Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60C297E4C0DB11EF938B207B762E951A.roa
File: 60C297E4C0DB11EF938B207B762E951A.roa (raw, json)
Hash identifier: REgPSfE+aCATIL2c93HpjRE5hVff0AxOIinGHGxQajY=
Subject key identifier: AD:5B:7B:9A:73:3D:BA:A8:07:28:88:67:9E:07:1B:8C:39:49:6C:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011EA2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60C297E4C0DB11EF938B207B762E951A.roa
Signing time: Mon 23 Dec 2024 03:09:53 +0000
ROA not before: Mon 23 Dec 2024 03:09:49 +0000
ROA not after: Wed 10 Dec 2025 03:09:49 +0000
asID: 984
IP address blocks: 154.89.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73378 (0x11ea2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 03:09:49 2024 GMT
Not After : Dec 10 03:09:49 2025 GMT
Subject: CN=6768d481-ffb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:47:08:cf:fb:83:79:bd:18:8f:8a:e9:ac:
89:08:7c:2d:00:a5:d6:da:5c:58:e7:e4:17:63:d5:
29:7a:d8:d7:d9:72:7f:2e:b6:87:7b:06:f0:31:8e:
e4:98:e4:77:d3:56:78:ee:f4:f1:3a:e1:fb:81:4a:
b1:3d:ad:b3:0c:a4:fd:e9:b1:77:11:ed:bd:a7:8b:
b6:77:71:34:e5:39:e5:a0:ee:1c:0f:a3:28:3e:30:
c0:c5:5e:90:f1:fb:42:a5:fa:2c:33:74:2e:09:0d:
40:69:f7:5a:31:43:f6:b1:6c:99:63:b3:7b:aa:e0:
be:ba:f0:97:78:18:50:62:25:46:e9:11:0f:8f:97:
0f:ef:ef:c7:80:cc:84:4f:c9:94:e7:c4:dc:46:46:
b5:1a:89:b3:c3:35:c3:12:23:34:a7:aa:af:43:d0:
de:90:be:7c:a8:5b:21:b1:11:24:6f:45:d1:f6:f4:
e6:8c:95:32:fe:ec:8b:1b:f7:dd:62:89:43:f2:e9:
bb:be:72:35:19:26:4d:5e:a8:a9:ea:46:5f:80:53:
0b:84:99:03:e6:5a:72:06:c4:09:25:37:2e:6b:eb:
b8:dd:41:bd:0b:02:69:4a:af:9c:3a:0b:6f:f7:89:
ec:bc:64:89:44:f3:f0:77:84:65:a2:16:cc:88:b4:
9a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:5B:7B:9A:73:3D:BA:A8:07:28:88:67:9E:07:1B:8C:39:49:6C:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60C297E4C0DB11EF938B207B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.175.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:ec:24:ca:18:5f:46:e0:3b:82:5f:74:e4:2f:f9:5e:a7:d1:
ac:a0:93:5d:75:9e:8a:df:66:d2:f1:1a:28:a6:cf:a9:45:a1:
85:29:7a:df:a1:80:f6:c2:47:3b:01:9f:b2:42:6b:5c:8f:6c:
f7:f6:85:84:6a:56:a2:f0:e7:89:26:7a:5a:47:19:f8:93:c8:
27:11:06:68:46:20:d1:8c:48:2e:ab:cf:4c:bd:73:dc:2d:c2:
91:81:c2:36:ee:94:a6:67:2e:06:df:23:fd:60:27:93:e8:13:
2f:53:ac:74:3f:8a:40:16:f5:1f:65:9c:1d:97:de:e0:09:33:
03:12:a8:8c:66:7a:b7:34:a9:eb:c6:a7:68:96:eb:15:8d:3b:
f1:bd:33:31:04:74:7a:d7:5e:0e:f0:e4:f2:c8:0d:98:2c:da:
5e:22:6d:1e:93:dd:5d:04:6c:b4:cb:07:62:9c:8c:e7:90:eb:
95:25:ea:54:94:64:4d:98:5a:a5:3a:27:47:dc:29:3a:89:b9:
df:12:59:f3:76:96:32:49:77:2c:05:07:81:9c:af:fc:7f:f6:
c0:40:5c:26:7a:74:58:1a:48:52:67:66:10:0a:60:39:61:dc:
b4:73:ec:9c:20:81:97:db:8a:0e:75:f4:ea:7f:5e:82:be:ea:
9b:5f:02:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR6iMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDMwOTQ5WhcNMjUxMjEwMDMwOTQ5WjAYMRYw
FAYDVQQDEw02NzY4ZDQ4MS1mZmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs51HCM/7g3m9GI+K6ayJCHwtAKXW2lxY5+QXY9UpetjX2XJ/LraHewbw
MY7kmOR301Z47vTxOuH7gUqxPa2zDKT96bF3Ee29p4u2d3E05TnloO4cD6MoPjDA
xV6Q8ftCpfosM3QuCQ1AafdaMUP2sWyZY7N7quC+uvCXeBhQYiVG6REPj5cP7+/H
gMyET8mU58TcRka1GomzwzXDEiM0p6qvQ9DekL58qFshsREkb0XR9vTmjJUy/uyL
G/fdYolD8um7vnI1GSZNXqip6kZfgFMLhJkD5lpyBsQJJTcua+u43UG9CwJpSq+c
Ogtv94nsvGSJRPPwd4RlohbMiLSapwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK1b
e5pzPbqoByiIZ54HG4w5SWwvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MEMyOTdFNEMwREIxMUVGOTM4QjIwN0I3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmvMA0GCSqGSIb3DQEB
CwUAA4IBAQAb7CTKGF9G4DuCX3TkL/lep9GsoJNddZ6K32bS8Roops+pRaGFKXrf
oYD2wkc7AZ+yQmtcj2z39oWEalai8OeJJnpaRxn4k8gnEQZoRiDRjEguq89MvXPc
LcKRgcI27pSmZy4G3yP9YCeT6BMvU6x0P4pAFvUfZZwdl97gCTMDEqiMZnq3NKnr
xqdolusVjTvxvTMxBHR6114O8OTyyA2YLNpeIm0ek91dBGy0ywdinIznkOuVJepU
lGRNmFqlOidH3Ck6ibnfElnzdpYySXcsBQeBnK/8f/bAQFwmenRYGkhSZ2YQCmA5
Ydy0c+ycIIGX24oOdfTqf16CvuqbXwLW
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:04:40 2025 by rpki-client