Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD699C08C51F11EF88DBB89A762E951A.roa
File: FD699C08C51F11EF88DBB89A762E951A.roa (raw, json)
Hash identifier: qHAyEWZn1pRW6kyo7XAoTpoVDd518Cy83TmjgAiN3cA=
Subject key identifier: 3A:82:5A:89:89:77:F2:DE:FF:F6:11:94:05:0A:BF:38:95:26:5D:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012B4D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD699C08C51F11EF88DBB89A762E951A.roa
Signing time: Sat 28 Dec 2024 13:31:06 +0000
ROA not before: Sat 28 Dec 2024 13:31:02 +0000
ROA not after: Sun 12 Dec 2027 13:31:02 +0000
asID: 17561
IP address blocks: 154.203.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 10:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76621 (0x12b4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 13:31:02 2024 GMT
Not After : Dec 12 13:31:02 2027 GMT
Subject: CN=676ffd9a-943c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:68:1c:5d:ad:81:e6:9f:05:20:e3:61:c9:70:
29:9b:0e:27:10:e3:75:82:12:98:be:b1:66:ef:67:
f2:19:92:e4:5f:c0:46:1c:a8:c5:1c:cc:38:9a:2d:
38:62:79:57:44:72:f3:b2:1c:b1:4b:69:ba:b7:53:
7d:29:f9:3b:08:92:2f:1d:7b:f6:cd:4f:0c:7f:41:
26:17:ca:6c:95:43:d2:a4:ab:1b:5b:89:af:14:08:
08:eb:c6:e1:fb:b8:2e:2a:0a:3a:10:6c:5c:0c:20:
51:ad:be:3b:b6:f5:43:03:30:7a:69:51:22:5a:6f:
29:2b:d4:24:e1:1a:f4:d3:ec:44:c6:be:41:fc:eb:
a6:44:c2:93:4f:ac:47:d2:ed:ff:df:fd:18:97:ef:
d7:3a:c5:49:b4:7d:8c:dc:02:e5:a0:99:be:9f:f4:
83:d1:90:64:a8:4a:96:b7:47:7b:5d:f7:90:d5:54:
25:7e:20:ee:03:83:7d:c0:75:1d:99:be:cc:51:c3:
f5:6f:cd:dc:84:47:a6:21:de:ff:21:8d:b9:37:a4:
e7:19:09:58:fa:f2:e3:00:6f:e3:a1:45:90:35:02:
d4:38:11:92:61:dd:94:9e:e6:cf:08:c6:b1:38:09:
d2:5f:1f:fd:67:36:c7:72:24:4e:b3:48:b5:c2:37:
b8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:82:5A:89:89:77:F2:DE:FF:F6:11:94:05:0A:BF:38:95:26:5D:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD699C08C51F11EF88DBB89A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.91.0/24
Signature Algorithm: sha256WithRSAEncryption
04:e5:8a:78:f8:db:a2:dd:49:7d:a0:83:33:d9:85:69:95:fc:
ae:22:40:a8:c2:2f:3f:64:0f:e7:56:4e:3d:ff:01:e2:7e:61:
3a:3c:25:13:b2:e9:e1:78:06:72:b7:2c:7a:a0:51:05:4a:75:
85:76:f0:b2:d7:08:39:67:57:c8:8f:e6:15:91:93:53:50:cb:
79:ea:0b:3b:c6:3c:c6:c1:d8:06:23:8d:42:10:d0:0f:79:56:
6c:be:45:e7:e0:ed:df:1f:1e:f0:75:a4:e1:30:c6:cf:e4:9a:
a7:fe:5a:81:fb:dc:86:f9:cc:24:15:20:17:b9:3b:70:df:f4:
ec:3c:0c:63:e9:9f:87:35:6a:6c:6d:45:d8:43:60:0e:72:ff:
9d:36:29:d9:85:42:68:ee:10:8d:e0:4e:85:03:28:b8:7e:7b:
5a:d7:2c:d1:85:35:42:00:38:28:37:35:e0:44:99:d6:67:29:
6a:b3:b5:8f:ba:be:26:e9:b3:f8:2b:81:0e:02:82:48:8c:b7:
7e:76:11:47:91:73:65:e7:7a:0c:3f:87:30:63:3d:87:ad:95:
b0:18:90:ee:03:5a:2b:ec:e1:a0:49:4b:7a:f8:13:02:d8:d6:
2d:42:1d:26:a9:a5:f0:f5:eb:2d:03:e1:2c:30:b1:ff:c2:1e:
2c:c6:87:28
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAStNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTMzMTAyWhcNMjcxMjEyMTMzMTAyWjAYMRYw
FAYDVQQDEw02NzZmZmQ5YS05NDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqmgcXa2B5p8FIONhyXApmw4nEON1ghKYvrFm72fyGZLkX8BGHKjFHMw4
mi04YnlXRHLzshyxS2m6t1N9Kfk7CJIvHXv2zU8Mf0EmF8pslUPSpKsbW4mvFAgI
68bh+7guKgo6EGxcDCBRrb47tvVDAzB6aVEiWm8pK9Qk4Rr00+xExr5B/OumRMKT
T6xH0u3/3/0Yl+/XOsVJtH2M3ALloJm+n/SD0ZBkqEqWt0d7XfeQ1VQlfiDuA4N9
wHUdmb7MUcP1b83chEemId7/IY25N6TnGQlY+vLjAG/joUWQNQLUOBGSYd2UnubP
CMaxOAnSXx/9ZzbHciROs0i1wje4iwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDqC
WomJd/Le//YRlAUKvziVJl2PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRDY5OUMwOEM1MUYxMUVGODhEQkI4OUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmstbMA0GCSqGSIb3DQEB
CwUAA4IBAQAE5Yp4+Nui3Ul9oIMz2YVplfyuIkCowi8/ZA/nVk49/wHifmE6PCUT
sunheAZytyx6oFEFSnWFdvCy1wg5Z1fIj+YVkZNTUMt56gs7xjzGwdgGI41CENAP
eVZsvkXn4O3fHx7wdaThMMbP5Jqn/lqB+9yG+cwkFSAXuTtw3/TsPAxj6Z+HNWps
bUXYQ2AOcv+dNinZhUJo7hCN4E6FAyi4fnta1yzRhTVCADgoNzXgRJnWZylqs7WP
ur4m6bP4K4EOAoJIjLd+dhFHkXNl53oMP4cwYz2HrZWwGJDuA1or7OGgSUt6+BMC
2NYtQh0mqaXw9estA+EsMLH/wh4sxoco
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:50:25 2025 by rpki-client