Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/341062E8C0EB11EF9C32B260762E951A.roa
File: 341062E8C0EB11EF9C32B260762E951A.roa (raw, json)
Hash identifier: QuH1N0bKj+kHDCzK+4sl0TsC1Wi1JR+UTy2JF/DVVj0=
Subject key identifier: 78:03:5A:97:14:AB:BB:5E:F9:5C:65:D9:8B:ED:2E:D0:B4:0D:7E:E6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F1E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/341062E8C0EB11EF9C32B260762E951A.roa
Signing time: Mon 23 Dec 2024 05:03:10 +0000
ROA not before: Mon 23 Dec 2024 05:03:06 +0000
ROA not after: Wed 10 Dec 2025 05:03:06 +0000
asID: 984
IP address blocks: 154.89.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73502 (0x11f1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 05:03:06 2024 GMT
Not After : Dec 10 05:03:06 2025 GMT
Subject: CN=6768ef0d-ddf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:87:9e:04:69:42:bf:5a:73:0c:d0:cc:0a:8c:
61:25:82:a8:12:47:b4:43:a9:8c:1b:8a:26:7c:5c:
7e:fe:84:3b:94:fd:58:7b:6b:e9:4a:ee:a5:40:65:
5d:41:3d:c7:b3:cf:f7:a9:fe:91:31:ab:f5:06:6f:
d6:97:cb:2b:31:11:94:5d:0c:f7:47:ca:d4:0f:54:
90:ae:d9:ba:c0:15:e3:73:42:00:d7:fc:12:e0:e3:
c3:d1:66:a0:d1:5a:e9:12:3a:f0:4c:2a:6d:c1:a7:
b7:30:a2:4e:9c:7b:d6:cb:6b:3f:0e:a3:4c:f8:95:
5c:c4:b9:77:f6:71:fa:fe:06:09:8d:54:f2:28:75:
9e:6c:6f:bc:28:47:2c:48:81:4f:01:ec:f3:d1:f0:
7e:b3:82:a0:74:c2:6d:e2:7e:86:b1:43:34:ea:3a:
1c:05:ba:e5:69:b1:c5:fc:1e:b1:d9:35:66:af:8f:
c3:73:13:ed:36:9f:d1:c6:67:f0:ec:2f:c2:7e:06:
1f:63:d0:c6:7f:2d:8c:60:46:bc:39:44:09:0c:60:
8e:9d:ea:91:65:1a:38:98:27:0e:f7:2e:ed:70:cc:
2d:08:dc:fc:c8:f5:ae:58:c8:f1:33:75:c5:93:fe:
19:6a:a8:e6:0c:6e:f3:90:7f:d6:de:0f:f3:6a:b9:
be:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:03:5A:97:14:AB:BB:5E:F9:5C:65:D9:8B:ED:2E:D0:B4:0D:7E:E6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/341062E8C0EB11EF9C32B260762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:43:cc:14:07:ae:9a:69:e3:23:56:91:cc:11:9f:6e:1c:ed:
a3:98:93:cd:3b:60:17:f8:38:05:76:e4:49:68:37:de:aa:c3:
11:75:d7:08:48:6e:9a:60:0e:cb:c0:ab:e0:ac:23:50:f2:b3:
a1:3d:77:37:a0:b9:76:19:b1:19:e3:68:ec:3b:03:c0:01:35:
8c:87:1a:71:82:a2:e4:f0:36:8b:fc:b2:fc:bc:4b:01:0a:f1:
5d:2b:0f:fa:cc:c3:bb:10:6e:ad:a0:9c:84:ed:b7:6b:ea:83:
f2:b6:77:95:5f:f8:32:15:7f:ee:22:3a:ac:4f:64:e9:e2:b9:
5c:85:e8:a1:13:48:21:3a:eb:a0:b8:38:f1:93:d2:95:49:bd:
00:e7:e0:9f:1b:00:13:46:5c:15:81:e5:f5:e2:83:5d:4d:00:
d1:5a:a7:6f:e2:52:5a:a4:5b:76:35:ed:9a:e3:ab:c9:82:45:
46:3f:86:ac:ed:07:27:d5:2e:54:ab:24:3f:30:11:39:92:cd:
5b:d6:57:d9:ba:77:12:47:6f:87:7a:fc:56:50:f8:ac:cc:fd:
70:ee:93:8c:b0:9c:00:4f:9b:dd:45:84:38:49:df:92:da:e7:
2b:ea:53:73:f3:80:aa:d8:64:ae:42:a7:71:55:19:89:b5:10:
fc:04:fa:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR8eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDUwMzA2WhcNMjUxMjEwMDUwMzA2WjAYMRYw
FAYDVQQDEw02NzY4ZWYwZC1kZGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyYeeBGlCv1pzDNDMCoxhJYKoEke0Q6mMG4omfFx+/oQ7lP1Ye2vpSu6l
QGVdQT3Hs8/3qf6RMav1Bm/Wl8srMRGUXQz3R8rUD1SQrtm6wBXjc0IA1/wS4OPD
0Wag0VrpEjrwTCptwae3MKJOnHvWy2s/DqNM+JVcxLl39nH6/gYJjVTyKHWebG+8
KEcsSIFPAezz0fB+s4KgdMJt4n6GsUM06jocBbrlabHF/B6x2TVmr4/DcxPtNp/R
xmfw7C/CfgYfY9DGfy2MYEa8OUQJDGCOneqRZRo4mCcO9y7tcMwtCNz8yPWuWMjx
M3XFk/4ZaqjmDG7zkH/W3g/zarm+UwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHgD
WpcUq7te+Vxl2YvtLtC0DX7mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNDEwNjJFOEMwRUIxMUVGOUMzMkIyNjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmln+MA0GCSqGSIb3DQEB
CwUAA4IBAQCoQ8wUB66aaeMjVpHMEZ9uHO2jmJPNO2AX+DgFduRJaDfeqsMRddcI
SG6aYA7LwKvgrCNQ8rOhPXc3oLl2GbEZ42jsOwPAATWMhxpxgqLk8DaL/LL8vEsB
CvFdKw/6zMO7EG6toJyE7bdr6oPytneVX/gyFX/uIjqsT2Tp4rlcheihE0ghOuug
uDjxk9KVSb0A5+CfGwATRlwVgeX14oNdTQDRWqdv4lJapFt2Ne2a46vJgkVGP4as
7Qcn1S5UqyQ/MBE5ks1b1lfZuncSR2+HevxWUPiszP1w7pOMsJwAT5vdRYQ4Sd+S
2ucr6lNz84Cq2GSuQqdxVRmJtRD8BPrn
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:05:37 2025 by rpki-client