Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F8D5781CC1CB11EF9A0F2869762E951A.roa
File: F8D5781CC1CB11EF9A0F2869762E951A.roa (raw, json)
Hash identifier: 83x5z/yqtEZq0eqjtxUYyrB/eGWVF0QSIlkCaNWJ/oE=
Subject key identifier: 02:8C:26:BF:A2:B6:B6:97:68:BD:0C:69:F1:EF:07:B2:42:D3:18:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012267
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F8D5781CC1CB11EF9A0F2869762E951A.roa
Signing time: Tue 24 Dec 2024 07:52:07 +0000
ROA not before: Tue 24 Dec 2024 07:52:03 +0000
ROA not after: Wed 10 Dec 2025 07:52:03 +0000
asID: 984
IP address blocks: 154.193.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74343 (0x12267)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 07:52:03 2024 GMT
Not After : Dec 10 07:52:03 2025 GMT
Subject: CN=676a6827-3e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3b:1d:5f:66:78:79:6c:e9:f0:c7:ef:c5:53:
6e:7f:a0:37:f0:d1:64:c3:c3:a8:2a:82:4e:d5:c5:
f1:fe:28:14:ba:79:d4:a2:3e:8b:41:55:eb:b9:a0:
bd:eb:43:27:8e:72:0a:cc:8b:76:8f:14:0c:19:10:
89:9c:6c:33:21:49:aa:54:9f:f4:50:db:61:15:8b:
64:68:6f:f5:17:86:5d:ec:20:47:b9:9b:16:c3:3f:
27:5d:33:37:3b:b9:61:ae:2c:9b:e9:4a:0e:44:4c:
af:81:0a:c1:5a:b2:da:e3:d5:cb:b9:c4:2e:9b:8a:
61:37:01:2f:d6:15:ae:6e:d6:83:c4:25:4e:99:f6:
4f:00:82:0e:30:90:33:b7:02:fd:01:58:58:e0:6d:
76:92:51:2f:ca:28:68:44:15:fb:f9:22:04:be:63:
66:ee:98:c4:d5:55:aa:13:4e:50:52:7c:07:73:fe:
a8:8e:95:6e:f0:3a:4b:f2:95:5c:34:77:8d:1c:2f:
88:c7:e3:90:87:3e:8b:7c:96:56:34:43:a2:6e:99:
8d:1d:90:36:e7:33:57:27:3d:f8:ef:28:1d:48:50:
ef:4c:bc:46:b6:e9:6a:47:ca:6d:7a:41:ce:82:cf:
8c:77:40:0e:f2:8a:3f:f3:d2:f0:3c:af:69:41:9f:
ea:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8C:26:BF:A2:B6:B6:97:68:BD:0C:69:F1:EF:07:B2:42:D3:18:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F8D5781CC1CB11EF9A0F2869762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.211.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:c0:73:df:58:3a:90:8c:d7:4c:57:b1:e7:70:e3:2b:57:b7:
fb:e9:71:58:50:23:04:23:3f:e4:17:ee:ec:48:68:24:11:b1:
66:43:11:02:14:71:d1:d8:26:c4:02:03:98:a1:56:9d:ea:60:
fb:8f:8f:df:cd:0c:f5:63:44:ea:93:69:83:7b:e5:35:80:c4:
cb:52:90:7d:27:60:cb:e0:c8:fb:63:2f:01:76:61:db:c7:ab:
72:e1:cc:22:a1:57:b4:64:ae:3f:d7:c8:50:ba:7c:45:17:72:
79:21:9c:ad:02:31:04:ee:77:f1:20:cd:51:9e:21:7b:10:4b:
d6:20:38:26:15:ee:7d:a8:b0:04:37:84:83:03:02:f4:85:41:
55:a8:19:9d:20:d6:a5:00:bb:a8:86:be:eb:40:83:29:8e:75:
d6:d0:17:6a:ed:6e:12:70:b0:8e:54:b2:7b:3c:02:bd:f2:37:
38:fb:5e:36:fd:d4:10:d8:19:38:7f:82:c4:ed:23:8b:8f:37:
d3:29:5a:b2:20:47:93:41:bd:4b:0d:27:ba:bf:37:06:5a:1f:
1d:93:7c:a6:b7:03:b6:ac:0d:fc:a4:8f:2a:2e:55:09:e8:eb:
d4:90:92:35:c0:a9:f2:cf:ed:17:22:5e:c8:1f:05:c5:9f:b6:
c6:ab:ae:ff
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASJnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDc1MjAzWhcNMjUxMjEwMDc1MjAzWjAYMRYw
FAYDVQQDEw02NzZhNjgyNy0zZTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuTsdX2Z4eWzp8MfvxVNuf6A38NFkw8OoKoJO1cXx/igUunnUoj6LQVXr
uaC960MnjnIKzIt2jxQMGRCJnGwzIUmqVJ/0UNthFYtkaG/1F4Zd7CBHuZsWwz8n
XTM3O7lhriyb6UoOREyvgQrBWrLa49XLucQum4phNwEv1hWubtaDxCVOmfZPAIIO
MJAztwL9AVhY4G12klEvyihoRBX7+SIEvmNm7pjE1VWqE05QUnwHc/6ojpVu8DpL
8pVcNHeNHC+Ix+OQhz6LfJZWNEOibpmNHZA25zNXJz347ygdSFDvTLxGtulqR8pt
ekHOgs+Md0AO8oo/89LwPK9pQZ/q2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAKM
Jr+itraXaL0MafHvB7JC0xg+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GOEQ1NzgxQ0MxQ0IxMUVGOUEwRjI4Njk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsHTMA0GCSqGSIb3DQEB
CwUAA4IBAQBMwHPfWDqQjNdMV7HncOMrV7f76XFYUCMEIz/kF+7sSGgkEbFmQxEC
FHHR2CbEAgOYoVad6mD7j4/fzQz1Y0Tqk2mDe+U1gMTLUpB9J2DL4Mj7Yy8BdmHb
x6ty4cwioVe0ZK4/18hQunxFF3J5IZytAjEE7nfxIM1RniF7EEvWIDgmFe59qLAE
N4SDAwL0hUFVqBmdINalALuohr7rQIMpjnXW0Bdq7W4ScLCOVLJ7PAK98jc4+142
/dQQ2Bk4f4LE7SOLjzfTKVqyIEeTQb1LDSe6vzcGWh8dk3ymtwO2rA38pI8qLlUJ
6OvUkJI1wKnyz+0XIl7IHwXFn7bGq67/
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:49 2025 by rpki-client