Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F49D59ACDDD11EFA1D44DB1762E951A.roa
File: 4F49D59ACDDD11EFA1D44DB1762E951A.roa (raw, json)
Hash identifier: 0c0D3IXGAmjWje/uGn6i1zKfdJr4RTn78ASolM1UYBQ=
Subject key identifier: 65:BF:27:DE:DB:DB:EA:B5:84:9F:C3:F6:F0:D1:46:1F:85:22:4E:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0137A3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F49D59ACDDD11EFA1D44DB1762E951A.roa
Signing time: Wed 08 Jan 2025 16:26:27 +0000
ROA not before: Wed 08 Jan 2025 16:26:23 +0000
ROA not after: Sat 03 Jan 2026 16:26:23 +0000
asID: 984
IP address blocks: 154.89.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79779 (0x137a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 16:26:23 2025 GMT
Not After : Jan 3 16:26:23 2026 GMT
Subject: CN=677ea733-95e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c3:7c:62:c7:9c:ab:18:ef:23:5f:56:be:eb:
76:79:f2:88:79:d2:b5:c3:8c:79:84:8e:71:10:86:
76:3b:ce:38:62:12:f9:b0:5d:26:7d:6b:6f:63:24:
1a:27:94:42:41:eb:7d:e1:d2:f6:25:31:41:6f:fd:
59:10:a0:bc:c3:d2:1b:42:af:a1:b3:92:41:66:79:
ab:59:9a:d1:2f:7a:f1:d7:67:89:90:f6:5d:6f:b5:
ad:93:8f:1c:ed:8d:0a:10:8b:c5:5c:98:cf:95:68:
52:ba:a5:34:01:e6:12:89:d0:a9:65:7f:4a:0e:a8:
5b:89:ee:92:67:ae:c0:f0:9f:de:fb:bb:ce:7f:b9:
b2:23:84:d5:4c:72:95:79:fa:6f:57:86:17:d0:ad:
26:48:4e:32:3f:ab:bd:21:4d:b4:cd:3b:28:9b:45:
44:e6:0d:d3:b6:29:d7:8b:0a:8c:84:1a:b4:37:1d:
2b:21:d6:a2:d6:3f:6b:c5:86:9e:d5:61:46:32:04:
d9:17:cc:a5:3c:9f:4b:ee:21:d0:61:85:25:c4:92:
d3:53:61:71:c2:63:92:49:ea:fa:70:41:20:93:f0:
31:f7:a1:c1:33:0e:69:09:4e:58:ac:44:89:92:ec:
d7:a9:10:03:31:45:2a:1f:e5:2e:56:cf:e2:f7:e1:
46:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BF:27:DE:DB:DB:EA:B5:84:9F:C3:F6:F0:D1:46:1F:85:22:4E:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F49D59ACDDD11EFA1D44DB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:51:e8:b2:fa:b4:c1:c9:60:29:5c:71:f5:bb:bb:7a:79:b5:
65:b7:89:ff:5d:68:0a:08:6d:88:a7:12:5a:26:77:bd:92:fc:
c4:f2:33:88:8c:7d:c3:e5:86:23:96:4a:b8:6e:98:3d:4c:dc:
ee:db:20:97:9c:be:d5:bf:fb:87:16:1c:f0:0a:3c:3e:4c:0c:
a0:d0:f9:68:03:76:f2:c9:23:50:de:32:12:fd:3c:76:b2:98:
38:d8:7e:3f:9b:6d:bc:51:d5:bc:83:d2:82:91:a4:02:4a:c5:
de:bc:e2:c9:24:46:4a:22:0d:a2:d3:00:c7:f9:54:38:af:70:
27:e7:cf:f2:55:b9:68:e2:d1:04:00:62:25:b7:7f:d9:89:5f:
3c:c0:3c:21:85:4c:1b:8e:82:94:3d:a5:03:c2:4c:1e:d7:67:
70:ba:53:b8:c4:68:78:b6:51:1e:0b:b4:6c:7e:5d:3e:16:06:
dd:f8:e8:31:a9:af:fa:24:3e:94:e7:79:3b:a2:b4:71:17:39:
55:ae:36:ed:c9:c3:b5:38:5d:b9:0b:46:41:be:5b:d1:5b:0c:
00:a5:13:dd:ab:c9:cf:6d:82:2d:e5:c1:98:00:18:43:17:e3:
34:e5:a2:b1:98:f2:38:bf:09:64:81:0b:c2:b2:a9:3d:b5:3d:
7b:c1:eb:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATejMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTYyNjIzWhcNMjYwMTAzMTYyNjIzWjAYMRYw
FAYDVQQDEw02NzdlYTczMy05NWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2sN8YsecqxjvI19Wvut2efKIedK1w4x5hI5xEIZ2O844YhL5sF0mfWtv
YyQaJ5RCQet94dL2JTFBb/1ZEKC8w9IbQq+hs5JBZnmrWZrRL3rx12eJkPZdb7Wt
k48c7Y0KEIvFXJjPlWhSuqU0AeYSidCpZX9KDqhbie6SZ67A8J/e+7vOf7myI4TV
THKVefpvV4YX0K0mSE4yP6u9IU20zTsom0VE5g3TtinXiwqMhBq0Nx0rIdai1j9r
xYae1WFGMgTZF8ylPJ9L7iHQYYUlxJLTU2FxwmOSSer6cEEgk/Ax96HBMw5pCU5Y
rESJkuzXqRADMUUqH+UuVs/i9+FG+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGW/
J97b2+q1hJ/D9vDRRh+FIk52MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RjQ5RDU5QUNEREQxMUVGQTFENDREQjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmgMA0GCSqGSIb3DQEB
CwUAA4IBAQAtUeiy+rTByWApXHH1u7t6ebVlt4n/XWgKCG2IpxJaJne9kvzE8jOI
jH3D5YYjlkq4bpg9TNzu2yCXnL7Vv/uHFhzwCjw+TAyg0PloA3byySNQ3jIS/Tx2
spg42H4/m228UdW8g9KCkaQCSsXevOLJJEZKIg2i0wDH+VQ4r3An58/yVblo4tEE
AGIlt3/ZiV88wDwhhUwbjoKUPaUDwkwe12dwulO4xGh4tlEeC7Rsfl0+Fgbd+Ogx
qa/6JD6U53k7orRxFzlVrjbtycO1OF25C0ZBvlvRWwwApRPdq8nPbYIt5cGYABhD
F+M05aKxmPI4vwlkgQvCsqk9tT17wesv
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:30:42 2025 by rpki-client