Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A89389EC0DB11EFB6FB4E79762E951A.roa
File: 3A89389EC0DB11EFB6FB4E79762E951A.roa (raw, json)
Hash identifier: 9uVdiSyVRZ4ab0oVDnTsuaDFtesIRX5XH5D49p8soj0=
Subject key identifier: A1:16:D3:15:DD:3A:FB:AD:7A:E1:BF:B6:C8:2E:BA:2A:36:4D:82:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011EA0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A89389EC0DB11EFB6FB4E79762E951A.roa
Signing time: Mon 23 Dec 2024 03:08:48 +0000
ROA not before: Mon 23 Dec 2024 03:08:45 +0000
ROA not after: Wed 10 Dec 2025 03:08:45 +0000
asID: 984
IP address blocks: 154.89.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73376 (0x11ea0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 03:08:45 2024 GMT
Not After : Dec 10 03:08:45 2025 GMT
Subject: CN=6768d440-c4fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b2:20:a7:97:1c:c6:8e:84:03:3c:d8:f5:81:
59:52:4c:9f:56:0a:14:ea:98:81:79:f2:ef:cd:67:
6f:02:4b:d4:0a:0c:2b:84:56:57:f5:a8:da:6f:9a:
e8:49:17:7d:77:56:b2:16:11:da:b8:a6:a5:a6:bd:
22:62:e8:d1:b8:a1:53:57:17:11:22:f6:5c:08:01:
be:85:92:6b:8f:f8:7c:66:53:df:be:6f:28:c2:07:
5e:90:98:4b:1a:7d:04:83:02:6c:02:b1:bc:06:00:
92:55:db:7d:a1:dc:de:33:28:46:49:bd:f4:81:3a:
f3:10:d7:4b:52:8a:8a:7c:9d:04:52:a6:4f:dc:60:
d5:25:fd:85:21:31:1d:2a:a8:67:07:79:3c:94:6c:
c3:6d:f7:91:b6:bc:6e:96:58:52:5a:b2:39:de:18:
6e:6c:ed:04:64:ad:4a:b0:df:e8:69:b4:ee:e4:15:
30:7a:4a:8f:26:ee:f2:42:1c:ff:f1:61:85:2a:1f:
1b:ce:89:87:09:fd:fa:27:12:de:d9:8d:1f:67:c0:
eb:6a:d7:1d:9d:05:02:52:d1:6a:06:58:16:03:fb:
00:15:70:e4:78:97:2b:ad:4e:d1:24:b3:be:cc:ca:
1e:43:a3:d6:44:7b:bc:50:b7:a3:56:5f:cd:30:4b:
e3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:16:D3:15:DD:3A:FB:AD:7A:E1:BF:B6:C8:2E:BA:2A:36:4D:82:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A89389EC0DB11EFB6FB4E79762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.174.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d6:10:78:31:1d:15:fb:77:ed:d0:4f:3b:ee:e7:35:cd:81:
e7:d0:2c:25:e7:db:57:36:1d:57:62:d5:e6:bf:26:ec:01:d1:
41:9b:c2:dd:c7:0b:3b:b6:c8:91:67:5c:25:64:9d:d5:f3:c1:
86:a2:54:49:10:22:71:1d:8f:52:c4:17:5f:13:ed:b9:6d:d0:
01:16:e0:98:68:01:19:f2:94:af:b6:28:01:71:22:ac:c7:4c:
d0:62:fd:25:b7:21:71:02:f0:18:47:20:40:a1:ea:28:e6:48:
d3:fb:de:e7:dd:7d:b9:69:ae:15:f2:34:88:b6:61:c5:9b:e2:
08:39:e9:c4:7f:53:26:c1:d7:81:f5:b3:0b:ce:cd:c8:b4:9f:
47:52:30:91:e7:8f:9c:31:0b:59:51:79:5a:b1:4e:e4:e5:bb:
51:35:08:b5:8d:95:44:e2:f0:33:ea:22:33:20:35:4a:fb:c6:
05:d2:2f:df:de:e1:fd:6e:3e:d6:af:1e:68:a5:60:6e:67:23:
b7:67:f2:fc:a5:a1:cb:b1:c6:d7:f6:cb:d7:ba:a0:61:e6:2b:
9f:7d:25:b2:74:96:f0:c3:17:c6:13:05:49:ea:a5:c1:cb:e5:
32:fd:3c:f5:63:69:7f:fc:b4:ff:65:66:28:ab:2d:36:ad:ef:
5d:20:94:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR6gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDMwODQ1WhcNMjUxMjEwMDMwODQ1WjAYMRYw
FAYDVQQDEw02NzY4ZDQ0MC1jNGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAybIgp5ccxo6EAzzY9YFZUkyfVgoU6piBefLvzWdvAkvUCgwrhFZX9aja
b5roSRd9d1ayFhHauKalpr0iYujRuKFTVxcRIvZcCAG+hZJrj/h8ZlPfvm8owgde
kJhLGn0EgwJsArG8BgCSVdt9odzeMyhGSb30gTrzENdLUoqKfJ0EUqZP3GDVJf2F
ITEdKqhnB3k8lGzDbfeRtrxullhSWrI53hhubO0EZK1KsN/oabTu5BUwekqPJu7y
Qhz/8WGFKh8bzomHCf36JxLe2Y0fZ8DratcdnQUCUtFqBlgWA/sAFXDkeJcrrU7R
JLO+zMoeQ6PWRHu8ULejVl/NMEvjPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKEW
0xXdOvuteuG/tsguuio2TYJjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTg5Mzg5RUMwREIxMUVGQjZGQjRFNzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmuMA0GCSqGSIb3DQEB
CwUAA4IBAQBf1hB4MR0V+3ft0E877uc1zYHn0Cwl59tXNh1XYtXmvybsAdFBm8Ld
xws7tsiRZ1wlZJ3V88GGolRJECJxHY9SxBdfE+25bdABFuCYaAEZ8pSvtigBcSKs
x0zQYv0ltyFxAvAYRyBAoeoo5kjT+97n3X25aa4V8jSItmHFm+IIOenEf1MmwdeB
9bMLzs3ItJ9HUjCR54+cMQtZUXlasU7k5btRNQi1jZVE4vAz6iIzIDVK+8YF0i/f
3uH9bj7Wrx5opWBuZyO3Z/L8paHLscbX9svXuqBh5iuffSWydJbwwxfGEwVJ6qXB
y+Uy/Tz1Y2l//LT/ZWYoqy02re9dIJTT
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:32:25 2025 by rpki-client