Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDB4A5A8B21411EF83B74A87762E951A.roa
File: BDB4A5A8B21411EF83B74A87762E951A.roa (raw, json)
Hash identifier: K7JBFFujBuTAa0t/IBXVkwCbcwCzzJT9EBjhVGo15/w=
Subject key identifier: C8:EE:54:81:B2:46:76:B7:3A:9D:A3:40:83:DB:F9:EE:3D:69:94:1A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0117CC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDB4A5A8B21411EF83B74A87762E951A.roa
Signing time: Wed 04 Dec 2024 07:52:42 +0000
ROA not before: Wed 04 Dec 2024 07:52:39 +0000
ROA not after: Fri 24 Oct 2025 07:52:39 +0000
asID: 152700
IP address blocks: 154.211.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71628 (0x117cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 4 07:52:39 2024 GMT
Not After : Oct 24 07:52:39 2025 GMT
Subject: CN=67500a4a-10f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:12:a4:cd:57:c2:d0:6a:c7:38:fd:51:16:b6:
e3:44:6b:53:49:53:86:dd:ef:00:6b:51:0f:3c:b2:
57:49:6a:f6:06:8d:41:85:65:74:ea:1e:5e:dd:65:
32:a8:e6:01:ff:0c:d7:d8:ef:8c:1d:bc:70:6a:d8:
c2:f2:4c:fa:3f:45:d3:0e:e9:10:81:1d:3a:00:0c:
59:86:f0:f0:51:e6:99:6c:10:5a:de:5f:32:b1:81:
07:18:95:0b:3c:16:91:52:d9:ae:e0:00:45:97:95:
9b:7f:97:9c:a7:2b:06:5f:e1:fb:09:18:76:12:17:
3e:92:6f:f1:1b:c1:59:31:4e:1f:47:3c:e8:85:af:
4e:8b:ba:9a:b4:1a:37:04:fb:fd:16:fe:3a:09:82:
af:37:3f:ac:e8:0f:2f:9a:44:e3:e6:e5:55:d9:63:
8a:fd:77:8f:30:d6:31:9a:ca:82:7c:fc:c7:ef:7d:
7a:25:c0:87:df:6d:21:1b:f7:f6:65:c9:fd:62:63:
cd:62:d5:6d:50:89:f8:ae:30:d1:f9:06:39:96:06:
03:77:c0:be:71:54:5d:ca:90:1e:15:47:89:d5:7f:
0e:f9:dd:47:ce:5e:2f:02:de:b2:6d:b9:44:da:6d:
20:24:2c:aa:c1:e7:a3:da:ed:bc:d9:5e:7d:dc:b4:
24:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EE:54:81:B2:46:76:B7:3A:9D:A3:40:83:DB:F9:EE:3D:69:94:1A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDB4A5A8B21411EF83B74A87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.211.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:2a:be:f7:6a:f7:82:27:7f:24:99:c9:82:6e:35:30:09:4f:
78:37:c2:b4:75:1f:b1:44:94:35:64:d1:c6:eb:18:03:2e:2c:
08:8f:44:b9:c3:ec:a6:19:ba:4e:e7:72:cb:ec:71:c4:51:68:
dd:0e:8d:fb:f2:3d:60:08:5d:dc:6e:00:c8:02:e9:f6:eb:b3:
87:31:64:09:6c:e4:d7:99:ef:95:3b:50:49:9a:84:bf:1e:c0:
b7:cb:c4:d3:c6:40:08:18:af:53:92:ff:cf:81:bb:ce:b8:bd:
aa:c9:6c:02:57:9c:24:49:67:6a:cd:cf:8b:da:f2:e2:17:1c:
35:4f:5d:47:1e:ab:e3:d7:a5:c1:7d:72:a9:cb:72:31:71:ac:
65:f2:fe:6c:27:c3:45:5f:17:f9:5e:ba:73:13:ac:34:40:73:
9c:0d:06:12:23:b8:7b:96:1a:14:49:73:e9:93:46:e6:3b:83:
e0:ff:2a:b4:87:23:53:36:fd:05:ea:62:b1:1f:70:ec:d4:52:
dc:6f:6a:3f:91:1b:95:33:38:55:f6:53:74:2c:95:db:77:a1:
92:31:7b:a2:b2:33:e8:b2:df:32:27:41:75:27:a6:76:d4:6c:
5e:44:4f:b9:17:dd:f7:cd:6f:cf:a6:ae:70:82:a0:27:fd:52:
65:d4:c6:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARfMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjA0MDc1MjM5WhcNMjUxMDI0MDc1MjM5WjAYMRYw
FAYDVQQDEw02NzUwMGE0YS0xMGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6hKkzVfC0GrHOP1RFrbjRGtTSVOG3e8Aa1EPPLJXSWr2Bo1BhWV06h5e
3WUyqOYB/wzX2O+MHbxwatjC8kz6P0XTDukQgR06AAxZhvDwUeaZbBBa3l8ysYEH
GJULPBaRUtmu4ABFl5Wbf5ecpysGX+H7CRh2Ehc+km/xG8FZMU4fRzzoha9Oi7qa
tBo3BPv9Fv46CYKvNz+s6A8vmkTj5uVV2WOK/XePMNYxmsqCfPzH7316JcCH320h
G/f2Zcn9YmPNYtVtUIn4rjDR+QY5lgYDd8C+cVRdypAeFUeJ1X8O+d1Hzl4vAt6y
bblE2m0gJCyqweej2u282V593LQkMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMju
VIGyRna3Op2jQIPb+e49aZQaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CREI0QTVBOEIyMTQxMUVGODNCNzRBODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtPTMA0GCSqGSIb3DQEB
CwUAA4IBAQAsKr73aveCJ38kmcmCbjUwCU94N8K0dR+xRJQ1ZNHG6xgDLiwIj0S5
w+ymGbpO53LL7HHEUWjdDo378j1gCF3cbgDIAun267OHMWQJbOTXme+VO1BJmoS/
HsC3y8TTxkAIGK9Tkv/PgbvOuL2qyWwCV5wkSWdqzc+L2vLiFxw1T11HHqvj16XB
fXKpy3Ixcaxl8v5sJ8NFXxf5XrpzE6w0QHOcDQYSI7h7lhoUSXPpk0bmO4Pg/yq0
hyNTNv0F6mKxH3Ds1FLcb2o/kRuVMzhV9lN0LJXbd6GSMXuisjPost8yJ0F1J6Z2
1GxeRE+5F933zW/Ppq5wgqAn/VJl1Mbu
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:50:29 2025 by rpki-client