Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F42FC0CC0E211EF85A7B5A6762E951A.roa
File: 2F42FC0CC0E211EF85A7B5A6762E951A.roa (raw, json)
Hash identifier: uvTluzNxbr2o9p278cFBwph4cbrZFyVTU3oYMH81TqY=
Subject key identifier: F2:14:3F:53:E1:EF:14:FC:F3:8D:FF:34:A7:B6:B7:B1:6F:5A:08:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011EFA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F42FC0CC0E211EF85A7B5A6762E951A.roa
Signing time: Mon 23 Dec 2024 03:58:36 +0000
ROA not before: Mon 23 Dec 2024 03:58:32 +0000
ROA not after: Wed 10 Dec 2025 03:58:32 +0000
asID: 984
IP address blocks: 154.89.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73466 (0x11efa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 03:58:32 2024 GMT
Not After : Dec 10 03:58:32 2025 GMT
Subject: CN=6768dfec-9fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:29:5e:29:94:94:22:e5:70:3d:f0:16:e9:b3:
22:88:40:cf:b5:0a:ac:1e:33:d4:3a:1a:6d:b6:a6:
1e:92:f7:07:37:48:25:ca:1f:2d:3f:69:09:11:f9:
a0:2d:85:11:01:1d:d7:92:28:91:1b:5c:1e:79:31:
c3:f2:bd:1a:91:57:1f:ac:d5:1a:74:bc:68:07:30:
15:18:6d:aa:ca:72:7b:11:36:f4:87:6b:14:fd:88:
ce:9c:eb:86:84:b4:33:1e:09:e6:fe:08:e4:4f:4e:
b0:e8:50:12:0e:85:96:8b:c4:78:6c:fb:47:d3:ef:
b9:cb:f9:33:8e:08:65:0d:3a:92:e1:40:94:8d:27:
23:64:5a:a9:07:7f:5f:8a:74:b5:22:52:31:77:f4:
3a:f3:a7:1a:69:74:42:ee:92:75:74:8a:0f:8f:a1:
0a:f5:57:be:eb:5f:c9:08:bd:13:4a:07:c2:0d:1a:
64:0a:35:3d:f2:5d:a3:20:a2:ee:c1:ea:20:e5:3d:
29:80:88:24:33:d5:ed:07:f7:a6:dc:6d:3f:11:65:
eb:77:26:77:b3:da:ff:25:22:d9:6c:a5:ac:56:6a:
47:9e:0d:a0:d1:3f:ba:c7:19:98:25:68:47:d5:6c:
c3:41:49:f6:18:94:1c:37:e7:52:2d:e0:03:4d:58:
d6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:14:3F:53:E1:EF:14:FC:F3:8D:FF:34:A7:B6:B7:B1:6F:5A:08:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F42FC0CC0E211EF85A7B5A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.219.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:c5:b5:8b:43:56:2e:ca:92:a2:a5:10:ef:01:0c:cb:51:6e:
f8:2f:ec:9d:a8:0b:c9:47:49:68:46:ba:8a:4c:1f:50:4b:1a:
02:17:5b:be:15:ae:22:6c:90:d0:22:f5:e6:23:ad:54:87:ef:
88:15:44:86:0a:0c:fc:4f:f0:23:07:3f:65:66:0e:bd:d9:2d:
f3:5c:1b:a7:a4:f8:34:a8:74:52:41:cb:ba:15:e9:e8:5f:3d:
cd:e3:68:05:02:08:7d:71:4a:87:56:83:c9:e4:77:d5:08:fa:
32:a4:ba:6c:88:1a:58:58:07:95:03:2c:66:56:30:c5:8d:05:
f2:7a:63:7d:42:d4:6f:d4:69:dc:6c:60:3c:0a:2f:1f:f8:c3:
90:66:af:ed:d0:2f:e5:7f:c6:ef:ae:8e:d7:26:bc:7a:53:69:
98:4b:1e:4c:83:8d:1c:2c:1c:74:98:a9:b0:c9:a4:a5:e9:8e:
f5:9a:60:a7:ed:8f:81:6c:f8:ae:3e:b6:6d:b6:9c:cb:36:6a:
f4:c8:7e:f8:60:38:70:ac:ff:0e:b5:2f:5b:5a:63:f2:7d:e8:
b3:01:00:1f:af:08:d0:2b:9d:15:29:4f:03:f1:24:e0:f6:27:
d7:ad:0d:27:a4:b0:80:0a:29:5a:63:26:82:6c:08:d1:31:cc:
d8:ee:6a:22
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR76MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDM1ODMyWhcNMjUxMjEwMDM1ODMyWjAYMRYw
FAYDVQQDEw02NzY4ZGZlYy05ZmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmyleKZSUIuVwPfAW6bMiiEDPtQqsHjPUOhpttqYekvcHN0glyh8tP2kJ
EfmgLYURAR3XkiiRG1weeTHD8r0akVcfrNUadLxoBzAVGG2qynJ7ETb0h2sU/YjO
nOuGhLQzHgnm/gjkT06w6FASDoWWi8R4bPtH0++5y/kzjghlDTqS4UCUjScjZFqp
B39finS1IlIxd/Q686caaXRC7pJ1dIoPj6EK9Ve+61/JCL0TSgfCDRpkCjU98l2j
IKLuweog5T0pgIgkM9XtB/em3G0/EWXrdyZ3s9r/JSLZbKWsVmpHng2g0T+6xxmY
JWhH1WzDQUn2GJQcN+dSLeADTVjWIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPIU
P1Ph7xT8843/NKe2t7FvWgiCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRjQyRkMwQ0MwRTIxMUVGODVBN0I1QTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnbMA0GCSqGSIb3DQEB
CwUAA4IBAQCmxbWLQ1YuypKipRDvAQzLUW74L+ydqAvJR0loRrqKTB9QSxoCF1u+
Fa4ibJDQIvXmI61Uh++IFUSGCgz8T/AjBz9lZg692S3zXBunpPg0qHRSQcu6Feno
Xz3N42gFAgh9cUqHVoPJ5HfVCPoypLpsiBpYWAeVAyxmVjDFjQXyemN9QtRv1Gnc
bGA8Ci8f+MOQZq/t0C/lf8bvro7XJrx6U2mYSx5Mg40cLBx0mKmwyaSl6Y71mmCn
7Y+BbPiuPrZttpzLNmr0yH74YDhwrP8OtS9bWmPyfeizAQAfrwjQK50VKU8D8STg
9ifXrQ0npLCACilaYyaCbAjRMczY7moi
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:23:27 2025 by rpki-client