Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A7ABBE8CDA711EFB057C85C762E951A.roa
File: 2A7ABBE8CDA711EFB057C85C762E951A.roa (raw, json)
Hash identifier: tmlfKjaR6KdgvGHHuwtlTVCh2wVfGPRcZGoRp1Xd1jQ=
Subject key identifier: EC:4A:DB:32:EF:8A:5C:AA:4C:12:C2:D6:74:D4:36:A6:4E:2C:1F:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136A2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A7ABBE8CDA711EFB057C85C762E951A.roa
Signing time: Wed 08 Jan 2025 09:58:53 +0000
ROA not before: Wed 08 Jan 2025 09:58:49 +0000
ROA not after: Thu 23 Dec 2027 09:58:49 +0000
asID: 17561
IP address blocks: 154.89.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79522 (0x136a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 09:58:49 2025 GMT
Not After : Dec 23 09:58:49 2027 GMT
Subject: CN=677e4c5d-6d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:67:d2:37:1e:62:56:12:21:ad:c9:02:bf:b6:
0d:db:b7:21:90:45:a4:4b:ff:3c:a1:7c:d0:03:4e:
b1:e2:79:d6:61:cc:98:05:89:d5:27:39:46:0a:95:
36:c0:d6:cb:bc:e4:99:c4:dd:8c:58:fa:88:a0:96:
67:1d:89:b8:91:96:9e:32:7f:9b:97:24:db:27:00:
1f:e4:f0:5c:33:60:c0:e6:a1:16:4b:82:a3:04:32:
b1:59:83:ef:58:88:87:8a:6c:c5:9d:43:e5:9e:50:
c6:72:e6:e6:f0:57:a7:ab:02:08:3f:81:31:d9:02:
26:da:85:c9:c8:49:eb:a4:8a:57:c7:1e:b0:bd:57:
04:c1:2e:90:8a:9e:af:37:0a:9c:a2:2c:20:12:9e:
90:e5:de:45:d3:d6:c1:26:ef:a7:16:c0:ef:d5:15:
91:39:24:d8:2c:fa:2f:48:51:5c:bb:29:38:fe:fc:
d7:5a:9e:c9:d7:5a:c2:d5:0a:b9:dc:4e:87:72:f9:
dc:7c:42:0d:a5:d0:fa:26:24:fd:13:ba:89:12:50:
a1:97:cf:47:69:73:eb:4d:06:65:02:14:45:5b:e8:
c0:28:f3:8d:6c:c0:b9:a7:89:2f:ae:b0:d3:b2:a3:
63:bf:cc:6d:c3:9e:78:f5:19:55:c1:2b:30:fc:63:
0e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4A:DB:32:EF:8A:5C:AA:4C:12:C2:D6:74:D4:36:A6:4E:2C:1F:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A7ABBE8CDA711EFB057C85C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.21.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:9d:0b:d4:d3:55:cd:61:da:71:c9:d1:24:13:64:52:85:95:
fc:1a:56:c6:33:6b:d4:92:e2:be:92:38:bd:94:a8:0d:07:fe:
a3:90:07:c3:1d:5e:b6:71:b3:be:d5:d3:64:90:27:9a:7d:f7:
09:39:2c:47:f2:eb:7c:c0:b5:29:85:ad:29:94:2a:9e:57:12:
0b:6a:f1:de:fe:61:8d:0c:1f:89:c9:00:93:ae:0d:57:f4:4b:
dc:9a:6e:e9:6f:0a:29:a0:23:b6:b2:20:3e:f2:4d:93:7e:c5:
22:52:de:e7:ca:26:6c:f2:23:78:cf:df:f0:f4:e8:d6:ae:84:
0b:4d:5c:a7:04:d8:d9:41:9b:9d:1a:b7:fb:e0:50:69:57:80:
37:0d:67:e3:4d:be:00:b7:e3:91:b4:4a:66:a4:1e:0b:9b:70:
a4:5e:50:a6:40:b8:14:60:43:95:76:22:f8:62:ba:4a:4d:d2:
7f:ea:73:39:b8:2e:f8:ae:d6:eb:04:6e:c1:a5:a2:e7:17:de:
be:05:78:4a:7b:63:93:d5:15:ba:a7:49:f8:27:65:ed:c0:05:
f8:11:40:54:09:56:7a:29:33:77:e1:5d:2e:c6:69:8e:57:79:
15:d8:25:85:09:22:e8:41:61:8c:99:1b:f0:de:6e:22:4d:8e:
30:72:9a:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATaiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MDk1ODQ5WhcNMjcxMjIzMDk1ODQ5WjAYMRYw
FAYDVQQDEw02NzdlNGM1ZC02ZDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw2fSNx5iVhIhrckCv7YN27chkEWkS/88oXzQA06x4nnWYcyYBYnVJzlG
CpU2wNbLvOSZxN2MWPqIoJZnHYm4kZaeMn+blyTbJwAf5PBcM2DA5qEWS4KjBDKx
WYPvWIiHimzFnUPlnlDGcubm8FenqwIIP4Ex2QIm2oXJyEnrpIpXxx6wvVcEwS6Q
ip6vNwqcoiwgEp6Q5d5F09bBJu+nFsDv1RWROSTYLPovSFFcuyk4/vzXWp7J11rC
1Qq53E6HcvncfEINpdD6JiT9E7qJElChl89HaXPrTQZlAhRFW+jAKPONbMC5p4kv
rrDTsqNjv8xtw5549RlVwSsw/GMOgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOxK
2zLvilyqTBLC1nTUNqZOLB+wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTdBQkJFOENEQTcxMUVGQjA1N0M4NUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkVMA0GCSqGSIb3DQEB
CwUAA4IBAQDUnQvU01XNYdpxydEkE2RShZX8GlbGM2vUkuK+kji9lKgNB/6jkAfD
HV62cbO+1dNkkCeaffcJOSxH8ut8wLUpha0plCqeVxILavHe/mGNDB+JyQCTrg1X
9Evcmm7pbwopoCO2siA+8k2TfsUiUt7nyiZs8iN4z9/w9OjWroQLTVynBNjZQZud
Grf74FBpV4A3DWfjTb4At+ORtEpmpB4Lm3CkXlCmQLgUYEOVdiL4YrpKTdJ/6nM5
uC74rtbrBG7BpaLnF96+BXhKe2OT1RW6p0n4J2XtwAX4EUBUCVZ6KTN34V0uxmmO
V3kV2CWFCSLoQWGMmRvw3m4iTY4wcpoa
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:32 2025 by rpki-client