Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/088D6158CDB511EFA012D7B3762E951A.roa
File: 088D6158CDB511EFA012D7B3762E951A.roa (raw, json)
Hash identifier: 5bfpWxKrf0aDm5MbQqGoWLt/Q3zuLMwtlxK2i39VH/w=
Subject key identifier: C8:60:08:09:5C:E5:A9:F6:78:37:2F:A8:5B:1B:46:21:44:B8:2F:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/088D6158CDB511EFA012D7B3762E951A.roa
Signing time: Wed 08 Jan 2025 11:38:09 +0000
ROA not before: Wed 08 Jan 2025 11:38:05 +0000
ROA not after: Tue 16 Dec 2025 11:38:05 +0000
asID: 984
IP address blocks: 154.200.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79532 (0x136ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 11:38:05 2025 GMT
Not After : Dec 16 11:38:05 2025 GMT
Subject: CN=677e63a1-db37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:58:22:e5:bf:65:b8:0b:42:ba:9f:32:57:
0c:f6:9b:d0:53:63:21:7a:2c:85:88:a1:a3:18:98:
3f:69:e8:76:69:a4:47:90:fd:6a:55:30:5e:94:7a:
fb:ed:d3:9a:4a:0e:e9:5c:84:a0:4e:a0:24:54:78:
7d:19:d9:1c:9e:ce:f3:80:90:94:60:8c:f4:4c:12:
d3:9d:71:47:09:0c:7d:9e:87:68:a0:d5:74:ae:53:
31:c6:54:c7:bc:df:07:86:1b:f4:16:84:a1:51:d8:
98:b3:0d:66:2b:4d:01:55:3c:43:9a:c3:7f:2a:2d:
e8:61:da:40:8c:62:08:d2:10:d4:65:47:0b:fd:02:
f8:bb:5a:dc:7c:e7:84:d4:e9:75:a8:6e:66:3a:d9:
45:15:47:52:2c:c5:e1:fd:d6:dc:ee:fb:49:91:8d:
06:8e:32:2c:3d:b9:db:8c:9f:55:7e:0c:42:40:84:
ad:1d:24:d8:2c:7c:0a:b2:83:8e:7b:e2:df:71:15:
c7:82:23:c6:4a:fc:b2:fc:f0:15:04:5f:b3:d5:14:
f8:ae:2b:2d:5d:13:49:5f:51:ba:9b:89:09:bb:2c:
87:0d:58:6d:45:9a:55:84:32:e2:33:c3:cb:9f:39:
b6:df:d5:cb:37:b9:93:3e:01:25:68:d3:7e:4d:54:
bc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:60:08:09:5C:E5:A9:F6:78:37:2F:A8:5B:1B:46:21:44:B8:2F:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/088D6158CDB511EFA012D7B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.134.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:9c:a8:2a:56:c2:f2:4b:f6:b4:02:36:11:f4:07:dc:20:80:
f4:3c:d1:6f:86:5e:ac:6c:5c:68:31:89:e7:1c:da:10:47:35:
91:7f:07:0d:9e:4d:a8:fb:41:60:36:2a:b7:6f:47:3a:37:25:
c2:00:37:8d:b5:f9:43:9f:b2:5d:70:c7:c0:09:37:00:4b:d3:
cf:60:fc:e9:73:80:bb:c9:2b:c6:3a:00:18:a7:32:81:4b:fa:
a7:5f:88:9d:bb:9a:8a:eb:64:49:f0:10:8e:0c:ab:1d:d0:a0:
51:34:02:8c:7a:57:65:07:3d:36:a3:fc:75:8f:13:61:98:20:
7d:fc:b9:7d:9f:2f:d9:01:53:e6:ce:17:88:c0:5b:09:2b:b5:
4f:bb:b6:b0:b4:9c:cf:65:9a:65:4d:8e:f0:5f:bb:58:56:3a:
fb:f6:cd:1d:4f:e9:2c:8f:9d:86:2c:1a:d4:a5:97:59:68:e5:
b6:a8:3d:80:9a:2b:06:fe:a3:41:6b:69:5e:66:a0:66:87:32:
1b:13:3a:a3:52:a2:0d:17:93:ea:ed:e9:de:38:7c:14:c9:f8:
1d:f4:50:79:74:73:23:e7:a9:c9:a8:fe:da:36:88:93:34:94:
ae:05:27:9b:5b:ef:89:fa:ac:24:33:49:ff:20:17:f6:38:84:
1c:d0:28:81
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATasMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTEzODA1WhcNMjUxMjE2MTEzODA1WjAYMRYw
FAYDVQQDEw02NzdlNjNhMS1kYjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt/RYIuW/ZbgLQrqfMlcM9pvQU2MheiyFiKGjGJg/aeh2aaRHkP1qVTBe
lHr77dOaSg7pXISgTqAkVHh9Gdkcns7zgJCUYIz0TBLTnXFHCQx9nodooNV0rlMx
xlTHvN8Hhhv0FoShUdiYsw1mK00BVTxDmsN/Ki3oYdpAjGII0hDUZUcL/QL4u1rc
fOeE1Ol1qG5mOtlFFUdSLMXh/dbc7vtJkY0GjjIsPbnbjJ9VfgxCQIStHSTYLHwK
soOOe+LfcRXHgiPGSvyy/PAVBF+z1RT4ristXRNJX1G6m4kJuyyHDVhtRZpVhDLi
M8PLnzm239XLN7mTPgElaNN+TVS8pQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMhg
CAlc5an2eDcvqFsbRiFEuC9lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wODhENjE1OENEQjUxMUVGQTAxMkQ3QjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsiGMA0GCSqGSIb3DQEB
CwUAA4IBAQDBnKgqVsLyS/a0AjYR9AfcIID0PNFvhl6sbFxoMYnnHNoQRzWRfwcN
nk2o+0FgNiq3b0c6NyXCADeNtflDn7JdcMfACTcAS9PPYPzpc4C7ySvGOgAYpzKB
S/qnX4idu5qK62RJ8BCODKsd0KBRNAKMeldlBz02o/x1jxNhmCB9/Ll9ny/ZAVPm
zheIwFsJK7VPu7awtJzPZZplTY7wX7tYVjr79s0dT+ksj52GLBrUpZdZaOW2qD2A
misG/qNBa2leZqBmhzIbEzqjUqINF5Pq7eneOHwUyfgd9FB5dHMj56nJqP7aNoiT
NJSuBSebW++J+qwkM0n/IBf2OIQc0CiB
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:59:26 2025 by rpki-client