Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE44BD28C1DD11EFB182465B762E951A.roa
File: FE44BD28C1DD11EFB182465B762E951A.roa (raw, json)
Hash identifier: 2T3+K5GAtS2dstc9zUTUBOvMIfxkNf1yE9xAmwx1v7o=
Subject key identifier: A8:00:36:17:48:FA:B2:98:42:82:67:4A:11:22:10:4B:1D:98:47:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012323
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE44BD28C1DD11EFB182465B762E951A.roa
Signing time: Tue 24 Dec 2024 10:01:07 +0000
ROA not before: Tue 24 Dec 2024 10:01:03 +0000
ROA not after: Wed 10 Dec 2025 10:01:03 +0000
asID: 984
IP address blocks: 154.199.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74531 (0x12323)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 10:01:03 2024 GMT
Not After : Dec 10 10:01:03 2025 GMT
Subject: CN=676a8663-bc8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:fc:77:ad:87:bf:17:8b:af:41:a6:10:f3:9e:
33:f1:41:d6:49:36:31:c4:b6:24:ab:73:8a:22:3d:
e1:68:0d:52:34:97:99:15:d6:16:9e:91:0d:24:78:
9a:cf:44:c5:d5:46:69:6e:b8:46:ea:9a:cc:9f:b4:
98:7e:cf:64:8c:23:30:58:68:63:b5:ef:dd:59:e1:
b3:f7:0b:f6:1a:77:78:7a:97:f5:14:91:3d:14:92:
09:bb:70:d5:19:f8:6b:bb:96:70:bc:f5:71:be:1f:
83:c8:54:90:8a:90:5e:36:e6:76:4e:d5:eb:63:d2:
6d:a5:27:b5:82:80:ca:5e:49:6a:a7:21:f4:56:12:
46:04:00:e9:3c:f9:4a:e9:c2:bf:c7:ec:1c:7b:ae:
af:74:c5:f7:ea:ef:e7:02:a1:dc:1e:e7:97:8b:e4:
77:2d:69:44:7f:af:37:39:1f:bf:ed:ed:10:35:83:
21:e8:b5:82:31:26:55:21:5a:6c:26:27:b8:14:2e:
4c:07:9f:bc:a8:8a:07:ea:a4:81:1e:4b:bc:02:cf:
cd:85:15:9c:0f:6d:bb:b4:35:bc:61:3d:13:47:37:
24:be:02:72:49:91:ba:61:7e:ea:aa:10:6c:d4:88:
69:0b:cc:aa:da:f8:59:3b:3e:d1:54:b5:47:41:e7:
7f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:00:36:17:48:FA:B2:98:42:82:67:4A:11:22:10:4B:1D:98:47:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE44BD28C1DD11EFB182465B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.34.0/24
Signature Algorithm: sha256WithRSAEncryption
75:4c:6e:50:c7:bb:9c:57:27:6f:97:8e:7c:c0:82:e9:ce:d6:
6a:0a:4f:ec:aa:36:96:4f:c0:26:af:00:7b:2a:21:09:71:fa:
40:1f:56:a2:d6:f8:8f:d6:58:80:ad:75:29:9b:07:f1:a3:75:
52:1f:32:c5:b1:ba:67:c9:f6:6a:6e:74:ca:d7:64:4f:94:37:
02:6b:62:6f:e6:69:db:5e:be:a7:41:4a:e5:23:c0:5b:dc:e9:
90:6b:c0:4d:ef:1c:0e:4a:3f:3c:7b:11:f1:3c:9e:a2:91:d7:
f2:ec:73:a0:db:15:22:31:0d:bf:54:68:f0:f0:f4:20:c9:9e:
ec:0a:58:4c:df:ae:1e:8f:6f:af:3d:24:ad:ac:4d:e3:cd:79:
af:23:11:53:13:5c:7f:07:1f:69:6b:01:70:5d:af:0c:b0:22:
1a:60:da:ff:50:91:2b:38:0d:a0:5c:90:44:ed:29:02:9b:00:
ef:5c:2e:93:5a:f4:6b:52:14:cb:f9:be:d5:16:93:75:29:0b:
e0:1f:aa:49:18:10:ae:b8:5f:c2:cf:c0:12:48:b9:a6:ba:4d:
0f:25:22:74:5b:34:16:ac:16:4f:4d:82:f8:d3:f3:a4:ac:38:
6b:4f:36:7e:9d:36:0a:12:bd:e2:03:b4:95:2d:96:c4:88:f1:
e3:ef:4f:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASMjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MTAwMTAzWhcNMjUxMjEwMTAwMTAzWjAYMRYw
FAYDVQQDEw02NzZhODY2My1iYzhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6Px3rYe/F4uvQaYQ854z8UHWSTYxxLYkq3OKIj3haA1SNJeZFdYWnpEN
JHiaz0TF1UZpbrhG6prMn7SYfs9kjCMwWGhjte/dWeGz9wv2Gnd4epf1FJE9FJIJ
u3DVGfhru5ZwvPVxvh+DyFSQipBeNuZ2TtXrY9JtpSe1goDKXklqpyH0VhJGBADp
PPlK6cK/x+wce66vdMX36u/nAqHcHueXi+R3LWlEf683OR+/7e0QNYMh6LWCMSZV
IVpsJie4FC5MB5+8qIoH6qSBHku8As/NhRWcD227tDW8YT0TRzckvgJySZG6YX7q
qhBs1IhpC8yq2vhZOz7RVLVHQed/hQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKgA
NhdI+rKYQoJnShEiEEsdmEfXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRTQ0QkQyOEMxREQxMUVGQjE4MjQ2NUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsciMA0GCSqGSIb3DQEB
CwUAA4IBAQB1TG5Qx7ucVydvl458wILpztZqCk/sqjaWT8AmrwB7KiEJcfpAH1ai
1viP1liArXUpmwfxo3VSHzLFsbpnyfZqbnTK12RPlDcCa2Jv5mnbXr6nQUrlI8Bb
3OmQa8BN7xwOSj88exHxPJ6ikdfy7HOg2xUiMQ2/VGjw8PQgyZ7sClhM364ej2+v
PSStrE3jzXmvIxFTE1x/Bx9pawFwXa8MsCIaYNr/UJErOA2gXJBE7SkCmwDvXC6T
WvRrUhTL+b7VFpN1KQvgH6pJGBCuuF/Cz8ASSLmmuk0PJSJ0WzQWrBZPTYL40/Ok
rDhrTzZ+nTYKEr3iA7SVLZbEiPHj708v
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:37 2025 by rpki-client