Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F5BAF88AB3611EF8FD351AF762E951A.roa
File: 3F5BAF88AB3611EF8FD351AF762E951A.roa (raw, json)
Hash identifier: EidpeMtICrN1iiER5NJqZ092QhDu1m8YTDbO+FVmqi0=
Subject key identifier: 05:55:9F:26:8E:03:6F:B5:3A:0C:AD:FD:33:1D:C4:4D:A2:DC:5B:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011362
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F5BAF88AB3611EF8FD351AF762E951A.roa
Signing time: Mon 25 Nov 2024 14:04:55 +0000
ROA not before: Mon 25 Nov 2024 14:04:51 +0000
ROA not after: Wed 07 Jan 2026 14:04:51 +0000
asID: 139057
IP address blocks: 154.85.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70498 (0x11362)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 25 14:04:51 2024 GMT
Not After : Jan 7 14:04:51 2026 GMT
Subject: CN=67448407-c5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a6:30:7b:e2:8e:a9:16:99:3c:6d:93:31:a6:
bd:24:2f:0d:f1:1a:f4:ca:3d:c9:bc:cd:28:ef:8a:
67:a5:34:ee:7b:0f:f0:94:93:c3:e3:f4:32:b9:df:
6f:69:42:22:31:e4:72:6a:72:c1:a5:04:5c:b9:40:
c3:93:88:af:21:aa:46:4f:fd:07:56:eb:d8:c6:db:
5e:c8:64:a4:f4:ee:24:65:bc:20:cb:02:16:92:b6:
7c:f3:70:96:d1:77:c0:29:2f:98:6e:4b:03:d5:3b:
da:4a:d7:bf:9f:56:6d:79:ce:bc:c7:8a:4a:bf:48:
81:f5:1a:1e:ac:8f:93:eb:35:ca:94:14:a6:e1:23:
2a:f2:6f:02:0c:d9:87:00:a1:2e:d3:ee:01:30:98:
7f:ae:a4:82:32:a6:23:f8:b2:98:a7:35:b9:98:d1:
9e:36:e2:43:1c:ee:6f:a6:5f:b5:d9:2c:fc:0c:cf:
7e:a4:de:0a:ae:2e:11:7b:b7:da:fa:14:b0:29:db:
0a:d1:3b:74:24:76:2e:5c:c2:f8:a3:f2:cf:24:00:
80:7d:a1:5f:50:aa:f8:c6:21:67:43:f0:26:51:ad:
49:d4:ef:fb:bd:0e:ab:30:a7:6a:02:00:4e:fb:14:
00:cd:65:43:ac:b8:00:fd:74:f4:8a:6c:8b:a0:ba:
49:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:55:9F:26:8E:03:6F:B5:3A:0C:AD:FD:33:1D:C4:4D:A2:DC:5B:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F5BAF88AB3611EF8FD351AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.91.0/24
Signature Algorithm: sha256WithRSAEncryption
86:c5:ed:6c:8a:49:20:3b:e7:b1:7d:20:2d:4a:ef:37:80:a8:
a9:dd:5c:e8:a8:33:08:7c:c5:2c:87:62:5d:8e:b8:4d:6e:1e:
43:30:95:e4:59:c4:c0:73:cd:67:44:61:81:63:59:3c:bd:8f:
0a:f5:9d:c3:12:dc:74:5a:be:8e:14:2b:82:81:a7:77:79:83:
fb:00:79:44:cd:d7:aa:a6:c1:4a:85:39:c9:e0:ef:1b:bb:41:
ec:80:f6:32:7b:ae:85:88:42:0a:db:a3:5c:57:bc:87:0f:e6:
44:74:1b:fe:80:d8:ec:0d:b9:9b:53:82:9f:cd:2c:19:60:15:
98:91:6b:89:cc:e4:5c:91:a1:a1:c3:dd:8a:22:b4:44:b5:e4:
e3:f3:59:2a:3d:ea:83:d4:a8:df:ee:b1:76:4e:23:fe:3a:31:
36:5f:a8:02:7e:c2:ea:41:48:ef:a7:87:5e:eb:a5:c9:a8:75:
77:4b:c1:98:6b:79:20:19:09:76:9e:d7:af:71:44:9c:76:06:
3d:0f:ef:b3:62:2f:8a:cf:79:f1:4d:57:17:4c:d0:84:4d:f3:
f0:bb:dc:af:be:37:22:a2:d6:a7:ec:80:dc:a5:89:d5:81:8e:
87:82:2b:34:9c:b8:3c:30:cb:9c:70:fd:c7:fe:64:45:a8:17:
76:3d:87:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARNiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTI1MTQwNDUxWhcNMjYwMTA3MTQwNDUxWjAYMRYw
FAYDVQQDEw02NzQ0ODQwNy1jNWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq6Ywe+KOqRaZPG2TMaa9JC8N8Rr0yj3JvM0o74pnpTTuew/wlJPD4/Qy
ud9vaUIiMeRyanLBpQRcuUDDk4ivIapGT/0HVuvYxtteyGSk9O4kZbwgywIWkrZ8
83CW0XfAKS+YbksD1TvaSte/n1Ztec68x4pKv0iB9RoerI+T6zXKlBSm4SMq8m8C
DNmHAKEu0+4BMJh/rqSCMqYj+LKYpzW5mNGeNuJDHO5vpl+12Sz8DM9+pN4Kri4R
e7fa+hSwKdsK0Tt0JHYuXML4o/LPJACAfaFfUKr4xiFnQ/AmUa1J1O/7vQ6rMKdq
AgBO+xQAzWVDrLgA/XT0imyLoLpJrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAVV
nyaOA2+1Ogyt/TMdxE2i3FueMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRjVCQUY4OEFCMzYxMUVGOEZEMzUxQUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlVbMA0GCSqGSIb3DQEB
CwUAA4IBAQCGxe1sikkgO+exfSAtSu83gKip3VzoqDMIfMUsh2JdjrhNbh5DMJXk
WcTAc81nRGGBY1k8vY8K9Z3DEtx0Wr6OFCuCgad3eYP7AHlEzdeqpsFKhTnJ4O8b
u0HsgPYye66FiEIK26NcV7yHD+ZEdBv+gNjsDbmbU4KfzSwZYBWYkWuJzORckaGh
w92KIrREteTj81kqPeqD1Kjf7rF2TiP+OjE2X6gCfsLqQUjvp4de66XJqHV3S8GY
a3kgGQl2ntevcUScdgY9D++zYi+Kz3nxTVcXTNCETfPwu9yvvjciotan7IDcpYnV
gY6Hgis0nLg8MMuccP3H/mRFqBd2PYer
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:50:15 2025 by rpki-client