Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54F72270C0E211EFACCFCEA6762E951A.roa
File: 54F72270C0E211EFACCFCEA6762E951A.roa (raw, json)
Hash identifier: GZcfsxVHSUXjEo3KWpybEtmCR0+T+HYNlR2XbVzc0ho=
Subject key identifier: 9C:CD:9D:DC:2B:72:F3:0A:2E:5E:13:97:FD:8A:9F:8C:24:D7:94:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011EFC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54F72270C0E211EFACCFCEA6762E951A.roa
Signing time: Mon 23 Dec 2024 03:59:39 +0000
ROA not before: Mon 23 Dec 2024 03:59:36 +0000
ROA not after: Wed 10 Dec 2025 03:59:36 +0000
asID: 984
IP address blocks: 154.89.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73468 (0x11efc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 03:59:36 2024 GMT
Not After : Dec 10 03:59:36 2025 GMT
Subject: CN=6768e02b-58aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0f:12:82:fd:21:3d:4a:d3:e2:e1:b2:be:14:
eb:21:3a:a3:0e:16:b4:83:8a:c0:f0:b6:7e:ac:93:
6f:64:c2:17:0b:03:5c:53:96:aa:ce:62:81:ae:97:
72:a2:32:d6:29:56:77:e7:34:09:3c:53:61:7b:43:
58:aa:0c:08:31:b3:b7:68:99:56:91:f4:c5:e3:fe:
ea:62:1f:13:5e:38:2b:84:0f:87:ce:6a:eb:bc:aa:
ee:23:78:8d:da:dd:dc:8a:ed:49:a7:75:ed:b8:42:
ff:c6:1e:ab:6f:91:69:7d:d0:7b:5c:fc:60:90:2f:
d8:f6:cd:09:86:bf:c0:68:f6:88:4d:c7:79:1d:8e:
05:71:bf:d4:9b:cf:5b:7f:d0:ee:e1:17:a8:ae:97:
df:6f:e2:c4:c5:45:1f:20:9f:44:84:96:36:8d:62:
70:46:c2:6b:1b:24:e0:f8:25:bd:b1:78:26:82:54:
43:f1:72:84:7e:3f:26:2f:e1:ad:f6:d0:88:40:5e:
24:a6:73:01:c3:99:c9:39:f9:9b:da:40:0c:e1:65:
62:d3:01:aa:4c:fe:51:96:21:bc:ed:68:99:71:45:
b9:b6:dd:b8:58:36:91:b8:c5:b1:55:89:ea:a2:99:
7e:92:e9:47:b0:42:00:32:aa:bb:0a:f2:08:48:9b:
66:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CD:9D:DC:2B:72:F3:0A:2E:5E:13:97:FD:8A:9F:8C:24:D7:94:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54F72270C0E211EFACCFCEA6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.220.0/24
Signature Algorithm: sha256WithRSAEncryption
22:fc:7e:fa:6f:98:75:d1:6f:25:5b:45:40:3a:c0:a9:2c:4a:
c6:9a:5c:44:9a:9a:ad:8d:40:3f:75:a3:ea:27:bb:e5:56:57:
82:ba:b6:92:2b:07:b8:6e:a4:c7:4b:55:38:89:47:35:c3:94:
58:07:68:45:c8:81:0c:81:ed:2c:47:ee:da:df:14:f0:c8:d9:
2d:25:bb:92:09:31:2b:fe:ba:13:a1:c0:91:0c:fc:c1:88:08:
54:50:80:dd:98:f1:ab:19:93:bf:fd:32:ed:61:f4:94:f4:70:
d6:0e:6d:58:b8:3e:77:f4:b1:aa:2a:67:40:a6:92:19:76:59:
51:70:b5:51:8e:02:b7:fc:24:34:a9:9b:ff:24:a6:44:93:2e:
2f:bc:62:7d:3f:2c:e1:d4:89:e8:af:84:45:e6:51:8c:4a:11:
cd:c3:f0:6e:77:73:44:d4:09:e4:30:5c:ee:c3:36:6e:8f:a4:
bb:30:2d:16:34:d3:e0:9b:5e:78:9b:91:aa:c6:d6:d6:7a:d5:
65:cb:e7:3c:23:95:cc:27:7d:fe:83:28:fd:20:e9:65:6a:39:
2a:2d:24:2d:9b:92:e3:e7:c6:35:59:c8:af:24:73:22:ea:d3:
3c:93:c5:2d:3c:77:06:c9:78:75:7c:c4:5d:4b:84:53:10:23:
b6:90:11:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR78MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDM1OTM2WhcNMjUxMjEwMDM1OTM2WjAYMRYw
FAYDVQQDEw02NzY4ZTAyYi01OGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAww8Sgv0hPUrT4uGyvhTrITqjDha0g4rA8LZ+rJNvZMIXCwNcU5aqzmKB
rpdyojLWKVZ35zQJPFNhe0NYqgwIMbO3aJlWkfTF4/7qYh8TXjgrhA+HzmrrvKru
I3iN2t3ciu1Jp3XtuEL/xh6rb5FpfdB7XPxgkC/Y9s0Jhr/AaPaITcd5HY4Fcb/U
m89bf9Du4Reorpffb+LExUUfIJ9EhJY2jWJwRsJrGyTg+CW9sXgmglRD8XKEfj8m
L+Gt9tCIQF4kpnMBw5nJOfmb2kAM4WVi0wGqTP5RliG87WiZcUW5tt24WDaRuMWx
VYnqopl+kulHsEIAMqq7CvIISJtmiwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJzN
ndwrcvMKLl4Tl/2Kn4wk15TiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NEY3MjI3MEMwRTIxMUVGQUNDRkNFQTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlncMA0GCSqGSIb3DQEB
CwUAA4IBAQAi/H76b5h10W8lW0VAOsCpLErGmlxEmpqtjUA/daPqJ7vlVleCuraS
Kwe4bqTHS1U4iUc1w5RYB2hFyIEMge0sR+7a3xTwyNktJbuSCTEr/roTocCRDPzB
iAhUUIDdmPGrGZO//TLtYfSU9HDWDm1YuD539LGqKmdAppIZdllRcLVRjgK3/CQ0
qZv/JKZEky4vvGJ9Pyzh1Inor4RF5lGMShHNw/Bud3NE1AnkMFzuwzZuj6S7MC0W
NNPgm154m5GqxtbWetVly+c8I5XMJ33+gyj9IOllajkqLSQtm5Lj58Y1WcivJHMi
6tM8k8UtPHcGyXh1fMRdS4RTECO2kBF5
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:40 2025 by rpki-client