Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44E4BF04C1B011EF83A13CBB762E951A.roa
File: 44E4BF04C1B011EF83A13CBB762E951A.roa (raw, json)
Hash identifier: t5AjNV8YEKmfrg+sEUiwwp5Mfq/4iTFj4fr+KYb90zQ=
Subject key identifier: 2B:71:6C:64:A0:34:AA:06:B3:11:03:7C:89:C8:51:AB:9D:43:AA:7E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01216B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44E4BF04C1B011EF83A13CBB762E951A.roa
Signing time: Tue 24 Dec 2024 04:33:49 +0000
ROA not before: Tue 24 Dec 2024 04:33:45 +0000
ROA not after: Wed 10 Dec 2025 04:33:45 +0000
asID: 984
IP address blocks: 154.193.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74091 (0x1216b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 04:33:45 2024 GMT
Not After : Dec 10 04:33:45 2025 GMT
Subject: CN=676a39ac-9e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fc:5e:b8:eb:a2:4e:fd:9b:88:64:da:27:f0:
3c:c0:ef:ed:2e:d9:64:16:41:43:dd:7a:2a:4e:92:
91:e1:c3:fe:9b:c6:06:83:f7:6d:b2:4a:76:a9:4b:
ae:5d:3d:84:08:c8:91:93:44:ad:85:6d:43:ca:64:
05:a5:54:ed:bb:42:9e:ad:78:0f:62:c0:c1:1e:ea:
fd:a9:a3:fb:ce:6d:c5:54:17:82:fc:86:31:cc:8f:
72:56:50:d7:49:6a:f8:40:7e:4a:15:1c:0f:d7:1e:
e8:e3:0d:52:64:dd:06:7c:ee:c1:a6:c0:4e:47:02:
23:8b:82:0a:a8:2c:dc:d7:8a:5d:bb:38:e0:ff:f2:
75:95:18:a4:91:51:c0:6a:0b:f6:1d:14:8d:ac:1f:
24:ba:a4:3b:a1:50:12:c0:8b:71:a8:bf:47:e4:6d:
30:42:6f:c4:bb:39:c9:97:b4:97:62:d2:ce:1f:a8:
e4:71:98:f4:e3:6d:63:73:bd:b1:ea:a9:47:5f:b6:
83:d6:ce:2a:4a:7a:59:c3:7a:20:6c:21:6b:d2:f7:
e8:a2:7d:12:2c:f1:eb:de:b1:6f:f4:d8:fd:03:8a:
53:0b:16:3a:f3:42:75:58:e4:67:34:30:29:11:51:
fe:f8:69:b8:3e:06:13:0c:96:2b:2c:f0:ad:1e:2c:
cd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:71:6C:64:A0:34:AA:06:B3:11:03:7C:89:C8:51:AB:9D:43:AA:7E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44E4BF04C1B011EF83A13CBB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.91.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:68:35:cb:f0:58:fd:87:92:f5:70:61:d0:82:9f:be:76:1d:
a4:c7:13:ab:2f:b9:94:eb:d1:80:08:56:bf:dd:43:f6:8e:f4:
78:d0:06:bd:42:a5:ec:fd:38:01:2b:6a:09:a8:53:a6:7c:7e:
92:b2:d7:f4:b6:ca:20:94:c6:ff:0d:36:37:7d:95:f5:5b:33:
7c:73:84:9a:ef:9a:73:b1:bb:63:1e:05:f4:b2:22:95:7e:bc:
d1:20:c2:5d:cf:42:58:b4:bc:45:95:2f:b6:9f:e8:29:f2:f8:
ad:9d:48:d7:0f:b9:14:30:1f:a0:44:19:42:69:4a:bd:a6:c3:
7a:0e:99:9e:33:8f:6b:b4:79:b3:fb:dd:46:89:7a:a6:5b:29:
71:6e:c0:62:03:ae:d5:c1:b0:8e:76:a6:71:a1:31:06:29:a1:
17:57:a2:22:53:a3:fe:47:7c:00:04:05:fb:e4:a8:a0:64:e7:
f9:af:c6:5d:3a:ed:2e:c0:0c:90:ac:07:a4:6e:f2:dc:4f:9c:
f9:f7:4d:41:5e:29:f3:b6:7e:ca:09:25:66:f4:53:ee:4a:06:
5e:6d:7f:12:aa:23:e6:f0:6c:f5:dd:dd:94:84:a3:d3:c1:ff:
62:18:50:26:86:36:3a:c2:e3:56:b0:98:76:6b:6d:9f:c3:af:
04:27:a2:96
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASFrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDQzMzQ1WhcNMjUxMjEwMDQzMzQ1WjAYMRYw
FAYDVQQDEw02NzZhMzlhYy05ZTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1/xeuOuiTv2biGTaJ/A8wO/tLtlkFkFD3XoqTpKR4cP+m8YGg/dtskp2
qUuuXT2ECMiRk0SthW1DymQFpVTtu0KerXgPYsDBHur9qaP7zm3FVBeC/IYxzI9y
VlDXSWr4QH5KFRwP1x7o4w1SZN0GfO7BpsBORwIji4IKqCzc14pduzjg//J1lRik
kVHAagv2HRSNrB8kuqQ7oVASwItxqL9H5G0wQm/EuznJl7SXYtLOH6jkcZj0421j
c72x6qlHX7aD1s4qSnpZw3ogbCFr0vfoon0SLPHr3rFv9Nj9A4pTCxY680J1WORn
NDApEVH++Gm4PgYTDJYrLPCtHizN7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCtx
bGSgNKoGsxEDfInIUaudQ6p+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NEU0QkYwNEMxQjAxMUVGODNBMTNDQkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsFbMA0GCSqGSIb3DQEB
CwUAA4IBAQCNaDXL8Fj9h5L1cGHQgp++dh2kxxOrL7mU69GACFa/3UP2jvR40Aa9
QqXs/TgBK2oJqFOmfH6Sstf0tsoglMb/DTY3fZX1WzN8c4Sa75pzsbtjHgX0siKV
frzRIMJdz0JYtLxFlS+2n+gp8vitnUjXD7kUMB+gRBlCaUq9psN6DpmeM49rtHmz
+91GiXqmWylxbsBiA67VwbCOdqZxoTEGKaEXV6IiU6P+R3wABAX75KigZOf5r8Zd
Ou0uwAyQrAekbvLcT5z5901BXinztn7KCSVm9FPuSgZebX8SqiPm8Gz13d2UhKPT
wf9iGFAmhjY6wuNWsJh2a22fw68EJ6KW
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:38 2025 by rpki-client