Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5306492AC0D611EF9F790A56762E951A.roa
File: 5306492AC0D611EF9F790A56762E951A.roa (raw, json)
Hash identifier: A8SSCyLbSbtm8THcJrsOhPJzH7UkuCdcKE+TvTCtPMc=
Subject key identifier: DE:71:87:AA:1A:8D:88:24:43:E8:88:00:71:71:2F:02:15:29:5B:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E60
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5306492AC0D611EF9F790A56762E951A.roa
Signing time: Mon 23 Dec 2024 02:33:42 +0000
ROA not before: Mon 23 Dec 2024 02:33:39 +0000
ROA not after: Wed 10 Dec 2025 02:33:39 +0000
asID: 984
IP address blocks: 154.89.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73312 (0x11e60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 02:33:39 2024 GMT
Not After : Dec 10 02:33:39 2025 GMT
Subject: CN=6768cc06-90e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:be:19:17:2e:c0:22:84:2e:c3:f7:c6:aa:9a:
df:d1:07:1e:ee:9a:fa:60:a0:af:11:23:d8:f1:92:
48:36:62:36:06:e0:3c:cf:d1:08:40:df:fa:a5:22:
cd:1b:e4:58:12:43:c7:3d:21:1b:f8:a4:f5:4a:55:
36:49:b5:0e:4c:bd:bb:da:ec:8e:3a:2b:70:77:2d:
51:c0:02:1c:82:ac:0b:21:3f:92:9c:0e:19:e2:bb:
5b:1f:31:1c:25:e8:b7:02:d9:07:5b:57:75:ad:dd:
e5:28:b2:e9:73:56:a3:9f:61:ff:84:2d:87:be:40:
50:61:9a:7e:70:25:ea:b6:c8:c0:43:fe:e2:1b:27:
9c:10:a8:6e:9d:f7:41:59:72:32:84:44:56:83:cc:
79:2a:28:ca:5c:cc:a2:e0:5d:83:57:e3:25:59:df:
4e:70:65:61:73:4c:8a:43:07:c8:f6:66:79:cf:4f:
43:40:50:b5:3e:d5:02:6a:51:12:b5:ed:12:c9:7a:
9d:17:db:0f:49:9a:8d:79:a3:16:1f:4a:42:95:55:
37:9a:5d:7e:94:50:f6:0a:5a:50:1f:03:f5:09:f2:
09:85:73:95:4d:5a:04:ef:d0:65:ad:40:63:1b:39:
73:1d:f9:1d:ef:b5:85:6d:eb:c5:31:42:99:19:a5:
9d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:71:87:AA:1A:8D:88:24:43:E8:88:00:71:71:2F:02:15:29:5B:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5306492AC0D611EF9F790A56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.142.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:8f:ff:d9:8b:cb:b2:fc:f7:62:56:d9:85:f7:80:e3:55:77:
d4:be:a4:ba:76:00:4e:46:af:e7:02:e7:df:ac:2b:df:ea:44:
05:9e:c4:98:8a:fc:bc:e2:d2:70:82:83:28:67:bd:ef:50:59:
a7:96:84:24:7a:31:36:f8:87:9c:fb:fa:e3:e0:8c:bd:04:80:
d7:93:e7:6f:fe:9b:0e:06:8b:a0:4d:6e:f2:5b:cb:e7:c8:a8:
35:a3:6d:94:32:3f:4e:9f:46:0b:1f:26:dc:3a:63:90:ed:05:
8a:64:8b:51:81:78:39:c1:77:2a:92:f3:61:b1:9b:a8:b5:bc:
ff:4a:c5:04:93:8f:d1:19:33:3b:7c:3e:c6:a8:67:ce:0e:a3:
6c:af:ba:8b:a0:24:9b:17:d4:9e:97:fc:c0:84:8b:31:85:09:
d1:eb:f0:60:ce:08:d6:6c:8a:55:94:e4:20:7b:b8:ac:54:aa:
61:eb:e9:73:12:d9:03:9e:0f:85:e5:12:5e:d6:a6:73:e7:2d:
e4:52:7d:78:0a:4f:e4:7b:a2:3f:66:a6:fc:b5:61:d4:bb:93:
37:80:05:80:b0:89:db:ee:1b:5d:f6:29:c8:7d:c9:8f:aa:0b:
cf:01:2b:13:ec:12:48:00:cf:c9:09:9c:24:06:12:25:57:b4:
44:eb:73:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR5gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDIzMzM5WhcNMjUxMjEwMDIzMzM5WjAYMRYw
FAYDVQQDEw02NzY4Y2MwNi05MGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5r4ZFy7AIoQuw/fGqprf0Qce7pr6YKCvESPY8ZJINmI2BuA8z9EIQN/6
pSLNG+RYEkPHPSEb+KT1SlU2SbUOTL272uyOOitwdy1RwAIcgqwLIT+SnA4Z4rtb
HzEcJei3AtkHW1d1rd3lKLLpc1ajn2H/hC2HvkBQYZp+cCXqtsjAQ/7iGyecEKhu
nfdBWXIyhERWg8x5KijKXMyi4F2DV+MlWd9OcGVhc0yKQwfI9mZ5z09DQFC1PtUC
alESte0SyXqdF9sPSZqNeaMWH0pClVU3ml1+lFD2ClpQHwP1CfIJhXOVTVoE79Bl
rUBjGzlzHfkd77WFbevFMUKZGaWd5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN5x
h6oajYgkQ+iIAHFxLwIVKVtRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MzA2NDkyQUMwRDYxMUVGOUY3OTBBNTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmOMA0GCSqGSIb3DQEB
CwUAA4IBAQCmj//Zi8uy/PdiVtmF94DjVXfUvqS6dgBORq/nAuffrCvf6kQFnsSY
ivy84tJwgoMoZ73vUFmnloQkejE2+Iec+/rj4Iy9BIDXk+dv/psOBougTW7yW8vn
yKg1o22UMj9On0YLHybcOmOQ7QWKZItRgXg5wXcqkvNhsZuotbz/SsUEk4/RGTM7
fD7GqGfODqNsr7qLoCSbF9Sel/zAhIsxhQnR6/BgzgjWbIpVlOQge7isVKph6+lz
EtkDng+F5RJe1qZz5y3kUn14Ck/ke6I/Zqb8tWHUu5M3gAWAsInb7htd9inIfcmP
qgvPASsT7BJIAM/JCZwkBhIlV7RE63PR
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:32:03 2025 by rpki-client