9:0d:24:18:81:15:dc:e1:7b:8f:a0:3b:
a6:e8:c3:04:51:06:87:a2:58:2e:02:fa:9a:e7:8a:
7a:6b:c7:2d:d9:e3:7b:4a:53:7a:12:97:07:d7:06:
58:9a:8f:29:ed:55:50:45:7c:c1:57:4d:8b:b8:04:
ce:fc:35:85:7f:97:bd:a3:0b:55:0e:db:d5:62:ec:
5e:71:35:45:36:ea:ca:0f:75:35:98:c0:5d:5e:9a:
af:2a:47:e0:20:a1:e5:92:ee:d3:30:ab:3c:e1:99:
0c:5a:a3:ea:20:56:9c:60:76:43:10:30:ff:0f:50:
9e:72:bd:2d:ba:11:8c:9f:8d:58:83:34:9c:9f:24:
19:ea:98:ea:0d:8f:99:3b:27:b8:52:6c:1a:00:e5:
e2:8d:60:50:2d:27:e1:82:af:ad:01:60:f9:e5:99:
19:f8:43:b7:9f:04:66:e5:0e:ea:f7:05:bc:8e:7a:
6f:b0:cb:fe:2a:16:4a:ef:3b:08:14:33:6a:69:4c:
d7:69:a2:43:69:d9:54:a3:81:30:a8:25:b0:63:04:
f4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:31:47:8B:3A:07:8D:18:7B:9C:3D:30:D2:F8:BE:82:3E:C3:F1:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1D68B32C26611EF9A1E5F4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.203.0/24
Signature Algorithm: sha256WithRSAEncryption
59:7f:a3:91:cc:c4:57:54:ec:37:60:d0:49:a4:2e:be:1d:ec:
b6:ff:0c:b9:84:22:40:23:99:9a:b0:df:f2:5e:9b:e2:87:94:
a5:38:ba:76:79:6b:46:f9:69:a2:f7:df:45:a0:fe:22:f5:e6:
f1:47:08:72:8e:53:9e:7e:65:1d:b7:29:93:79:fa:fa:9e:ee:
46:24:61:c7:c4:ab:10:51:e4:6e:5c:b9:d0:70:1a:0f:b9:3e:
9b:c9:2d:ed:85:0b:18:4c:15:2c:d2:28:b9:9d:2e:57:47:a1:
17:d0:79:ed:ff:6c:f1:f5:f6:5a:b7:ec:9b:1e:78:a6:5a:38:
b7:3c:be:ff:dd:ca:ab:38:f3:cb:89:8d:5b:fb:f2:52:98:6f:
b5:6d:2a:22:a5:b9:dd:8c:63:f3:93:fd:89:d5:6e:61:70:d7:
a2:d3:37:36:9a:5c:a7:db:0f:8c:d7:7c:21:98:68:1b:02:05:
62:9c:bc:ea:74:5c:b3:b5:71:e8:e1:8f:4a:bf:49:d5:47:af:
b2:b0:74:2f:f8:be:8f:85:59:97:8b:54:14:1a:39:aa:21:f2:
67:25:f9:7e:95:f4:90:60:9d:f2:eb:a2:de:69:e3:14:96:64:
9b:f1:07:43:10:29:4b:1f:85:82:08:f8:3d:47:1a:0a:b7:2c:
87:48:6b:ac
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASP0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDIyMTIzWhcNMjUxMjEwMDIyMTIzWjAYMRYw
FAYDVQQDEw02NzZiNmMyNy04NmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwxsQsEdKVs5f9t+HGgEqw9iOj7vCe13Fr6berEXbXKIuWQ3IeIRsYwQ9
/+HWil/JDSQYgRXc4XuPoDum6MMEUQaHolguAvqa54p6a8ct2eN7SlN6EpcH1wZY
mo8p7VVQRXzBV02LuATO/DWFf5e9owtVDtvVYuxecTVFNurKD3U1mMBdXpqvKkfg
IKHlku7TMKs84ZkMWqPqIFacYHZDEDD/D1Cecr0tuhGMn41YgzScnyQZ6pjqDY+Z
Oye4UmwaAOXijWBQLSfhgq+tAWD55ZkZ+EO3nwRm5Q7q9wW8jnpvsMv+KhZK7zsI
FDNqaUzXaaJDadlUo4EwqCWwYwT06QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAYx
R4s6B40Ye5w9MNL4voI+w/GMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMUQ2OEIzMkMyNjYxMUVGOUExRTVGNEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsfLMA0GCSqGSIb3DQEB
CwUAA4IBAQBZf6ORzMRXVOw3YNBJpC6+Hey2/wy5hCJAI5masN/yXpvih5SlOLp2
eWtG+Wmi999FoP4i9ebxRwhyjlOefmUdtymTefr6nu5GJGHHxKsQUeRuXLnQcBoP
uT6byS3thQsYTBUs0ii5nS5XR6EX0Hnt/2zx9fZat+ybHnimWji3PL7/3cqrOPPL
iY1b+/JSmG+1bSoipbndjGPzk/2J1W5hcNei0zc2mlyn2w+M13whmGgbAgVinLzq
dFyztXHo4Y9Kv0nVR6+ysHQv+L6PhVmXi1QUGjmqIfJnJfl+lfSQYJ3y66LeaeMU
lmSb8QdDEClLH4WCCPg9RxoKtyyHSGus
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:44 2025 by rpki-client