Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29F11FD6C0F611EF8C4818A3762E951A.roa
File: 29F11FD6C0F611EF8C4818A3762E951A.roa (raw, json)
Hash identifier: FVCzuhh6Xn5YOBsweQKJMFvFybkzMJhP3AByee/HgvQ=
Subject key identifier: 01:91:7F:BB:45:8F:B7:95:33:B9:21:03:C3:3F:36:4E:B9:36:F0:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F90
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29F11FD6C0F611EF8C4818A3762E951A.roa
Signing time: Mon 23 Dec 2024 06:21:37 +0000
ROA not before: Mon 23 Dec 2024 06:21:33 +0000
ROA not after: Wed 10 Dec 2025 06:21:33 +0000
asID: 984
IP address blocks: 154.90.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73616 (0x11f90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 06:21:33 2024 GMT
Not After : Dec 10 06:21:33 2025 GMT
Subject: CN=67690171-21d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f2:d3:c3:49:98:4b:27:a5:1f:9b:20:aa:d2:
be:7a:3a:e1:1d:26:20:25:05:0a:75:8b:65:b7:ed:
a4:f9:04:09:61:de:0f:b9:3f:9f:37:d8:65:e7:b2:
bf:e8:b4:e5:3d:3e:61:73:9b:a3:b3:8f:a9:08:15:
78:bf:bf:10:9f:f3:0e:39:36:9a:e2:cf:cb:75:e9:
db:4d:68:91:2b:10:16:55:d0:61:d3:97:b0:98:cc:
b7:3b:38:2c:65:4a:73:23:aa:c2:98:14:74:eb:65:
73:a6:ca:62:97:c8:2c:2e:e9:e2:a3:b1:62:7e:05:
bf:bc:89:b2:05:a1:41:ee:d3:d5:04:cd:25:9d:a8:
1b:5f:9b:c5:15:5b:fd:d1:0b:19:90:a6:b3:5d:03:
f8:41:63:97:4b:7d:bd:8d:29:a7:94:6f:f1:87:8c:
72:e5:fa:71:51:f3:49:93:cc:0e:fb:ad:32:fa:9d:
99:14:1d:3b:70:e4:cb:26:c8:cc:50:9a:c9:12:98:
81:b4:48:35:f9:cb:3d:3a:84:bd:12:fe:07:a5:0b:
fc:aa:77:71:6b:a4:48:b3:89:ab:b0:94:88:f0:47:
f2:a6:2d:53:2d:81:ac:91:ec:58:03:c6:c0:a9:30:
b6:35:34:50:30:5b:1c:f7:6e:5a:c6:22:15:53:ae:
98:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:91:7F:BB:45:8F:B7:95:33:B9:21:03:C3:3F:36:4E:B9:36:F0:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29F11FD6C0F611EF8C4818A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.126.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:38:f2:04:aa:cc:13:83:5d:45:cb:9a:78:0b:fb:f3:83:e0:
21:cc:9d:0a:c5:23:6b:2b:87:b8:39:d1:41:c4:ab:44:82:b2:
e4:cd:1a:8c:8d:20:ec:b5:78:a2:15:71:57:f1:b6:d8:61:6c:
17:f4:2c:bf:e4:f9:59:44:1a:2c:eb:a7:1e:a5:12:4c:fc:e1:
08:25:7f:df:73:30:9f:ef:c3:d6:0e:75:ae:6d:88:c2:18:1f:
2a:dd:a6:93:ad:a2:aa:b4:bc:84:a8:68:ac:92:8d:64:b2:7b:
38:df:4c:02:da:ff:11:4c:3f:dc:6d:f0:81:ad:41:1a:4d:36:
40:03:18:6b:f7:0d:37:96:f9:fa:c2:66:e6:e7:72:12:04:03:
17:1a:e9:d2:ff:4e:c4:ae:82:00:49:1c:f8:eb:0b:9f:aa:aa:
bc:6d:a2:31:a5:2a:80:8b:67:64:d5:a6:6b:b0:e8:e8:80:4a:
72:78:a0:ca:17:f3:68:1c:10:e1:16:8c:e7:c0:b3:2b:42:80:
4b:fe:b7:e6:92:cc:32:95:3d:66:4b:cd:fb:56:e4:39:f9:f8:
07:97:6b:a4:46:3b:78:03:0b:97:28:12:99:c0:fa:3c:98:aa:
cc:3c:9d:d1:a7:1b:f0:0d:6e:37:f0:63:31:97:5e:5e:a8:83:
5f:e1:83:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR+QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDYyMTMzWhcNMjUxMjEwMDYyMTMzWjAYMRYw
FAYDVQQDEw02NzY5MDE3MS0yMWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3/LTw0mYSyelH5sgqtK+ejrhHSYgJQUKdYtlt+2k+QQJYd4PuT+fN9hl
57K/6LTlPT5hc5ujs4+pCBV4v78Qn/MOOTaa4s/LdenbTWiRKxAWVdBh05ewmMy3
OzgsZUpzI6rCmBR062Vzpspil8gsLunio7FifgW/vImyBaFB7tPVBM0lnagbX5vF
FVv90QsZkKazXQP4QWOXS329jSmnlG/xh4xy5fpxUfNJk8wO+60y+p2ZFB07cOTL
JsjMUJrJEpiBtEg1+cs9OoS9Ev4HpQv8qndxa6RIs4mrsJSI8Efypi1TLYGskexY
A8bAqTC2NTRQMFsc925axiIVU66YUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAGR
f7tFj7eVM7khA8M/Nk65NvC/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUYxMUZENkMwRjYxMUVGOEM0ODE4QTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlp+MA0GCSqGSIb3DQEB
CwUAA4IBAQBqOPIEqswTg11Fy5p4C/vzg+AhzJ0KxSNrK4e4OdFBxKtEgrLkzRqM
jSDstXiiFXFX8bbYYWwX9Cy/5PlZRBos66cepRJM/OEIJX/fczCf78PWDnWubYjC
GB8q3aaTraKqtLyEqGisko1ksns430wC2v8RTD/cbfCBrUEaTTZAAxhr9w03lvn6
wmbm53ISBAMXGunS/07EroIASRz46wufqqq8baIxpSqAi2dk1aZrsOjogEpyeKDK
F/NoHBDhFoznwLMrQoBL/rfmkswylT1mS837VuQ5+fgHl2ukRjt4AwuXKBKZwPo8
mKrMPJ3RpxvwDW438GMxl15eqINf4YP1
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:45 2025 by rpki-client