Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F6110E58C35011EF93BE149F762E951A.roa
File: F6110E58C35011EF93BE149F762E951A.roa (raw, json)
Hash identifier: /Et53FsLVOvt3jEeaOIRE3q5lB/MJfk0JiKam4kGgZg=
Subject key identifier: 31:A9:6F:7B:BB:16:3F:DC:C5:9F:00:DB:2A:A4:2C:07:FB:12:67:02
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0125A7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F6110E58C35011EF93BE149F762E951A.roa
Signing time: Thu 26 Dec 2024 06:16:36 +0000
ROA not before: Thu 26 Dec 2024 06:16:33 +0000
ROA not after: Sun 12 Dec 2027 06:16:33 +0000
asID: 17561
IP address blocks: 154.95.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75175 (0x125a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 06:16:33 2024 GMT
Not After : Dec 12 06:16:33 2027 GMT
Subject: CN=676cf4c4-e374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8f:ee:ce:15:f4:60:25:2f:d4:56:7e:d8:a9:
09:0e:be:50:88:cd:51:be:95:90:db:c9:30:1d:72:
e5:2c:f8:18:8e:a5:72:9c:c2:4b:9e:88:cf:e2:b3:
b7:c0:6a:7e:75:ac:e4:53:9b:bf:25:bf:26:a1:21:
59:42:2f:a8:08:6e:67:f9:e5:db:6e:05:74:ac:28:
d3:46:a6:fa:64:a0:38:c5:f9:a7:a0:47:88:f0:6d:
b5:8c:c5:5d:6c:7e:d8:46:7a:7f:da:ee:70:bb:e4:
ab:ed:61:e3:8d:05:8e:e8:c3:15:95:9e:a1:2b:a4:
c6:59:b2:43:1d:14:f6:03:6c:19:13:40:81:9c:6e:
8c:a4:35:60:24:85:25:9f:e4:d2:d9:fb:6a:eb:9f:
0e:9f:28:14:ed:63:62:a0:3d:4f:26:a6:c0:01:af:
ef:fc:9b:85:7b:e7:32:de:80:db:c9:f2:58:24:85:
90:a7:9f:84:8c:e7:ea:06:c5:ab:cc:20:bd:ca:49:
99:2c:8f:a7:e3:36:d5:a8:a5:0f:3c:db:65:b3:54:
b7:13:bb:a3:ff:d3:22:18:bf:64:c4:fb:d4:a1:61:
18:52:44:40:a0:81:1a:1e:b9:0a:29:7f:ed:7b:5c:
98:e2:81:b0:3f:69:07:b8:90:cb:b4:b1:7f:f2:da:
c6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A9:6F:7B:BB:16:3F:DC:C5:9F:00:DB:2A:A4:2C:07:FB:12:67:02
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F6110E58C35011EF93BE149F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.48.0/24
Signature Algorithm: sha256WithRSAEncryption
76:4b:83:70:b9:ee:82:c1:1e:3c:70:1f:89:1f:57:76:a6:55:
eb:bf:a3:f1:72:2b:9c:a0:56:89:73:70:41:82:c7:3a:ae:c0:
b0:0f:c7:2e:fb:98:50:0c:14:6b:e7:10:e3:3c:47:6e:b3:fb:
f6:ce:24:f9:2d:4a:e3:40:a0:6f:96:8d:53:f0:ba:fa:67:1b:
8f:21:58:ec:95:ea:7d:a0:a2:f9:dd:a2:5a:1c:d6:8d:45:3d:
96:92:bd:bc:f1:a1:89:6b:35:50:78:88:49:a7:8a:4b:13:b8:
88:86:28:62:3f:8d:5b:2b:d9:03:f7:9c:c2:8a:5b:85:d2:c7:
61:d5:8e:62:74:93:a0:e2:43:85:cf:34:01:51:37:18:20:c9:
1c:08:e2:b3:5b:8b:d4:14:87:50:b8:8e:a5:a5:c9:e6:2d:fd:
0b:ec:df:86:d6:8a:b4:21:f2:56:f6:44:fb:b1:d8:ab:b3:b7:
9a:d9:ff:13:92:b0:92:11:7a:74:75:c5:17:a0:cc:f0:29:bd:
12:84:ae:4c:58:f3:51:08:23:d6:3f:0e:07:af:3c:60:b6:7a:
f1:ec:25:38:11:a2:9f:77:8e:45:9f:cb:27:b5:28:67:ff:ed:
9a:91:2a:03:53:dc:a6:0c:b7:f4:80:b7:ab:1e:b7:4d:d4:40:
2d:3a:76:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASWnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDYxNjMzWhcNMjcxMjEyMDYxNjMzWjAYMRYw
FAYDVQQDEw02NzZjZjRjNC1lMzc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Y/uzhX0YCUv1FZ+2KkJDr5QiM1RvpWQ28kwHXLlLPgYjqVynMJLnojP
4rO3wGp+dazkU5u/Jb8moSFZQi+oCG5n+eXbbgV0rCjTRqb6ZKA4xfmnoEeI8G21
jMVdbH7YRnp/2u5wu+Sr7WHjjQWO6MMVlZ6hK6TGWbJDHRT2A2wZE0CBnG6MpDVg
JIUln+TS2ftq658OnygU7WNioD1PJqbAAa/v/JuFe+cy3oDbyfJYJIWQp5+EjOfq
BsWrzCC9ykmZLI+n4zbVqKUPPNtls1S3E7uj/9MiGL9kxPvUoWEYUkRAoIEaHrkK
KX/te1yY4oGwP2kHuJDLtLF/8trGnQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDGp
b3u7Fj/cxZ8A2yqkLAf7EmcCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNjExMEU1OEMzNTAxMUVGOTNCRTE0OUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml8wMA0GCSqGSIb3DQEB
CwUAA4IBAQB2S4Nwue6CwR48cB+JH1d2plXrv6PxciucoFaJc3BBgsc6rsCwD8cu
+5hQDBRr5xDjPEdus/v2ziT5LUrjQKBvlo1T8Lr6ZxuPIVjslep9oKL53aJaHNaN
RT2Wkr288aGJazVQeIhJp4pLE7iIhihiP41bK9kD95zCiluF0sdh1Y5idJOg4kOF
zzQBUTcYIMkcCOKzW4vUFIdQuI6lpcnmLf0L7N+G1oq0IfJW9kT7sdirs7ea2f8T
krCSEXp0dcUXoMzwKb0ShK5MWPNRCCPWPw4Hrzxgtnrx7CU4EaKfd45Fn8sntShn
/+2akSoDU9ymDLf0gLerHrdN1EAtOnY+
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:25 2025 by rpki-client