Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14534CC6F3D711EFA9299C62762E951A.roa
File: 14534CC6F3D711EFA9299C62762E951A.roa (raw, json)
Hash identifier: ri+nwfQBJYDVKlYIhBc1i5h1N8+rPE5wwv9sOzWuzO4=
Subject key identifier: 10:9F:2D:2F:81:EE:99:55:65:D7:E0:EC:D0:04:AE:F8:F8:5E:58:E6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016033
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14534CC6F3D711EFA9299C62762E951A.roa
Signing time: Wed 26 Feb 2025 00:17:36 +0000
ROA not before: Wed 26 Feb 2025 00:00:32 +0000
ROA not after: Thu 19 Feb 2026 00:00:32 +0000
asID: 984
IP address blocks: 154.89.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90163 (0x16033)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 00:00:32 2025 GMT
Not After : Feb 19 00:00:32 2026 GMT
Subject: CN=67be5d9f-dbc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d2:97:4c:0a:2b:b2:6b:7b:d6:ab:8e:7a:81:
ae:36:0d:70:b6:aa:96:7a:20:53:cd:5c:4a:4a:81:
31:7e:73:87:6e:e6:1c:10:c3:4b:53:e9:84:de:f9:
0e:54:f9:11:7b:8c:24:e1:db:e2:01:61:92:bc:1d:
dc:fd:0b:dc:a3:32:e4:41:b3:8d:4a:c7:9a:38:fa:
d1:e8:57:0e:a1:d4:d4:de:88:c9:09:3c:b2:e0:d3:
73:c4:21:58:f5:6a:94:a2:5b:f6:2a:d9:1e:9d:18:
cb:cb:08:ee:ac:87:ea:47:9a:25:11:78:32:90:94:
7d:0c:22:4d:70:d1:b9:53:06:55:c3:6f:81:98:3b:
bf:b8:4b:e9:68:40:e6:75:ec:3c:83:1f:d5:c1:6b:
a6:1e:f9:fa:3f:26:2b:59:d1:52:0e:41:bc:3e:8e:
41:00:34:98:8b:66:a3:0e:fe:42:a6:89:0d:e4:ff:
39:8f:18:d9:ff:b4:34:b5:16:df:28:cd:4e:30:97:
ed:df:2b:5a:50:1d:28:dd:89:e9:dd:2f:9d:52:f9:
ff:c8:3c:15:eb:64:e1:29:9d:c9:bb:f0:25:88:1a:
35:e6:dc:5b:26:73:e4:bf:0c:b4:3c:b3:5c:f6:c5:
13:82:dc:3e:04:fa:c4:e2:5d:25:f2:a0:ee:fd:30:
c3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9F:2D:2F:81:EE:99:55:65:D7:E0:EC:D0:04:AE:F8:F8:5E:58:E6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14534CC6F3D711EFA9299C62762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.236.0/24
Signature Algorithm: sha256WithRSAEncryption
42:f4:f5:5a:c3:4f:5d:ff:54:ac:c4:92:6c:53:80:5c:a1:02:
a1:bd:79:1d:9d:f0:f7:e4:7c:ca:d8:a8:b2:ff:94:fb:08:f9:
7b:54:cc:4a:1e:52:12:1c:7b:08:fa:c3:37:ad:d7:0c:31:e7:
1f:59:55:79:fe:fa:22:75:b9:11:5c:1a:f5:79:4c:a2:ae:1a:
e3:56:f4:06:ad:2d:73:11:b7:0d:5b:69:16:e3:c6:8f:6e:9b:
54:e4:ee:cf:fc:9d:4d:81:a6:57:7d:a4:8d:85:23:c0:2f:a7:
65:bf:58:6e:3c:38:0f:e1:2f:3a:74:d3:4f:44:32:59:cf:cc:
46:85:ec:2d:42:26:a3:14:39:4d:25:49:e1:38:56:84:63:0c:
07:a9:f0:df:71:d4:1b:08:9b:d3:70:b2:db:8b:bf:72:04:23:
09:3a:16:0a:4a:66:20:30:22:c4:6e:72:f7:57:1e:d3:15:21:
66:be:4e:1c:13:3c:1b:95:d3:ac:80:7b:5f:33:6b:31:56:f2:
10:6e:f8:6b:62:d3:02:1e:fd:56:a1:4b:94:73:8a:d6:00:c3:
56:07:7c:75:6d:3b:4e:b2:71:63:17:e8:f1:7d:32:c8:b6:28:
dd:18:a6:03:9e:31:83:be:f9:d1:2f:c9:04:9f:3c:80:ef:21:
5e:c4:6b:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWAzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDAwMDMyWhcNMjYwMjE5MDAwMDMyWjAYMRYw
FAYDVQQDEw02N2JlNWQ5Zi1kYmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtdKXTAorsmt71quOeoGuNg1wtqqWeiBTzVxKSoExfnOHbuYcEMNLU+mE
3vkOVPkRe4wk4dviAWGSvB3c/QvcozLkQbONSseaOPrR6FcOodTU3ojJCTyy4NNz
xCFY9WqUolv2KtkenRjLywjurIfqR5olEXgykJR9DCJNcNG5UwZVw2+BmDu/uEvp
aEDmdew8gx/VwWumHvn6PyYrWdFSDkG8Po5BADSYi2ajDv5CpokN5P85jxjZ/7Q0
tRbfKM1OMJft3ytaUB0o3Ynp3S+dUvn/yDwV62ThKZ3Ju/AliBo15txbJnPkvwy0
PLNc9sUTgtw+BPrE4l0l8qDu/TDDjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBCf
LS+B7plVZdfg7NAErvj4XljmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNDUzNENDNkYzRDcxMUVGQTkyOTlDNjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnsMA0GCSqGSIb3DQEB
CwUAA4IBAQBC9PVaw09d/1SsxJJsU4BcoQKhvXkdnfD35HzK2Kiy/5T7CPl7VMxK
HlISHHsI+sM3rdcMMecfWVV5/voidbkRXBr1eUyirhrjVvQGrS1zEbcNW2kW48aP
bptU5O7P/J1NgaZXfaSNhSPAL6dlv1huPDgP4S86dNNPRDJZz8xGhewtQiajFDlN
JUnhOFaEYwwHqfDfcdQbCJvTcLLbi79yBCMJOhYKSmYgMCLEbnL3Vx7TFSFmvk4c
EzwbldOsgHtfM2sxVvIQbvhrYtMCHv1WoUuUc4rWAMNWB3x1bTtOsnFjF+jxfTLI
tijdGKYDnjGDvvnRL8kEnzyA7yFexGtz
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:43 2025 by rpki-client