Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DF70064C0E411EF93B7C5B4762E951A.roa
File: 5DF70064C0E411EF93B7C5B4762E951A.roa (raw, json)
Hash identifier: psdcGnwKRFp+7+D6CwsrjXxs7yY57PwN0a0v4uyb0ck=
Subject key identifier: FD:64:2C:71:FF:95:B9:C2:2F:AB:8D:62:0C:AF:57:06:31:9D:19:6E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F16
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DF70064C0E411EF93B7C5B4762E951A.roa
Signing time: Mon 23 Dec 2024 04:14:13 +0000
ROA not before: Mon 23 Dec 2024 04:14:10 +0000
ROA not after: Wed 10 Dec 2025 04:14:10 +0000
asID: 984
IP address blocks: 154.89.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73494 (0x11f16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 04:14:10 2024 GMT
Not After : Dec 10 04:14:10 2025 GMT
Subject: CN=6768e395-065c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fe:ce:51:b6:a0:12:c9:89:8c:ba:ae:49:16:
17:85:e2:31:32:7a:8f:8d:6f:27:5d:b6:46:20:c4:
fb:a3:b6:10:55:9c:75:0e:4e:15:06:b6:24:e4:ac:
3a:ac:0f:d1:58:51:8d:64:c2:6d:26:4b:44:22:48:
f1:ad:be:40:91:15:27:c0:b5:10:6f:b3:cf:8b:21:
6a:ff:7a:98:76:55:6b:d3:9e:4d:fa:07:d4:82:e2:
b8:70:b9:e3:20:bb:f5:bd:88:bb:27:a4:d4:66:f5:
d9:7e:a3:f8:61:58:34:ec:52:a3:33:58:08:f2:8a:
92:ce:ea:4a:19:71:5e:69:1a:7c:7e:f5:c7:75:a6:
31:31:b3:30:3f:fd:b1:d3:c5:44:a0:a0:2e:5c:d2:
7c:1f:df:b5:d2:24:0e:53:51:34:35:a4:c5:40:d8:
09:c7:59:a4:b6:ad:32:1b:d3:25:9c:3d:1e:b2:db:
08:11:ad:00:5f:b2:72:f5:46:ac:86:95:75:09:61:
da:e0:ee:02:b6:bd:3d:8a:a4:2b:72:76:e2:18:39:
74:65:ee:9e:ba:06:04:a8:01:12:f6:f6:4a:ec:9e:
d2:9d:40:32:39:e8:90:75:a7:33:de:2d:23:b3:11:
7b:f6:0e:c5:f5:00:6e:36:6a:b4:e1:6e:01:4f:4d:
a2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:64:2C:71:FF:95:B9:C2:2F:AB:8D:62:0C:AF:57:06:31:9D:19:6E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DF70064C0E411EF93B7C5B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.250.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:ea:1b:8b:db:f9:e8:cb:25:87:44:85:1c:e0:09:6c:cb:fa:
40:f8:3d:bc:2e:18:39:8f:b5:62:b1:7b:b4:71:c9:6b:b8:24:
9a:02:5c:83:08:90:e3:ed:9c:5b:ff:a6:3f:1b:5e:b8:8f:8d:
bc:c9:3d:06:83:c5:6e:09:89:53:20:21:3f:55:03:45:d9:91:
86:4d:a4:dc:c2:a3:12:7b:ae:93:aa:16:fc:8a:b4:57:30:4f:
ae:82:4c:b2:07:94:94:fc:de:a2:08:47:19:09:3e:b4:1e:eb:
a1:40:19:9e:d3:64:97:6e:fd:25:d6:d0:5a:33:47:ee:8e:f2:
be:5e:24:01:24:67:f7:13:75:10:8c:d2:b3:2b:b0:eb:5c:d1:
ec:53:79:41:93:29:e9:1a:ac:e6:c1:41:7d:1e:08:47:2f:a3:
f6:75:26:97:e9:dc:77:73:fb:de:3e:7f:e6:24:49:82:5b:00:
71:84:24:c4:2d:51:9e:3b:06:e1:7b:d7:c7:59:af:39:2d:9a:
a5:18:4a:c7:20:06:b6:cc:d8:bf:c7:94:df:b8:0f:eb:ec:94:
f2:95:11:82:1c:e7:86:63:ba:0a:66:f3:62:53:55:61:32:66:
e4:55:71:29:07:f9:b9:c5:c4:c1:07:37:4e:1c:0f:16:32:24:
94:ae:f0:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR8WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDQxNDEwWhcNMjUxMjEwMDQxNDEwWjAYMRYw
FAYDVQQDEw02NzY4ZTM5NS0wNjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwf7OUbagEsmJjLquSRYXheIxMnqPjW8nXbZGIMT7o7YQVZx1Dk4VBrYk
5Kw6rA/RWFGNZMJtJktEIkjxrb5AkRUnwLUQb7PPiyFq/3qYdlVr055N+gfUguK4
cLnjILv1vYi7J6TUZvXZfqP4YVg07FKjM1gI8oqSzupKGXFeaRp8fvXHdaYxMbMw
P/2x08VEoKAuXNJ8H9+10iQOU1E0NaTFQNgJx1mktq0yG9MlnD0estsIEa0AX7Jy
9UashpV1CWHa4O4Ctr09iqQrcnbiGDl0Ze6eugYEqAES9vZK7J7SnUAyOeiQdacz
3i0jsxF79g7F9QBuNmq04W4BT02iPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP1k
LHH/lbnCL6uNYgyvVwYxnRluMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81REY3MDA2NEMwRTQxMUVGOTNCN0M1QjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmln6MA0GCSqGSIb3DQEB
CwUAA4IBAQCr6huL2/noyyWHRIUc4Alsy/pA+D28Lhg5j7VisXu0cclruCSaAlyD
CJDj7Zxb/6Y/G164j428yT0Gg8VuCYlTICE/VQNF2ZGGTaTcwqMSe66Tqhb8irRX
ME+ugkyyB5SU/N6iCEcZCT60HuuhQBme02SXbv0l1tBaM0fujvK+XiQBJGf3E3UQ
jNKzK7DrXNHsU3lBkynpGqzmwUF9HghHL6P2dSaX6dx3c/vePn/mJEmCWwBxhCTE
LVGeOwbhe9fHWa85LZqlGErHIAa2zNi/x5TfuA/r7JTylRGCHOeGY7oKZvNiU1Vh
MmbkVXEpB/m5xcTBBzdOHA8WMiSUrvCl
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:44:12 2025 by rpki-client