Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F1DBB52C19211EF8F171469762E951A.roa
File: 3F1DBB52C19211EF8F171469762E951A.roa (raw, json)
Hash identifier: RReh2/QpPS1GPfJD3dQmqoM9BLXnWHdj5Kqk+75TRoo=
Subject key identifier: 69:55:70:C1:CE:24:76:F5:C3:9F:D7:DF:AD:13:34:B5:87:2E:01:35
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011FFD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F1DBB52C19211EF8F171469762E951A.roa
Signing time: Tue 24 Dec 2024 00:58:54 +0000
ROA not before: Tue 24 Dec 2024 00:00:50 +0000
ROA not after: Wed 10 Dec 2025 00:00:50 +0000
asID: 984
IP address blocks: 154.90.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73725 (0x11ffd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 00:00:50 2024 GMT
Not After : Dec 10 00:00:50 2025 GMT
Subject: CN=676a074e-af6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:44:52:28:ee:b8:39:de:0e:84:f8:fd:8b:0d:
f9:50:bd:70:6f:e2:69:17:3b:27:d7:f8:8c:08:cf:
1a:20:b5:da:3e:de:ef:92:aa:02:69:75:ac:8f:3c:
ec:7d:4f:b6:cf:13:66:ad:4b:59:ad:f6:39:51:0e:
e0:de:07:4f:df:84:5a:c5:64:4a:13:f3:dc:e5:cb:
39:fb:7f:57:7a:1c:aa:eb:b1:ba:29:05:cb:7f:7b:
f2:8b:62:f9:fa:4f:3f:77:35:3d:48:2b:9a:e1:f8:
51:d7:bf:0b:31:bf:fa:6f:d3:d5:4d:76:33:dd:b5:
bd:a6:7d:b6:72:ba:fa:b9:1a:7a:36:0c:8b:c5:ef:
98:97:81:dc:47:d9:9a:c2:70:3b:15:7f:0b:4f:f6:
55:33:25:46:39:0c:e8:79:65:c3:ea:c1:47:f7:2d:
55:20:0c:c1:9a:fc:4e:46:ee:0d:1b:df:1f:fc:09:
2b:55:2c:4a:31:5e:5b:f2:54:f9:71:3c:c3:6a:ee:
58:c2:f7:24:10:86:49:1c:d9:c1:38:2d:93:11:2c:
82:04:e7:8e:d2:a3:13:4c:9c:06:b3:c0:ca:cf:40:
e3:ff:56:67:a9:64:eb:38:7b:65:e3:2b:db:74:b4:
61:d1:8d:c0:06:10:dc:2f:3f:4c:f4:32:c2:c8:a0:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:55:70:C1:CE:24:76:F5:C3:9F:D7:DF:AD:13:34:B5:87:2E:01:35
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F1DBB52C19211EF8F171469762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.149.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e8:a0:76:19:ce:0e:3d:59:ab:86:0d:62:5f:a8:f1:68:70:
86:a4:14:88:32:bc:67:b9:23:bb:d5:ee:5b:88:1f:4e:be:f5:
87:80:67:b1:06:ad:1c:ee:be:b0:d3:b4:a0:97:8d:7e:85:1c:
69:f6:5c:ec:65:78:77:84:dd:c2:85:67:ed:6d:d2:dc:c8:70:
d9:d5:22:27:36:bc:fa:03:cc:57:27:fd:3e:fc:cf:be:c1:f6:
d3:83:5a:ae:d8:69:86:7e:3f:88:16:8d:61:0a:0a:3c:0f:dd:
64:32:4c:7b:11:55:f2:5a:7a:90:62:ae:73:d7:bf:4f:21:55:
00:ff:05:fb:0d:90:46:04:79:bf:53:02:7a:33:c1:17:50:ee:
cb:d8:ed:09:5c:ab:b9:84:f4:67:39:02:f1:54:83:2f:45:fa:
3a:9c:4d:d9:9f:f0:63:65:4e:57:45:70:2b:33:0a:62:7c:84:
9c:21:77:fe:a3:c2:cf:18:8b:f0:0a:16:42:34:fd:47:3c:aa:
26:1e:d9:9b:a3:ec:63:41:29:33:0d:33:b1:ad:cc:f6:55:5b:
f4:b4:ff:b3:ed:bf:37:5a:5a:05:ac:73:37:74:68:37:a0:dd:
5b:ae:28:63:37:35:58:0f:f3:b2:f1:58:cf:2a:1a:2d:df:1d:
ea:a7:56:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR/9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDAwMDUwWhcNMjUxMjEwMDAwMDUwWjAYMRYw
FAYDVQQDEw02NzZhMDc0ZS1hZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2kRSKO64Od4OhPj9iw35UL1wb+JpFzsn1/iMCM8aILXaPt7vkqoCaXWs
jzzsfU+2zxNmrUtZrfY5UQ7g3gdP34RaxWRKE/Pc5cs5+39Xehyq67G6KQXLf3vy
i2L5+k8/dzU9SCua4fhR178LMb/6b9PVTXYz3bW9pn22crr6uRp6NgyLxe+Yl4Hc
R9mawnA7FX8LT/ZVMyVGOQzoeWXD6sFH9y1VIAzBmvxORu4NG98f/AkrVSxKMV5b
8lT5cTzDau5YwvckEIZJHNnBOC2TESyCBOeO0qMTTJwGs8DKz0Dj/1ZnqWTrOHtl
4yvbdLRh0Y3ABhDcLz9M9DLCyKDLlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGlV
cMHOJHb1w5/X360TNLWHLgE1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRjFEQkI1MkMxOTIxMUVGOEYxNzE0Njk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlqVMA0GCSqGSIb3DQEB
CwUAA4IBAQBO6KB2Gc4OPVmrhg1iX6jxaHCGpBSIMrxnuSO71e5biB9OvvWHgGex
Bq0c7r6w07Sgl41+hRxp9lzsZXh3hN3ChWftbdLcyHDZ1SInNrz6A8xXJ/0+/M++
wfbTg1qu2GmGfj+IFo1hCgo8D91kMkx7EVXyWnqQYq5z179PIVUA/wX7DZBGBHm/
UwJ6M8EXUO7L2O0JXKu5hPRnOQLxVIMvRfo6nE3Zn/BjZU5XRXArMwpifIScIXf+
o8LPGIvwChZCNP1HPKomHtmbo+xjQSkzDTOxrcz2VVv0tP+z7b83WloFrHM3dGg3
oN1brihjNzVYD/Oy8VjPKhot3x3qp1Zw
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:53:48 2025 by rpki-client