Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0960E8ECFF2A11EFB4C25891762E951A.roa
File: 0960E8ECFF2A11EFB4C25891762E951A.roa (raw, json)
Hash identifier: UzViYg7z63F/V48HqQBP7ulojbgrHXee496s+smcZOk=
Subject key identifier: 94:65:6F:DC:E7:9B:7B:84:13:C2:94:87:F8:0B:CC:C9:23:76:02:C5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173DD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0960E8ECFF2A11EFB4C25891762E951A.roa
Signing time: Wed 12 Mar 2025 10:09:08 +0000
ROA not before: Wed 12 Mar 2025 10:09:04 +0000
ROA not after: Thu 24 Apr 2025 10:09:04 +0000
asID: 55020
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95197 (0x173dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 10:09:04 2025 GMT
Not After : Apr 24 10:09:04 2025 GMT
Subject: CN=67d15d44-980b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:28:ce:68:11:2e:09:e5:d6:7c:fb:14:09:8f:
ee:ae:3c:27:7e:d0:ca:82:a5:74:8c:68:8e:20:4c:
bd:6f:47:c0:c2:87:d3:8f:06:55:b3:dc:ab:3a:e5:
3a:f6:93:16:7d:6e:a9:8a:26:8e:15:71:cd:6b:9a:
5a:04:53:ce:ab:bc:dc:40:5a:78:60:75:92:29:65:
95:b2:24:5c:2a:ec:e6:a2:70:dc:bc:72:07:5a:04:
14:6c:82:0a:cb:6d:5e:8b:50:d1:cd:b1:6b:fc:18:
84:1a:95:a5:e7:ff:42:c9:4d:33:df:85:07:9b:d1:
0b:04:9e:92:54:56:e3:4f:21:18:c9:a5:fc:8d:6d:
cc:55:0a:07:08:f8:13:c3:4a:ca:5d:03:f0:05:a9:
a2:a7:c6:4a:b1:ef:01:c0:8a:03:f4:f5:c5:aa:e2:
4a:b8:26:1d:bc:49:c7:80:b7:94:1e:62:2e:d7:52:
7d:d5:4a:df:67:be:c4:71:ed:17:bd:4d:1c:26:fc:
e9:b4:ab:66:ae:6d:5f:a6:91:de:3d:d2:3f:e5:8d:
65:b4:67:3c:c6:b0:73:ce:c5:41:89:7a:ef:41:6f:
e2:3c:39:41:92:e9:49:8b:7c:3a:f7:f1:7f:89:f8:
98:86:ef:81:99:5c:fe:9d:e4:d1:ed:ab:d9:2b:3f:
9b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:65:6F:DC:E7:9B:7B:84:13:C2:94:87:F8:0B:CC:C9:23:76:02:C5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0960E8ECFF2A11EFB4C25891762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:d0:48:1b:89:4e:0c:39:09:c3:86:3e:01:51:18:e2:dd:56:
5c:d3:b0:93:05:5b:a5:c9:d7:be:45:5d:95:57:ae:b2:40:73:
83:30:33:63:cb:eb:af:34:fa:01:d2:3a:4f:81:84:51:75:0b:
c6:20:75:7b:6a:91:52:37:6c:e4:f7:07:e0:e4:d1:0e:87:21:
a3:4b:50:20:ec:d3:ea:33:38:03:66:01:86:4f:63:58:21:5c:
ed:35:e7:5c:47:9c:d7:a6:6e:92:37:07:3a:65:91:81:81:b4:
80:ef:38:0c:f2:16:57:8d:ee:d0:67:d7:42:85:88:e0:c0:89:
a6:2a:f1:d9:ca:a4:d5:0c:21:cc:e2:43:f1:0c:2c:91:7f:14:
4e:a1:22:64:17:40:90:2c:af:2a:9e:a8:9c:18:31:a0:b5:1f:
03:05:70:e4:da:6b:1b:d9:2a:7f:f5:d0:72:f3:5b:a2:9b:5b:
74:56:ef:25:42:6c:a4:09:bf:13:54:3d:d5:f6:00:24:a8:05:
ee:54:01:4e:0c:d2:15:9c:c0:ce:53:14:26:bc:c3:93:91:db:
d4:d4:a0:f3:4d:e0:b2:de:b9:75:a7:ad:91:61:b0:5f:ca:1f:
4c:43:aa:de:a1:02:a8:0e:b5:cd:c3:70:bb:ae:32:b7:e9:ca:
df:94:c6:0f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXPdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMTAwOTA0WhcNMjUwNDI0MTAwOTA0WjAYMRYw
FAYDVQQDEw02N2QxNWQ0NC05ODBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/SjOaBEuCeXWfPsUCY/urjwnftDKgqV0jGiOIEy9b0fAwofTjwZVs9yr
OuU69pMWfW6piiaOFXHNa5paBFPOq7zcQFp4YHWSKWWVsiRcKuzmonDcvHIHWgQU
bIIKy21ei1DRzbFr/BiEGpWl5/9CyU0z34UHm9ELBJ6SVFbjTyEYyaX8jW3MVQoH
CPgTw0rKXQPwBamip8ZKse8BwIoD9PXFquJKuCYdvEnHgLeUHmIu11J91UrfZ77E
ce0XvU0cJvzptKtmrm1fppHePdI/5Y1ltGc8xrBzzsVBiXrvQW/iPDlBkulJi3w6
9/F/ifiYhu+BmVz+neTR7avZKz+bvwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFJRl
b9znm3uEE8KUh/gLzMkjdgLFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOTYwRThFQ0ZGMkExMUVGQjRDMjU4OTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASaWZADBASaWcADBACa
XxgwDQYJKoZIhvcNAQELBQADggEBAG3QSBuJTgw5CcOGPgFRGOLdVlzTsJMFW6XJ
175FXZVXrrJAc4MwM2PL6680+gHSOk+BhFF1C8YgdXtqkVI3bOT3B+Dk0Q6HIaNL
UCDs0+ozOANmAYZPY1ghXO0151xHnNembpI3BzplkYGBtIDvOAzyFleN7tBn10KF
iODAiaYq8dnKpNUMIcziQ/EMLJF/FE6hImQXQJAsryqeqJwYMaC1HwMFcOTaaxvZ
Kn/10HLzW6KbW3RW7yVCbKQJvxNUPdX2ACSoBe5UAU4M0hWcwM5TFCa8w5OR29TU
oPNN4LLeuXWnrZFhsF/KH0xDqt6hAqgOtc3DcLuuMrfpyt+Uxg8=
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:07:24 2025 by rpki-client