Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174A7AF4C0D711EFA8E03E5B762E951A.roa
File: 174A7AF4C0D711EFA8E03E5B762E951A.roa (raw, json)
Hash identifier: y+RUhHdvU0rOO9fiTNtQc4mFIH1z9zp1rEv+yF30Ftg=
Subject key identifier: F8:DD:9E:39:9A:12:9E:0D:6A:EC:C4:E1:FD:D0:B4:2E:E8:D6:4F:97
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E6A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174A7AF4C0D711EFA8E03E5B762E951A.roa
Signing time: Mon 23 Dec 2024 02:39:11 +0000
ROA not before: Mon 23 Dec 2024 02:39:08 +0000
ROA not after: Wed 10 Dec 2025 02:39:08 +0000
asID: 984
IP address blocks: 154.89.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73322 (0x11e6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 02:39:08 2024 GMT
Not After : Dec 10 02:39:08 2025 GMT
Subject: CN=6768cd4f-ce4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:49:c4:4e:c8:3c:22:ca:c1:c4:7b:5a:f2:76:
f7:f7:d7:64:5c:49:db:34:e2:08:ae:7a:39:82:fb:
7b:c7:4e:f6:8e:f5:bb:cd:eb:7d:f9:fd:8c:43:8a:
21:e2:f4:40:ee:dd:dd:ba:79:20:03:0e:e7:ab:bc:
6d:b8:74:24:bd:10:fb:20:66:0f:ae:a4:05:b7:0c:
b4:f3:28:54:20:a3:9e:d4:49:ea:bc:ea:29:c0:fb:
f0:b8:94:60:50:97:67:a2:ad:b3:4a:98:42:90:ee:
e0:92:62:55:89:f7:01:c3:18:8f:c5:9b:bc:cb:c9:
b6:85:99:59:f8:84:06:66:ad:68:4b:03:e8:de:f8:
86:e7:ca:04:69:7a:34:b1:ea:4e:ed:e7:bf:a1:09:
be:ea:75:ea:30:44:43:71:00:82:07:58:f0:69:73:
7d:5f:72:5b:dc:a9:25:06:ef:d7:c9:b1:04:79:c0:
52:3d:dc:d5:4f:c2:58:35:7e:12:97:9c:ef:55:1d:
79:7d:c1:72:3b:f9:37:bc:b1:47:01:c3:11:50:f5:
81:e6:04:e9:a4:04:6a:87:63:39:bc:ed:04:bd:75:
d8:cd:67:99:8f:71:4f:ca:d4:13:47:1f:15:a1:81:
53:8c:9b:39:11:f9:af:39:97:17:05:3a:a3:5d:72:
fa:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DD:9E:39:9A:12:9E:0D:6A:EC:C4:E1:FD:D0:B4:2E:E8:D6:4F:97
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174A7AF4C0D711EFA8E03E5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.147.0/24
Signature Algorithm: sha256WithRSAEncryption
30:65:37:ae:bc:66:e8:e3:b9:58:84:36:37:01:d9:d2:d5:01:
b1:21:4b:a2:38:3b:ca:40:20:27:01:a6:2f:87:5e:52:96:35:
e7:07:61:76:15:de:0d:56:2c:d5:f0:6a:51:91:20:a1:0b:e8:
de:0c:97:f6:c4:e0:1b:c0:50:ff:7f:83:35:3d:fa:ab:a0:91:
77:48:71:ac:e7:02:24:02:9c:c0:33:29:76:81:4e:0a:f6:3a:
b5:39:bb:42:21:f9:d7:83:b4:f8:ec:da:eb:eb:07:79:72:27:
a5:6e:46:a5:e8:58:07:0a:21:c1:e5:be:63:80:8b:ed:4c:63:
5e:43:03:15:ef:15:23:a4:2d:98:ae:02:a7:b6:23:a4:e2:cb:
20:2d:8d:82:0a:d7:a6:fb:29:d3:db:7e:2b:43:86:41:3f:f1:
0d:93:6f:d2:10:b1:7d:12:18:eb:4a:ab:9b:a0:b6:e5:fd:64:
3f:2b:fb:e7:c9:b7:5c:c2:ff:9c:61:cf:2e:59:be:28:64:9e:
33:57:40:cf:43:4f:8e:15:d3:c7:e3:b3:e6:f9:44:a6:bb:e2:
46:08:54:77:3c:08:fe:81:60:7f:d3:88:04:26:47:00:e5:39:
ba:a3:6f:72:c6:0a:a6:a9:2e:f3:bb:01:da:7f:a5:14:73:e4:
1c:3a:0a:fc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR5qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDIzOTA4WhcNMjUxMjEwMDIzOTA4WjAYMRYw
FAYDVQQDEw02NzY4Y2Q0Zi1jZTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsEnETsg8IsrBxHta8nb399dkXEnbNOIIrno5gvt7x072jvW7zet9+f2M
Q4oh4vRA7t3dunkgAw7nq7xtuHQkvRD7IGYPrqQFtwy08yhUIKOe1EnqvOopwPvw
uJRgUJdnoq2zSphCkO7gkmJVifcBwxiPxZu8y8m2hZlZ+IQGZq1oSwPo3viG58oE
aXo0sepO7ee/oQm+6nXqMERDcQCCB1jwaXN9X3Jb3KklBu/XybEEecBSPdzVT8JY
NX4Sl5zvVR15fcFyO/k3vLFHAcMRUPWB5gTppARqh2M5vO0EvXXYzWeZj3FPytQT
Rx8VoYFTjJs5EfmvOZcXBTqjXXL66wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPjd
njmaEp4NauzE4f3QtC7o1k+XMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNzRBN0FGNEMwRDcxMUVGQThFMDNFNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmTMA0GCSqGSIb3DQEB
CwUAA4IBAQAwZTeuvGbo47lYhDY3AdnS1QGxIUuiODvKQCAnAaYvh15SljXnB2F2
Fd4NVizV8GpRkSChC+jeDJf2xOAbwFD/f4M1PfqroJF3SHGs5wIkApzAMyl2gU4K
9jq1ObtCIfnXg7T47Nrr6wd5cielbkal6FgHCiHB5b5jgIvtTGNeQwMV7xUjpC2Y
rgKntiOk4ssgLY2CCtem+ynT234rQ4ZBP/ENk2/SELF9EhjrSquboLbl/WQ/K/vn
ybdcwv+cYc8uWb4oZJ4zV0DPQ0+OFdPH47Pm+USmu+JGCFR3PAj+gWB/04gEJkcA
5Tm6o29yxgqmqS7zuwHaf6UUc+QcOgr8
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:14:02 2025 by rpki-client