Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB65B794C53711EFB4BDA6B0762E951A.roa
File: FB65B794C53711EFB4BDA6B0762E951A.roa (raw, json)
Hash identifier: Xl/qyVJDZ0ZYS0FjYd9stvoQbwkbRtezv11aFx2dpYw=
Subject key identifier: 5B:DA:DD:C5:AD:DE:84:8E:60:0C:2D:DA:1D:09:9E:0A:F6:02:0D:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012C29
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB65B794C53711EFB4BDA6B0762E951A.roa
Signing time: Sat 28 Dec 2024 16:22:50 +0000
ROA not before: Sat 28 Dec 2024 16:22:47 +0000
ROA not after: Sun 12 Dec 2027 16:22:47 +0000
asID: 17561
IP address blocks: 154.204.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76841 (0x12c29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 16:22:47 2024 GMT
Not After : Dec 12 16:22:47 2027 GMT
Subject: CN=677025da-7d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7a:b1:48:9e:1c:6d:ef:c2:51:ee:ef:d9:17:
46:4f:8e:81:0d:54:ff:a4:c0:eb:e1:e7:75:2f:61:
e3:48:0c:f4:4f:c9:08:7d:a9:9e:64:44:f6:e7:c0:
d0:d1:5e:79:16:24:e6:d2:ef:7d:cf:d1:14:17:34:
00:78:89:fc:1d:d4:86:aa:34:1c:30:a0:c1:44:1e:
02:7c:96:7e:91:c4:b2:95:ed:f0:69:b4:73:05:3e:
61:75:cc:f9:71:23:47:6c:fd:fe:30:ed:e1:90:c6:
0a:9b:75:86:90:a7:ae:7d:83:1a:77:12:81:b8:ca:
6f:df:9e:16:bf:97:ef:b3:83:c4:25:49:a4:3d:0b:
83:07:5c:86:de:b2:77:45:6b:d0:55:91:99:c3:23:
fb:aa:75:ec:a9:37:a3:57:2c:f4:b7:a2:5c:a8:b6:
87:ae:07:48:a8:40:63:85:6e:b7:eb:00:8a:25:ae:
ee:bc:7d:1e:bb:05:84:d1:d1:0b:a7:57:07:2c:28:
0d:76:5a:8c:36:a8:a3:08:1b:1d:34:19:8c:26:4a:
42:09:d7:99:82:15:3c:9b:7d:b7:dd:65:5f:cb:b7:
68:6a:e8:9b:9c:d2:be:85:7c:41:92:a5:55:c9:56:
86:f4:53:0a:ce:a5:f6:bd:fb:ed:80:db:6f:c5:01:
0a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DA:DD:C5:AD:DE:84:8E:60:0C:2D:DA:1D:09:9E:0A:F6:02:0D:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB65B794C53711EFB4BDA6B0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.125.0/24
Signature Algorithm: sha256WithRSAEncryption
71:4d:24:4a:dc:ad:bf:0f:76:cd:f5:65:e3:cc:6a:70:2d:66:
a6:24:83:5d:6c:02:17:79:8c:dc:8c:8a:d1:66:e1:bf:37:75:
01:95:4c:93:27:88:02:31:ef:85:6f:b2:1b:ee:89:f3:10:c1:
af:fd:f8:be:b9:fa:8f:94:50:7d:7d:e7:4e:82:b8:a1:81:ad:
f0:27:21:bf:56:50:44:e5:73:81:68:ed:4f:7b:94:f9:bb:b0:
b9:58:05:e3:0d:0a:0d:99:db:0b:6d:ee:a0:6e:73:ce:55:9c:
91:34:ff:33:18:4e:72:2f:56:4c:e2:d2:56:3a:2e:77:a8:91:
7e:db:4f:73:1a:ad:77:dc:aa:8f:d6:d7:84:63:d1:39:b6:27:
fc:ed:be:8b:bf:44:4a:5c:bb:0e:12:24:20:1e:9d:7d:dc:80:
e4:b4:ee:56:86:86:ae:2b:9d:25:92:dd:f7:ab:19:af:ed:ef:
8b:ab:1a:32:c7:e9:8b:c9:c1:8d:72:ef:43:94:b2:be:1d:18:
23:3a:33:2b:15:d5:6d:a3:08:6b:67:53:8a:34:97:35:b8:b4:
fd:b9:0b:13:7e:bc:f7:cb:10:e9:40:da:12:cd:bb:03:47:4e:
f1:b2:c8:23:9a:42:2b:09:8c:17:dd:11:15:ab:ff:12:20:14:
15:08:48:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASwpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTYyMjQ3WhcNMjcxMjEyMTYyMjQ3WjAYMRYw
FAYDVQQDEw02NzcwMjVkYS03ZDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzXqxSJ4cbe/CUe7v2RdGT46BDVT/pMDr4ed1L2HjSAz0T8kIfameZET2
58DQ0V55FiTm0u99z9EUFzQAeIn8HdSGqjQcMKDBRB4CfJZ+kcSyle3wabRzBT5h
dcz5cSNHbP3+MO3hkMYKm3WGkKeufYMadxKBuMpv354Wv5fvs4PEJUmkPQuDB1yG
3rJ3RWvQVZGZwyP7qnXsqTejVyz0t6JcqLaHrgdIqEBjhW636wCKJa7uvH0euwWE
0dELp1cHLCgNdlqMNqijCBsdNBmMJkpCCdeZghU8m3233WVfy7doauibnNK+hXxB
kqVVyVaG9FMKzqX2vfvtgNtvxQEKDQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFva
3cWt3oSOYAwt2h0Jngr2Ag3RMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQjY1Qjc5NEM1MzcxMUVGQjRCREE2QjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsx9MA0GCSqGSIb3DQEB
CwUAA4IBAQBxTSRK3K2/D3bN9WXjzGpwLWamJINdbAIXeYzcjIrRZuG/N3UBlUyT
J4gCMe+Fb7Ib7onzEMGv/fi+ufqPlFB9fedOgrihga3wJyG/VlBE5XOBaO1Pe5T5
u7C5WAXjDQoNmdsLbe6gbnPOVZyRNP8zGE5yL1ZM4tJWOi53qJF+209zGq133KqP
1teEY9E5tif87b6Lv0RKXLsOEiQgHp193IDktO5WhoauK50lkt33qxmv7e+Lqxoy
x+mLycGNcu9DlLK+HRgjOjMrFdVtowhrZ1OKNJc1uLT9uQsTfrz3yxDpQNoSzbsD
R07xssgjmkIrCYwX3REVq/8SIBQVCEjF
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:54 2025 by rpki-client