Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42066D46C0E311EF8FBD63AE762E951A.roa
File: 42066D46C0E311EF8FBD63AE762E951A.roa (raw, json)
Hash identifier: zgZy4v/i9UeAgzZaAnVOLUtpjZXCdtWG4IxfGIvF4fg=
Subject key identifier: 4D:04:AA:AF:FA:55:E3:97:F0:FD:02:A6:96:58:B7:C5:49:69:EA:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F08
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42066D46C0E311EF8FBD63AE762E951A.roa
Signing time: Mon 23 Dec 2024 04:06:17 +0000
ROA not before: Mon 23 Dec 2024 04:06:13 +0000
ROA not after: Wed 10 Dec 2025 04:06:13 +0000
asID: 984
IP address blocks: 154.89.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73480 (0x11f08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 04:06:13 2024 GMT
Not After : Dec 10 04:06:13 2025 GMT
Subject: CN=6768e1b9-cf7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:d7:57:09:d5:53:ea:c6:b7:8d:d1:9b:56:22:
cb:22:51:a8:2f:b1:fb:8e:45:6f:1c:e6:89:ae:dd:
22:0f:91:fc:a6:d0:68:6e:da:7d:63:94:2a:cc:48:
72:59:98:42:5d:fa:bc:f2:ed:8f:32:fd:e3:bd:e5:
b3:af:c2:5d:75:e0:63:54:4e:98:49:ba:64:4e:b2:
e8:db:0a:18:56:1f:52:08:7b:cd:7f:49:14:23:b0:
17:60:3e:eb:6a:7d:83:e8:60:2f:92:c4:e5:8f:67:
4a:45:38:fd:f8:fa:90:1f:ed:a2:98:a7:7c:7d:30:
33:37:4e:f8:0a:20:22:65:af:f7:6c:e3:a6:48:60:
6a:b6:ed:96:25:ab:4b:9c:9b:2e:bd:b5:af:c1:16:
50:bc:bd:b3:1f:e4:4f:12:a8:c8:8b:eb:d4:f2:e3:
77:51:8a:74:6e:0b:a3:c0:1d:3c:68:f7:89:4a:22:
3d:d2:d2:61:b6:de:5b:86:15:a5:4a:13:f0:1d:3c:
93:87:b4:9e:2f:c0:2f:e1:4c:7e:a9:58:49:4d:b3:
ec:d7:f9:1a:60:a4:08:38:49:55:16:8b:b2:a1:ea:
c3:0a:2e:5f:5d:3c:6e:6d:c4:11:94:86:1b:24:2d:
3d:76:44:7c:2f:8b:af:d8:75:36:5d:2a:32:66:7b:
0a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:04:AA:AF:FA:55:E3:97:F0:FD:02:A6:96:58:B7:C5:49:69:EA:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42066D46C0E311EF8FBD63AE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.243.0/24
Signature Algorithm: sha256WithRSAEncryption
33:aa:9b:5f:c6:f8:ce:ac:a3:e5:b5:2c:11:af:81:0a:e6:59:
75:6d:d0:8e:9c:83:e0:2b:15:21:51:cf:72:cd:31:8b:9f:78:
de:e9:32:55:26:63:73:a7:5c:dd:ae:07:54:06:d4:29:02:c1:
b9:5f:78:b7:22:22:41:63:d7:8e:b7:8e:3a:2b:a9:9c:9a:be:
fb:26:5e:8b:73:c2:11:b0:16:1f:c8:77:49:93:c3:0e:de:a2:
fc:d9:33:f4:91:45:ff:96:04:61:25:e2:f5:ff:b3:c5:96:4a:
09:3b:f4:dd:ac:bf:3e:b9:10:4d:10:e5:91:39:4d:29:8e:ef:
e3:52:f9:dd:e2:4e:86:1a:c5:df:e1:d6:56:9b:87:5e:74:44:
a5:2d:2f:31:50:88:a0:be:5d:b6:50:20:d3:e4:07:06:37:77:
81:2b:d5:4c:6c:1c:22:70:dd:02:af:3f:0e:66:59:fc:da:02:
6a:3e:a9:2d:ba:96:a4:4f:2d:d1:43:48:ff:67:cb:66:b3:f1:
9b:f8:9d:3b:07:2b:5f:c6:2a:20:e0:83:24:e0:d6:8b:59:09:
8a:f4:52:a9:d0:1b:53:23:75:5d:10:82:31:14:09:d4:30:03:
da:88:53:a2:09:01:ab:3e:28:83:3f:4b:b6:4a:aa:c6:b7:c7:
56:32:d6:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR8IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDQwNjEzWhcNMjUxMjEwMDQwNjEzWjAYMRYw
FAYDVQQDEw02NzY4ZTFiOS1jZjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7tdXCdVT6sa3jdGbViLLIlGoL7H7jkVvHOaJrt0iD5H8ptBobtp9Y5Qq
zEhyWZhCXfq88u2PMv3jveWzr8JddeBjVE6YSbpkTrLo2woYVh9SCHvNf0kUI7AX
YD7ran2D6GAvksTlj2dKRTj9+PqQH+2imKd8fTAzN074CiAiZa/3bOOmSGBqtu2W
JatLnJsuvbWvwRZQvL2zH+RPEqjIi+vU8uN3UYp0bgujwB08aPeJSiI90tJhtt5b
hhWlShPwHTyTh7SeL8Av4Ux+qVhJTbPs1/kaYKQIOElVFouyoerDCi5fXTxubcQR
lIYbJC09dkR8L4uv2HU2XSoyZnsKdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE0E
qq/6VeOX8P0CppZYt8VJaeosMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MjA2NkQ0NkMwRTMxMUVGOEZCRDYzQUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnzMA0GCSqGSIb3DQEB
CwUAA4IBAQAzqptfxvjOrKPltSwRr4EK5ll1bdCOnIPgKxUhUc9yzTGLn3je6TJV
JmNzp1zdrgdUBtQpAsG5X3i3IiJBY9eOt446K6mcmr77Jl6Lc8IRsBYfyHdJk8MO
3qL82TP0kUX/lgRhJeL1/7PFlkoJO/TdrL8+uRBNEOWROU0pju/jUvnd4k6GGsXf
4dZWm4dedESlLS8xUIigvl22UCDT5AcGN3eBK9VMbBwicN0Crz8OZln82gJqPqkt
upakTy3RQ0j/Z8tms/Gb+J07Bytfxiog4IMk4NaLWQmK9FKp0BtTI3VdEIIxFAnU
MAPaiFOiCQGrPiiDP0u2SqrGt8dWMtaj
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:42:29 2025 by rpki-client