Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/608D78CAC25711EF90F78C5D762E951A.roa
File: 608D78CAC25711EF90F78C5D762E951A.roa (raw, json)
Hash identifier: 3Pd2U9yC6f0a+wdPCwbIIHoUDN8pAdlpVT44GAiSivE=
Subject key identifier: 25:9B:6E:2B:66:71:E3:71:74:0F:38:A2:E3:F4:DD:38:56:93:5E:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012341
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/608D78CAC25711EF90F78C5D762E951A.roa
Signing time: Wed 25 Dec 2024 00:30:01 +0000
ROA not before: Wed 25 Dec 2024 00:00:57 +0000
ROA not after: Wed 10 Dec 2025 00:00:57 +0000
asID: 984
IP address blocks: 154.199.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74561 (0x12341)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 00:00:57 2024 GMT
Not After : Dec 10 00:00:57 2025 GMT
Subject: CN=676b5209-d368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d0:68:35:44:bd:15:45:ed:f4:97:56:dd:14:
98:43:91:5a:68:f9:9f:d3:a4:6f:18:38:52:60:9b:
4f:7e:12:9a:0b:57:63:d2:ef:84:fe:f0:74:8d:2d:
fe:d9:9b:fe:96:e4:fd:2f:af:95:59:72:4a:88:42:
6f:41:50:04:c1:1a:a2:b4:a6:9c:86:1d:99:43:26:
f5:21:7a:c9:a8:d3:af:e9:88:c2:b9:69:fa:3d:de:
d8:d7:15:bf:4c:51:43:c4:7e:49:30:cf:8e:e7:ee:
76:37:55:f4:ca:92:1f:0d:2c:11:77:90:28:0c:b3:
ed:56:ba:73:1b:1f:80:5b:b1:bc:ef:5f:53:fa:44:
45:ac:2a:d7:f2:c4:bf:e2:dc:46:0a:0f:80:bc:fe:
d0:f2:02:6d:c4:c0:72:2d:7e:14:74:25:26:ff:3a:
fe:5e:39:c2:5d:9f:b2:58:5a:b9:26:41:d9:80:d9:
c4:f3:a1:a3:2e:a0:d1:34:b6:9a:72:4b:b1:7b:a1:
e9:26:f8:06:3d:76:fb:37:c0:b1:7a:ce:99:71:70:
18:e5:ea:a2:1a:55:6d:88:df:53:2a:bb:7c:a9:15:
57:5f:56:df:70:5f:0a:cf:ac:32:ad:df:b5:0b:a5:
b1:73:e5:22:30:a2:77:8b:c1:bd:80:cd:53:53:03:
47:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:9B:6E:2B:66:71:E3:71:74:0F:38:A2:E3:F4:DD:38:56:93:5E:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/608D78CAC25711EF90F78C5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.46.0/24
Signature Algorithm: sha256WithRSAEncryption
61:34:13:a2:b0:31:57:fa:ae:a0:79:d2:00:f6:1c:12:7e:84:
ac:a9:03:a1:30:78:36:f7:e3:36:cb:26:64:5f:ec:90:42:6f:
eb:63:71:30:ba:56:e7:6e:e9:5e:ff:2b:55:31:77:d0:f0:b6:
db:3e:a3:f8:83:11:d3:88:51:88:f5:79:f6:e3:08:99:8f:d9:
47:6b:31:f4:a5:e1:48:80:34:c2:3a:f0:e2:99:d9:9f:ea:52:
68:94:48:df:c3:a7:5a:0f:ae:2f:a0:64:c4:60:d5:08:5a:d8:
51:69:c9:4e:f9:10:48:83:a4:7b:cc:25:94:4b:33:27:33:d0:
cf:cb:60:52:b9:b7:0c:d2:a3:4d:9e:12:ac:de:94:5b:76:0e:
74:fd:31:69:d1:ae:dc:f7:10:b1:91:a0:33:cc:c8:99:c1:17:
ac:1f:69:48:ed:7e:20:75:d0:56:af:7b:b5:29:e7:dc:e6:82:
62:e0:ae:9e:ae:6d:58:36:dc:54:2c:e1:e2:f5:b2:46:ce:87:
e0:3b:65:c0:28:09:4c:cf:42:d6:31:65:af:e5:b6:96:62:90:
7c:f5:e6:df:ab:24:67:41:90:78:1e:8d:65:56:3a:97:08:8f:
e2:09:8a:74:de:34:ec:3a:13:d4:ca:bc:90:83:3b:e5:0c:64:
e9:1a:bb:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASNBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDAwMDU3WhcNMjUxMjEwMDAwMDU3WjAYMRYw
FAYDVQQDEw02NzZiNTIwOS1kMzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoNBoNUS9FUXt9JdW3RSYQ5FaaPmf06RvGDhSYJtPfhKaC1dj0u+E/vB0
jS3+2Zv+luT9L6+VWXJKiEJvQVAEwRqitKachh2ZQyb1IXrJqNOv6YjCuWn6Pd7Y
1xW/TFFDxH5JMM+O5+52N1X0ypIfDSwRd5AoDLPtVrpzGx+AW7G8719T+kRFrCrX
8sS/4txGCg+AvP7Q8gJtxMByLX4UdCUm/zr+XjnCXZ+yWFq5JkHZgNnE86GjLqDR
NLaackuxe6HpJvgGPXb7N8Cxes6ZcXAY5eqiGlVtiN9TKrt8qRVXX1bfcF8Kz6wy
rd+1C6Wxc+UiMKJ3i8G9gM1TUwNHKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCWb
bitmceNxdA84ouP03ThWk14XMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MDhENzhDQUMyNTcxMUVGOTBGNzhDNUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscuMA0GCSqGSIb3DQEB
CwUAA4IBAQBhNBOisDFX+q6gedIA9hwSfoSsqQOhMHg29+M2yyZkX+yQQm/rY3Ew
ulbnbule/ytVMXfQ8LbbPqP4gxHTiFGI9Xn24wiZj9lHazH0peFIgDTCOvDimdmf
6lJolEjfw6daD64voGTEYNUIWthRaclO+RBIg6R7zCWUSzMnM9DPy2BSubcM0qNN
nhKs3pRbdg50/TFp0a7c9xCxkaAzzMiZwResH2lI7X4gddBWr3u1Kefc5oJi4K6e
rm1YNtxULOHi9bJGzofgO2XAKAlMz0LWMWWv5baWYpB89ebfqyRnQZB4Ho1lVjqX
CI/iCYp03jTsOhPUyryQgzvlDGTpGrvL
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:35:21 2025 by rpki-client