Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC0FA104C60F11EF859AA888762E951A.roa
File: FC0FA104C60F11EF859AA888762E951A.roa (raw, json)
Hash identifier: AFYVEd9ibxvQd/5AaQ0/HywcZEjlSegMV3wHzNaEQW4=
Subject key identifier: 1C:87:E5:F5:5A:0F:36:C3:F8:9B:35:12:9A:9A:B5:F5:50:A9:24:6F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012EDE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC0FA104C60F11EF859AA888762E951A.roa
Signing time: Sun 29 Dec 2024 18:09:03 +0000
ROA not before: Sun 29 Dec 2024 18:08:59 +0000
ROA not after: Sun 12 Dec 2027 18:08:59 +0000
asID: 17561
IP address blocks: 154.217.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77534 (0x12ede)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 18:08:59 2024 GMT
Not After : Dec 12 18:08:59 2027 GMT
Subject: CN=6771903f-869b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:79:69:2e:dc:3f:f7:40:f3:75:fd:e0:36:5d:
0e:e0:bc:1d:cd:2a:ed:34:e7:51:d0:a4:05:7d:de:
11:65:2e:a5:d0:69:e8:70:4f:d0:56:7f:14:3e:a3:
4a:c8:0c:f8:a7:9a:94:fb:2a:71:61:17:75:59:fb:
08:11:08:8a:5a:8b:94:ca:e9:37:d1:d1:20:f6:bc:
79:4f:8a:6e:71:69:ba:28:57:f7:26:f8:7a:49:dd:
d8:d7:3c:2e:96:fd:f8:ed:1a:02:ac:ea:55:1a:8e:
01:d8:24:47:64:f6:2c:cc:a6:b9:97:dd:2d:57:80:
2c:da:10:2c:98:a9:62:90:e0:ce:5a:97:57:f6:28:
59:ba:6a:39:60:5e:38:19:38:45:b5:7f:65:d1:a5:
e3:f1:1d:6c:83:91:54:95:8c:21:8e:a3:02:4c:ca:
a7:04:9c:0e:34:64:94:3f:96:e4:23:d3:46:b3:e3:
1c:3f:4b:3a:6e:b8:14:f7:76:ec:74:97:96:99:c6:
da:d7:7b:91:45:d9:f1:0e:76:c5:5e:f4:72:47:5f:
8e:00:51:7c:7b:4f:af:33:43:89:f0:8b:01:34:5c:
16:bd:25:fe:a6:93:7d:14:85:c8:e0:e7:e0:8b:56:
82:e5:8f:c3:69:ee:ab:1b:2b:a6:c5:2f:98:d3:93:
58:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:87:E5:F5:5A:0F:36:C3:F8:9B:35:12:9A:9A:B5:F5:50:A9:24:6F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC0FA104C60F11EF859AA888762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.82.0/24
Signature Algorithm: sha256WithRSAEncryption
42:47:8a:2e:04:45:6f:f6:44:44:30:91:5b:67:af:d1:d5:79:
25:49:49:34:fd:58:c7:1d:d6:96:81:44:4d:b0:92:db:4b:d3:
6e:fd:80:03:0a:ac:43:80:e7:fa:dd:d6:b8:fc:60:75:40:0a:
de:81:7c:c5:ee:e6:35:1d:5d:48:7a:6d:ad:b7:f2:46:f3:0d:
fb:e3:f2:3c:a8:bc:38:10:2c:f7:7a:9e:50:9f:1a:df:4b:bf:
fa:6b:74:ff:ff:18:50:a0:9d:7e:24:12:d4:44:ec:d6:bb:67:
a9:3a:39:6a:25:d1:3c:5c:96:30:64:a1:2a:28:54:3e:d2:e0:
e8:51:3e:bb:6b:85:1a:62:94:3e:d9:62:6d:72:59:50:7d:73:
01:80:da:95:ea:7f:9e:c7:61:45:cb:a9:9e:bd:1d:77:17:e7:
0d:67:46:45:09:78:c8:29:c5:4e:3a:d8:75:e7:df:f1:13:14:
5f:dc:8e:30:2f:ae:16:eb:7b:95:52:24:72:c4:db:17:11:f3:
c6:de:90:57:b1:f1:66:8f:70:4e:6e:67:08:09:e5:13:b1:dc:
75:16:97:c2:3b:0d:3d:a8:97:be:f0:87:59:73:0c:8e:e5:11:
11:86:27:09:11:54:fc:0e:ed:e7:d8:9a:f3:6b:1f:57:32:e3:
43:3d:6f:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS7eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTgwODU5WhcNMjcxMjEyMTgwODU5WjAYMRYw
FAYDVQQDEw02NzcxOTAzZi04NjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtXlpLtw/90Dzdf3gNl0O4LwdzSrtNOdR0KQFfd4RZS6l0GnocE/QVn8U
PqNKyAz4p5qU+ypxYRd1WfsIEQiKWouUyuk30dEg9rx5T4pucWm6KFf3Jvh6Sd3Y
1zwulv347RoCrOpVGo4B2CRHZPYszKa5l90tV4As2hAsmKlikODOWpdX9ihZumo5
YF44GThFtX9l0aXj8R1sg5FUlYwhjqMCTMqnBJwONGSUP5bkI9NGs+McP0s6brgU
93bsdJeWmcba13uRRdnxDnbFXvRyR1+OAFF8e0+vM0OJ8IsBNFwWvSX+ppN9FIXI
4Ofgi1aC5Y/Dae6rGyumxS+Y05NYkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFByH
5fVaDzbD+Js1EpqatfVQqSRvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQzBGQTEwNEM2MEYxMUVGODU5QUE4ODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtlSMA0GCSqGSIb3DQEB
CwUAA4IBAQBCR4ouBEVv9kREMJFbZ6/R1XklSUk0/VjHHdaWgURNsJLbS9Nu/YAD
CqxDgOf63da4/GB1QAregXzF7uY1HV1Iem2tt/JG8w374/I8qLw4ECz3ep5Qnxrf
S7/6a3T//xhQoJ1+JBLUROzWu2epOjlqJdE8XJYwZKEqKFQ+0uDoUT67a4UaYpQ+
2WJtcllQfXMBgNqV6n+ex2FFy6mevR13F+cNZ0ZFCXjIKcVOOth159/xExRf3I4w
L64W63uVUiRyxNsXEfPG3pBXsfFmj3BObmcICeUTsdx1FpfCOw09qJe+8IdZcwyO
5RERhicJEVT8Du3n2Jrzax9XMuNDPW/c
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:55 2025 by rpki-client