Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27CC6B8EC0F111EF88E20385762E951A.roa
File: 27CC6B8EC0F111EF88E20385762E951A.roa (raw, json)
Hash identifier: AWSi5vhcyQDAvTq2YUvNcVWdBeGd5dIhja94rr83WIg=
Subject key identifier: 0E:BE:A5:B5:0E:A0:4E:43:9B:ED:5E:D5:5C:41:7C:31:D8:AD:CB:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F5E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27CC6B8EC0F111EF88E20385762E951A.roa
Signing time: Mon 23 Dec 2024 05:45:46 +0000
ROA not before: Mon 23 Dec 2024 05:45:42 +0000
ROA not after: Wed 10 Dec 2025 05:45:42 +0000
asID: 984
IP address blocks: 154.90.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73566 (0x11f5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 05:45:42 2024 GMT
Not After : Dec 10 05:45:42 2025 GMT
Subject: CN=6768f90a-c14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8a:54:63:39:fb:d0:8c:46:b9:97:dc:89:72:
f7:82:e6:0d:2b:1d:f8:4c:23:0b:04:b4:f0:81:1c:
12:e5:10:de:f2:90:b2:38:4c:a9:88:be:51:45:d1:
fc:06:7a:11:16:a5:7d:10:f2:e4:88:eb:9a:7a:f4:
e8:e0:29:22:0a:d5:72:76:b2:fb:32:89:02:9c:d6:
6d:5b:bf:81:23:cd:e7:55:58:4d:7d:82:65:8e:81:
3a:64:bc:b2:de:f4:1e:83:62:f1:8a:4b:37:c9:d6:
ed:a2:54:4b:b6:79:b9:c8:26:1e:e4:bf:74:ee:4d:
ce:45:d7:bd:25:89:ab:fa:ee:2d:5c:3d:97:9f:9f:
a9:c1:79:d5:0b:0b:ea:b1:3f:8d:bc:2d:03:a9:64:
de:c3:15:5c:4e:de:f8:bf:79:ca:ad:4e:51:75:2b:
b2:f8:4c:50:05:bf:0b:e3:d5:6b:2c:85:ff:c7:a1:
80:ba:9d:98:fa:3a:3c:d0:28:fd:b4:3e:02:ba:f6:
37:88:21:25:81:c2:da:f6:36:54:26:cc:f8:cc:e2:
e3:ed:39:21:6a:c3:45:e7:af:3c:05:3b:09:8d:78:
a4:2d:a2:a7:c7:52:18:b0:d6:2c:b8:72:d3:d4:d8:
62:de:ea:ab:5d:7b:de:1d:6d:bd:2a:c5:56:fb:cd:
db:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BE:A5:B5:0E:A0:4E:43:9B:ED:5E:D5:5C:41:7C:31:D8:AD:CB:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27CC6B8EC0F111EF88E20385762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.101.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ba:15:45:e0:15:5c:12:05:2a:61:c1:4c:33:9e:90:3c:bc:
92:49:52:4e:67:4a:2d:eb:70:0b:63:9d:73:35:00:b1:5c:43:
55:7a:06:04:6b:82:a1:4b:d9:39:5d:ae:ba:f7:68:bd:84:4e:
1e:04:bf:59:d2:81:57:18:fc:84:af:b7:d6:b3:48:3b:b0:f0:
b3:93:c0:ed:45:8c:ae:52:d5:3c:44:c5:44:05:e0:fc:2a:7d:
9c:2c:36:3f:34:f8:a8:22:db:c8:43:6a:6a:7c:28:c2:a9:83:
0b:74:6d:2a:df:be:c1:1f:c5:34:dd:36:2e:e2:4b:4c:02:10:
43:8d:3c:12:04:53:08:d6:64:4b:19:59:ae:cf:26:46:95:cc:
4c:38:8b:ce:3d:29:67:a2:48:ba:e9:09:a3:f8:08:bf:32:5a:
f3:6b:82:4c:cc:9a:45:a5:4e:e4:aa:d6:ee:a7:fc:d0:a1:e5:
b2:42:63:ab:7d:04:f3:c5:2a:3b:9c:76:61:a9:fe:fc:67:59:
a1:83:c8:d0:06:68:a9:45:32:55:b5:6a:48:b7:13:14:77:e3:
a8:a3:6a:80:db:f1:47:b9:4d:a2:fe:49:2c:8c:8a:72:b1:61:
dd:a8:83:f0:7c:f8:eb:74:65:60:cd:e2:6e:7a:b3:e1:e7:7a:
7b:4d:ff:4f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR9eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDU0NTQyWhcNMjUxMjEwMDU0NTQyWjAYMRYw
FAYDVQQDEw02NzY4ZjkwYS1jMTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3YpUYzn70IxGuZfciXL3guYNKx34TCMLBLTwgRwS5RDe8pCyOEypiL5R
RdH8BnoRFqV9EPLkiOuaevTo4CkiCtVydrL7MokCnNZtW7+BI83nVVhNfYJljoE6
ZLyy3vQeg2Lxiks3ydbtolRLtnm5yCYe5L907k3ORde9JYmr+u4tXD2Xn5+pwXnV
CwvqsT+NvC0DqWTewxVcTt74v3nKrU5RdSuy+ExQBb8L49VrLIX/x6GAup2Y+jo8
0Cj9tD4CuvY3iCElgcLa9jZUJsz4zOLj7TkhasNF5688BTsJjXikLaKnx1IYsNYs
uHLT1Nhi3uqrXXveHW29KsVW+83bIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA6+
pbUOoE5Dm+1e1VxBfDHYrctPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yN0NDNkI4RUMwRjExMUVGODhFMjAzODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlplMA0GCSqGSIb3DQEB
CwUAA4IBAQA7uhVF4BVcEgUqYcFMM56QPLySSVJOZ0ot63ALY51zNQCxXENVegYE
a4KhS9k5Xa6692i9hE4eBL9Z0oFXGPyEr7fWs0g7sPCzk8DtRYyuUtU8RMVEBeD8
Kn2cLDY/NPioItvIQ2pqfCjCqYMLdG0q377BH8U03TYu4ktMAhBDjTwSBFMI1mRL
GVmuzyZGlcxMOIvOPSlnoki66Qmj+Ai/Mlrza4JMzJpFpU7kqtbup/zQoeWyQmOr
fQTzxSo7nHZhqf78Z1mhg8jQBmipRTJVtWpItxMUd+Ooo2qA2/FHuU2i/kksjIpy
sWHdqIPwfPjrdGVgzeJuerPh53p7Tf9P
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:45:53 2025 by rpki-client