Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00BE4604C1A311EF877F3465762E951A.roa
File: 00BE4604C1A311EF877F3465762E951A.roa (raw, json)
Hash identifier: gCmXwOjemQX1xUqgcyVRy5xDkQNwZ3zJbDk22IqyLow=
Subject key identifier: FF:19:CB:6F:F2:04:92:2A:DE:D1:FD:98:EF:E6:18:34:C9:5C:24:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0120CB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00BE4604C1A311EF877F3465762E951A.roa
Signing time: Tue 24 Dec 2024 02:58:51 +0000
ROA not before: Tue 24 Dec 2024 02:58:47 +0000
ROA not after: Wed 10 Dec 2025 02:58:47 +0000
asID: 984
IP address blocks: 154.92.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73931 (0x120cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 02:58:47 2024 GMT
Not After : Dec 10 02:58:47 2025 GMT
Subject: CN=676a236b-04a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:41:5c:af:bd:1d:e4:c2:b7:0a:98:cb:d7:1a:
47:39:7d:c0:2f:0b:e9:74:01:83:e6:fe:c6:d6:65:
2d:51:8f:03:d5:b4:11:0f:27:5e:4c:92:80:fb:fe:
28:5b:c6:8d:97:e3:49:9a:6b:7d:1c:08:49:4c:84:
d2:ee:21:8b:2f:73:c3:5d:64:17:3a:62:25:c1:28:
9d:4a:a9:e4:ce:c0:6d:9a:7f:8f:93:67:93:34:65:
1a:65:24:a5:af:fc:d6:00:6f:3b:92:e2:78:ba:1b:
fd:90:dc:4a:45:ce:7f:aa:94:b9:aa:74:fc:9d:9b:
63:2b:a7:7f:3d:f9:ec:b8:c0:0d:ea:f3:ed:72:8a:
d7:61:67:12:f5:54:c1:85:d1:63:7d:3a:49:f9:18:
94:c9:af:b9:c1:a4:d9:89:ef:25:18:b8:cb:b7:9e:
89:46:3d:40:0f:da:c5:ef:4d:e4:f2:8e:bc:80:8b:
4b:99:ae:6c:2a:34:6f:bc:e0:e7:d5:33:63:a6:f7:
62:f3:ca:14:8f:9c:37:34:c6:13:b7:be:0b:a5:c3:
95:66:be:75:69:6a:cf:52:e2:93:62:75:82:56:af:
fc:21:a9:df:dc:8a:b7:b1:5c:3e:f0:5d:7f:cd:09:
f6:f5:a9:de:de:75:c9:2e:46:a9:cf:41:24:e5:39:
91:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:19:CB:6F:F2:04:92:2A:DE:D1:FD:98:EF:E6:18:34:C9:5C:24:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00BE4604C1A311EF877F3465762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.140.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f5:b6:0a:8e:1d:f4:f2:e1:b8:98:1c:78:a5:81:3c:6c:66:
62:c4:3c:5e:3c:7f:4a:da:38:5c:3c:a2:4e:a6:b0:c0:db:9a:
27:09:83:e2:dd:2a:64:7b:6b:d1:4b:ac:bc:92:cd:ea:4a:dc:
ba:85:47:c4:86:7e:7b:09:5c:11:25:ca:2f:82:9d:80:13:af:
c6:60:8c:2e:de:1d:5e:cd:7e:25:64:ef:64:23:fa:d7:19:d2:
4d:3b:19:8a:9b:0b:30:e0:76:23:0c:00:6e:3d:5d:a9:0d:63:
74:7b:c2:38:54:ad:91:d4:e0:f9:ef:73:e0:9c:4a:77:40:4e:
35:3c:44:20:84:a8:ce:a1:d9:a1:9a:e4:4c:54:fb:af:02:27:
3f:ad:73:30:f5:9c:43:48:20:fc:a8:5c:6a:67:d9:dd:69:23:
db:5f:60:36:2c:eb:b8:08:b0:79:24:99:8e:03:76:91:3d:9d:
2f:ff:eb:3a:64:e0:6c:60:4b:4d:04:f3:88:44:50:7f:ce:ad:
84:a8:55:13:61:be:da:f7:4f:0a:2a:29:a7:a1:5a:ea:4f:6d:
53:6e:9c:07:4b:71:f9:ff:a8:da:a9:db:2e:02:e7:86:b7:b1:
9f:1c:ec:25:66:12:94:a4:f0:00:c7:ba:9d:6c:2f:fb:f9:e6:
e3:ae:ff:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASDLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDI1ODQ3WhcNMjUxMjEwMDI1ODQ3WjAYMRYw
FAYDVQQDEw02NzZhMjM2Yi0wNGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlUFcr70d5MK3CpjL1xpHOX3ALwvpdAGD5v7G1mUtUY8D1bQRDydeTJKA
+/4oW8aNl+NJmmt9HAhJTITS7iGLL3PDXWQXOmIlwSidSqnkzsBtmn+Pk2eTNGUa
ZSSlr/zWAG87kuJ4uhv9kNxKRc5/qpS5qnT8nZtjK6d/PfnsuMAN6vPtcorXYWcS
9VTBhdFjfTpJ+RiUya+5waTZie8lGLjLt56JRj1AD9rF703k8o68gItLma5sKjRv
vODn1TNjpvdi88oUj5w3NMYTt74LpcOVZr51aWrPUuKTYnWCVq/8Ianf3Iq3sVw+
8F1/zQn29ane3nXJLkapz0Ek5TmRCQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP8Z
y2/yBJIq3tH9mO/mGDTJXCSPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMEJFNDYwNEMxQTMxMUVGODc3RjM0NjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlyMMA0GCSqGSIb3DQEB
CwUAA4IBAQBe9bYKjh308uG4mBx4pYE8bGZixDxePH9K2jhcPKJOprDA25onCYPi
3Spke2vRS6y8ks3qSty6hUfEhn57CVwRJcovgp2AE6/GYIwu3h1ezX4lZO9kI/rX
GdJNOxmKmwsw4HYjDABuPV2pDWN0e8I4VK2R1OD573PgnEp3QE41PEQghKjOodmh
muRMVPuvAic/rXMw9ZxDSCD8qFxqZ9ndaSPbX2A2LOu4CLB5JJmOA3aRPZ0v/+s6
ZOBsYEtNBPOIRFB/zq2EqFUTYb7a908KKimnoVrqT21TbpwHS3H5/6jaqdsuAueG
t7GfHOwlZhKUpPAAx7qdbC/7+ebjrv/T
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:58 2025 by rpki-client