Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F4602292C5EE11EFB7440BBB762E951A.roa
File: F4602292C5EE11EFB7440BBB762E951A.roa (raw, json)
Hash identifier: v3FyvxRK9tdfWjDN46l7eQ7JOQF7o/0vFksjkq7CD6A=
Subject key identifier: F2:64:95:CB:65:33:36:86:FA:2D:D1:5C:CC:9B:8F:6B:F4:49:22:8D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012DC6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F4602292C5EE11EFB7440BBB762E951A.roa
Signing time: Sun 29 Dec 2024 14:12:36 +0000
ROA not before: Sun 29 Dec 2024 14:12:33 +0000
ROA not after: Sun 12 Dec 2027 14:12:33 +0000
asID: 17561
IP address blocks: 154.211.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77254 (0x12dc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 14:12:33 2024 GMT
Not After : Dec 12 14:12:33 2027 GMT
Subject: CN=677158d4-ab45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:27:d1:3c:ff:2d:9c:c9:df:bf:87:ff:b6:fc:
25:c0:17:13:fa:fe:c1:d1:4a:60:b9:f4:a9:1b:01:
98:04:47:5a:d4:2f:c2:5e:d6:9a:ac:3c:86:c0:9b:
ec:f6:7b:c1:7e:70:d4:b9:f3:90:3d:bc:10:29:cb:
61:d5:ec:33:15:b7:cf:4f:ab:92:20:be:bf:48:68:
f0:f9:96:93:bd:59:84:1c:c3:91:3f:eb:1c:f5:b3:
ff:cc:43:f6:d6:91:aa:74:63:56:01:03:42:8e:82:
4f:85:b9:c3:94:13:bb:74:8b:ee:d6:d1:8c:13:be:
a3:f0:7a:44:4c:d5:52:52:e8:73:c9:58:09:c9:78:
5a:6a:ea:5d:85:4c:ee:9f:7f:26:37:17:bf:71:8f:
26:91:a6:ed:81:4c:eb:99:c2:52:78:eb:71:25:d8:
79:70:f1:e7:ee:d0:fe:5a:6f:db:06:43:19:c4:9e:
5e:70:6d:ce:e9:fe:8a:aa:ee:37:9c:b3:60:b3:38:
1a:84:32:c4:61:fa:79:7c:db:26:9b:ea:42:dc:c9:
3b:0d:fb:e9:0c:5d:c9:50:76:f0:45:bd:9d:cc:43:
0e:f2:e7:35:c1:ff:8c:d1:12:c1:f8:c0:b2:3e:ba:
f2:22:53:21:05:33:47:25:26:21:8a:8e:d4:e1:92:
90:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:64:95:CB:65:33:36:86:FA:2D:D1:5C:CC:9B:8F:6B:F4:49:22:8D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F4602292C5EE11EFB7440BBB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.42.0/24
Signature Algorithm: sha256WithRSAEncryption
32:8c:99:c1:fe:ae:54:89:24:84:c5:27:b8:8e:9c:a0:52:32:
76:b0:b8:12:f5:fa:de:5b:35:b0:e4:88:36:bd:ff:83:c1:f7:
b4:0c:1c:43:56:ec:91:63:38:da:8a:dd:dd:0b:a9:12:01:8c:
77:f5:1a:c0:4b:fe:9e:da:fb:3a:d9:53:91:df:78:bc:8a:1e:
35:08:b8:05:67:ec:16:a0:48:1b:a1:c7:cd:d7:d9:46:ef:c9:
a6:32:a0:23:13:aa:62:29:c4:d6:c3:3a:fc:0d:04:d0:e3:98:
1a:74:a1:b0:da:23:49:5d:da:74:59:87:72:ee:40:40:55:9b:
79:51:af:7e:0f:6b:5f:e1:5f:e4:48:56:b7:cb:70:13:d1:a3:
f9:ee:ea:ba:ad:9a:01:50:70:40:d5:b8:75:72:b6:7f:65:43:
32:d9:12:16:60:ee:f3:05:32:8c:ba:31:9f:fb:f2:d1:83:61:
66:30:08:74:f4:bc:da:f6:42:4d:0b:73:eb:e0:57:77:06:aa:
4a:b5:78:de:25:c4:22:a4:08:93:ad:37:94:e8:b0:3b:cc:6e:
1b:16:f0:a3:29:20:77:69:f4:40:82:2a:25:74:bc:dc:f4:56:
87:2f:1b:c1:b8:95:cb:34:99:6c:95:6f:47:40:ec:9b:d1:e6:
ba:38:d7:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS3GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTQxMjMzWhcNMjcxMjEyMTQxMjMzWjAYMRYw
FAYDVQQDEw02NzcxNThkNC1hYjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4yfRPP8tnMnfv4f/tvwlwBcT+v7B0UpgufSpGwGYBEda1C/CXtaarDyG
wJvs9nvBfnDUufOQPbwQKcth1ewzFbfPT6uSIL6/SGjw+ZaTvVmEHMORP+sc9bP/
zEP21pGqdGNWAQNCjoJPhbnDlBO7dIvu1tGME76j8HpETNVSUuhzyVgJyXhaaupd
hUzun38mNxe/cY8mkabtgUzrmcJSeOtxJdh5cPHn7tD+Wm/bBkMZxJ5ecG3O6f6K
qu43nLNgszgahDLEYfp5fNsmm+pC3Mk7DfvpDF3JUHbwRb2dzEMO8uc1wf+M0RLB
+MCyPrryIlMhBTNHJSYhio7U4ZKQRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPJk
lctlMzaG+i3RXMybj2v0SSKNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNDYwMjI5MkM1RUUxMUVGQjc0NDBCQkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtMqMA0GCSqGSIb3DQEB
CwUAA4IBAQAyjJnB/q5UiSSExSe4jpygUjJ2sLgS9freWzWw5Ig2vf+Dwfe0DBxD
VuyRYzjait3dC6kSAYx39RrAS/6e2vs62VOR33i8ih41CLgFZ+wWoEgbocfN19lG
78mmMqAjE6piKcTWwzr8DQTQ45gadKGw2iNJXdp0WYdy7kBAVZt5Ua9+D2tf4V/k
SFa3y3AT0aP57uq6rZoBUHBA1bh1crZ/ZUMy2RIWYO7zBTKMujGf+/LRg2FmMAh0
9Lza9kJNC3Pr4Fd3BqpKtXjeJcQipAiTrTeU6LA7zG4bFvCjKSB3afRAgioldLzc
9FaHLxvBuJXLNJlslW9HQOyb0ea6ONcc
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:35:41 2025 by rpki-client