Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/115AD074AB3511EF957CE9A8762E951A.roa
File: 115AD074AB3511EF957CE9A8762E951A.roa (raw, json)
Hash identifier: K5ls9lctAwHH0AZuhL/dmAJQYcXSZ+vlGjv0DVwa+ig=
Subject key identifier: 89:FB:48:01:7F:86:18:81:FA:6A:97:16:19:60:33:B7:A5:A2:28:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011354
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/115AD074AB3511EF957CE9A8762E951A.roa
Signing time: Mon 25 Nov 2024 13:56:28 +0000
ROA not before: Mon 25 Nov 2024 13:56:25 +0000
ROA not after: Wed 07 Jan 2026 13:56:25 +0000
asID: 139057
IP address blocks: 154.85.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70484 (0x11354)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 25 13:56:25 2024 GMT
Not After : Jan 7 13:56:25 2026 GMT
Subject: CN=6744820c-308d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e7:f6:a2:79:e8:82:38:be:d7:e6:b3:41:07:
d5:ad:34:d6:2c:a7:bc:4a:d9:24:a9:9d:62:79:05:
a8:18:fb:12:63:44:2c:87:5e:82:2a:f4:85:de:67:
10:1a:75:e0:1b:05:c8:ab:3f:fb:1f:0b:26:47:f5:
f6:43:a6:a2:b6:ef:c9:47:ce:dc:43:41:45:91:e4:
b1:31:ec:09:80:5e:b4:10:14:13:e2:7a:67:5d:c5:
fe:55:90:60:66:ff:22:7e:62:a1:e9:2b:af:b7:27:
cf:ca:c1:d0:24:8b:73:f5:94:26:4f:8f:99:e3:46:
de:4e:ca:d5:1a:63:fc:e7:11:1a:b6:25:9b:f0:2c:
1e:32:d4:ba:6b:ea:7e:92:bd:b4:cf:38:d6:2b:46:
38:76:62:36:dd:9d:ae:c7:56:8e:d7:5f:46:43:59:
3d:a1:98:df:c0:b1:88:2e:ef:88:27:dc:4f:7f:7c:
98:74:ae:99:cc:a3:24:58:54:cb:db:41:c0:e5:6d:
5d:81:be:af:0e:63:e3:37:ce:36:28:57:6a:92:9c:
46:41:12:69:d6:33:ce:3b:6a:12:e1:5f:cd:f5:3e:
1a:bd:be:47:b6:8a:1f:0b:84:34:c8:f1:d4:e1:e2:
db:68:f4:98:72:a1:eb:c6:fa:33:df:7f:01:2c:a6:
66:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FB:48:01:7F:86:18:81:FA:6A:97:16:19:60:33:B7:A5:A2:28:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/115AD074AB3511EF957CE9A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.68.0/22
Signature Algorithm: sha256WithRSAEncryption
72:81:53:2b:5c:8c:9e:1b:0e:c0:79:c7:22:ad:87:68:47:24:
a9:7a:91:0b:d1:dd:d4:a1:52:ab:19:a2:20:9d:25:51:b0:02:
ee:f3:9e:1f:49:31:a5:ba:38:41:89:b2:37:df:63:81:ab:c1:
df:6d:80:64:96:43:61:67:e8:88:d1:52:ca:5b:94:dd:c8:4c:
9a:30:60:e2:39:93:95:63:e1:1f:ae:1a:58:df:7b:93:c7:bb:
0a:e0:5e:0b:63:45:8f:bf:64:c2:d4:0f:fb:57:fe:5a:ef:c6:
ff:65:69:24:e7:0b:92:1f:ab:a5:b1:a7:b9:a8:47:4a:25:94:
02:3a:49:fc:11:ca:f3:40:e8:5a:82:ac:b9:07:19:32:0d:58:
f9:b2:c8:7f:77:c7:e9:d4:a0:4a:ad:55:38:6b:bb:a8:54:4f:
12:0b:5b:4e:90:2b:22:7a:e9:16:59:da:d3:07:30:b5:c5:24:
08:a6:9c:7b:17:06:8d:19:61:b0:eb:51:ec:38:5e:fa:16:ec:
5d:8a:3d:e2:ad:8e:83:39:0f:cf:17:3a:38:f2:84:d4:17:7f:
91:c4:af:86:33:75:2e:98:a2:e1:07:0a:3a:d5:9e:62:4a:28:
29:3f:46:5d:b8:25:1c:a2:d2:61:3e:33:37:ff:2c:87:b0:21:
73:bf:cc:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARNUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTI1MTM1NjI1WhcNMjYwMTA3MTM1NjI1WjAYMRYw
FAYDVQQDEw02NzQ0ODIwYy0zMDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+f2onnogji+1+azQQfVrTTWLKe8StkkqZ1ieQWoGPsSY0Qsh16CKvSF
3mcQGnXgGwXIqz/7HwsmR/X2Q6aitu/JR87cQ0FFkeSxMewJgF60EBQT4npnXcX+
VZBgZv8ifmKh6SuvtyfPysHQJItz9ZQmT4+Z40beTsrVGmP85xEatiWb8CweMtS6
a+p+kr20zzjWK0Y4dmI23Z2ux1aO119GQ1k9oZjfwLGILu+IJ9xPf3yYdK6ZzKMk
WFTL20HA5W1dgb6vDmPjN842KFdqkpxGQRJp1jPOO2oS4V/N9T4avb5HtoofC4Q0
yPHU4eLbaPSYcqHrxvoz338BLKZmXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIn7
SAF/hhiB+mqXFhlgM7eloijUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMTVBRDA3NEFCMzUxMUVGOTU3Q0U5QTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlVEMA0GCSqGSIb3DQEB
CwUAA4IBAQBygVMrXIyeGw7AeccirYdoRySpepEL0d3UoVKrGaIgnSVRsALu854f
STGlujhBibI332OBq8HfbYBklkNhZ+iI0VLKW5TdyEyaMGDiOZOVY+EfrhpY33uT
x7sK4F4LY0WPv2TC1A/7V/5a78b/ZWkk5wuSH6ulsae5qEdKJZQCOkn8EcrzQOha
gqy5BxkyDVj5ssh/d8fp1KBKrVU4a7uoVE8SC1tOkCsieukWWdrTBzC1xSQIppx7
FwaNGWGw61HsOF76Fuxdij3irY6DOQ/PFzo48oTUF3+RxK+GM3UumKLhBwo61Z5i
SigpP0ZduCUcotJhPjM3/yyHsCFzv8x1
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:37:03 2025 by rpki-client