Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2825A730C19B11EFAFFFBFA9762E951A.roa
File: 2825A730C19B11EFAFFFBFA9762E951A.roa (raw, json)
Hash identifier: Itgq+rk5A6alkf58yDMhKBnvCJ3jxFcWjXPLqeER8v4=
Subject key identifier: BC:67:62:0A:38:F0:A3:E7:DA:AA:EF:7A:E3:DE:CA:44:D7:E9:BD:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01206B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2825A730C19B11EFAFFFBFA9762E951A.roa
Signing time: Tue 24 Dec 2024 02:02:41 +0000
ROA not before: Tue 24 Dec 2024 02:02:37 +0000
ROA not after: Wed 10 Dec 2025 02:02:37 +0000
asID: 984
IP address blocks: 154.90.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73835 (0x1206b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 02:02:37 2024 GMT
Not After : Dec 10 02:02:37 2025 GMT
Subject: CN=676a1641-9e94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9b:43:83:4a:a3:e0:4c:96:6b:3b:d1:44:2b:
c6:de:e6:b7:4c:84:ca:0f:76:3d:73:21:cc:b8:a8:
7e:a6:bd:b9:fb:c2:77:71:e6:db:0d:25:66:21:8c:
3d:d6:6c:da:14:d5:f0:a4:6c:3a:54:7d:14:53:48:
e3:ac:90:d2:2b:00:1a:44:5a:2a:74:8d:03:49:a2:
fa:75:26:8e:36:c0:d7:d6:b9:f7:d2:f4:e5:9e:05:
4d:ee:70:2e:b0:bd:5a:1f:8b:4e:87:a0:3f:e4:9c:
ba:18:21:a7:05:97:e2:6a:d4:6a:de:82:da:74:00:
6b:77:98:30:4f:97:1a:95:9f:af:aa:a0:4b:4d:fc:
f0:f5:b7:92:bd:2b:9f:8c:97:53:c5:29:b2:7a:21:
e5:20:01:d4:12:22:9d:82:eb:80:40:24:cd:a4:03:
56:59:aa:a8:74:39:cc:4d:54:7a:d3:7d:c8:3d:0b:
a1:4a:b9:f3:40:7e:7b:28:17:6f:81:d2:80:31:64:
38:a3:f2:7a:1d:ba:35:b1:88:ea:ef:3b:d1:13:87:
d7:dd:58:18:57:36:f2:0d:b7:b0:08:c2:aa:f3:5c:
64:5e:a9:ea:84:83:d4:c5:8e:f1:10:5d:7b:6a:c5:
9f:30:0a:ae:81:08:87:b8:4c:bc:d4:0d:c1:8e:15:
1d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:67:62:0A:38:F0:A3:E7:DA:AA:EF:7A:E3:DE:CA:44:D7:E9:BD:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2825A730C19B11EFAFFFBFA9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.209.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:b0:0b:f2:b3:f0:03:73:79:85:18:9d:18:6d:df:c4:68:63:
ef:a0:db:ea:1f:da:5a:9b:c9:a4:d3:47:95:d7:ac:ed:c8:75:
90:4b:dc:e6:b5:9d:ac:cd:0d:6e:17:93:c9:cd:d7:51:41:94:
66:ec:7a:f5:1d:d9:3c:39:07:5b:8d:70:4b:b2:fb:09:86:5b:
7d:d6:1e:8f:cd:47:25:aa:5b:45:36:ae:82:fd:16:30:6c:e5:
0c:cc:d5:65:57:35:a7:d9:de:fe:17:3a:28:74:e2:f6:e0:e2:
dd:82:91:18:e1:5c:34:95:13:1e:52:a2:95:62:36:0c:ef:6e:
d3:ff:35:f1:8c:e0:8d:01:2c:e0:76:ee:d4:12:ea:03:08:ac:
82:fe:34:c4:32:cf:7f:49:d6:c2:ae:3e:d4:01:1c:c5:77:c0:
50:bd:54:10:d6:44:6f:4e:92:d1:01:40:18:3f:18:61:09:d0:
b6:b9:a3:93:7f:8f:5a:37:46:22:cc:71:00:9f:39:b4:b8:bc:
e1:d5:d3:dd:f6:3f:dc:90:9f:9b:82:37:c3:62:a4:e5:a7:31:
0f:61:25:36:73:1a:e5:9a:12:b4:f9:41:b3:11:2f:56:ff:a9:
e1:ff:2b:09:b6:5e:0f:1f:ac:22:ef:83:79:4b:29:d2:44:e7:
38:06:f0:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASBrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDIwMjM3WhcNMjUxMjEwMDIwMjM3WjAYMRYw
FAYDVQQDEw02NzZhMTY0MS05ZTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2ptDg0qj4EyWazvRRCvG3ua3TITKD3Y9cyHMuKh+pr25+8J3cebbDSVm
IYw91mzaFNXwpGw6VH0UU0jjrJDSKwAaRFoqdI0DSaL6dSaONsDX1rn30vTlngVN
7nAusL1aH4tOh6A/5Jy6GCGnBZfiatRq3oLadABrd5gwT5calZ+vqqBLTfzw9beS
vSufjJdTxSmyeiHlIAHUEiKdguuAQCTNpANWWaqodDnMTVR6033IPQuhSrnzQH57
KBdvgdKAMWQ4o/J6Hbo1sYjq7zvRE4fX3VgYVzbyDbewCMKq81xkXqnqhIPUxY7x
EF17asWfMAqugQiHuEy81A3BjhUd5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLxn
Ygo48KPn2qrveuPeykTX6b27MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yODI1QTczMEMxOUIxMUVGQUZGRkJGQTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlrRMA0GCSqGSIb3DQEB
CwUAA4IBAQCasAvys/ADc3mFGJ0Ybd/EaGPvoNvqH9pam8mk00eV16ztyHWQS9zm
tZ2szQ1uF5PJzddRQZRm7Hr1Hdk8OQdbjXBLsvsJhlt91h6PzUclqltFNq6C/RYw
bOUMzNVlVzWn2d7+FzoodOL24OLdgpEY4Vw0lRMeUqKVYjYM727T/zXxjOCNASzg
du7UEuoDCKyC/jTEMs9/SdbCrj7UARzFd8BQvVQQ1kRvTpLRAUAYPxhhCdC2uaOT
f49aN0YizHEAnzm0uLzh1dPd9j/ckJ+bgjfDYqTlpzEPYSU2cxrlmhK0+UGzES9W
/6nh/ysJtl4PH6wi74N5SynSROc4BvDD
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:03 2025 by rpki-client