Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6431B7A6C0D711EF8678CC5D762E951A.roa
File: 6431B7A6C0D711EF8678CC5D762E951A.roa (raw, json)
Hash identifier: GkR1xbmKLLv7WODCsJq3Xf3y8IJfXmcVyYCMcOO4010=
Subject key identifier: D9:18:2B:27:FA:7C:37:D8:12:42:62:89:F5:7E:1C:79:B1:58:2C:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E6E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6431B7A6C0D711EF8678CC5D762E951A.roa
Signing time: Mon 23 Dec 2024 02:41:20 +0000
ROA not before: Mon 23 Dec 2024 02:41:17 +0000
ROA not after: Wed 10 Dec 2025 02:41:17 +0000
asID: 984
IP address blocks: 154.89.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73326 (0x11e6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 02:41:17 2024 GMT
Not After : Dec 10 02:41:17 2025 GMT
Subject: CN=6768cdd0-ef59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2c:7f:b0:68:1d:e8:41:1c:b3:c2:17:b1:c1:
22:4a:ef:3c:ac:a4:55:f2:2a:03:01:f5:f3:19:1c:
3e:02:62:27:a5:0a:b6:89:20:91:1c:7d:e5:25:0e:
c0:a8:c6:58:2c:0f:3a:f3:e6:a6:e5:d8:c0:91:50:
70:58:e5:50:9c:37:14:20:4a:de:b9:58:aa:be:50:
e2:a6:ec:93:72:2c:80:9a:bb:0a:4c:ef:b3:ec:76:
42:5e:b9:bd:fd:09:a4:03:3f:bd:64:52:20:ea:a9:
4f:d6:05:93:c0:21:fb:79:f3:d3:69:bc:e4:17:53:
8c:ef:2b:b2:19:75:a8:a6:69:d0:56:10:36:32:66:
fc:0d:b5:b6:18:a7:28:d1:b1:62:b7:99:54:27:dd:
85:9b:69:a8:82:48:c1:f6:8e:ad:02:11:37:66:d0:
cf:37:7c:39:e5:34:a5:0c:88:22:fb:07:f9:38:de:
59:55:7b:87:d4:88:11:66:97:e6:54:be:f7:40:fe:
4d:06:36:a4:3e:d1:3c:ff:77:05:61:60:9e:8a:fa:
e3:ef:a1:54:31:dd:4b:91:9d:34:01:7c:f4:be:50:
4a:62:82:10:b4:80:39:6c:ae:4f:3f:e9:87:54:2a:
fe:a2:14:30:93:a8:df:48:30:24:10:90:42:88:37:
ab:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:18:2B:27:FA:7C:37:D8:12:42:62:89:F5:7E:1C:79:B1:58:2C:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6431B7A6C0D711EF8678CC5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.149.0/24
Signature Algorithm: sha256WithRSAEncryption
35:f3:91:47:06:d7:2c:a1:d9:84:9e:46:03:fb:92:8f:7b:d0:
c2:50:3d:48:20:f3:a0:31:95:03:ed:3b:11:66:06:35:b3:bf:
0a:7e:e2:29:e1:03:7b:fd:fa:0a:48:e7:b3:56:be:0e:7b:36:
89:a0:06:37:37:2e:ee:e9:57:54:41:19:2e:50:2b:6b:28:e9:
e7:ca:4d:57:0f:af:db:14:08:e9:d3:c7:90:ad:1e:70:47:e0:
32:e4:4c:1d:25:ac:dd:99:e1:c5:f0:6b:f1:07:01:2d:3c:ed:
f1:18:8e:6f:f3:bb:03:d5:19:79:76:96:34:9a:a7:39:8a:f9:
e3:2f:ba:e3:02:ce:68:50:9e:9e:62:43:1c:9b:f7:d4:53:7e:
c2:94:9f:37:9f:c3:15:e6:68:7d:36:1a:5a:2a:b3:bf:60:e5:
5f:c5:aa:c5:7a:96:96:ab:50:cb:31:aa:5c:e1:0a:65:b0:69:
1e:4d:aa:1d:53:0b:31:bd:0f:07:13:9b:82:74:9e:a2:b4:ad:
c1:30:eb:87:c8:ec:5d:e8:0b:d3:12:33:d1:fa:63:9a:48:ce:
7a:27:d9:83:8a:20:3e:b6:8e:0a:6a:d0:9b:34:c2:07:2a:5b:
e4:05:b7:84:f9:10:78:37:d8:87:2d:e1:c2:1f:d3:be:08:90:
7d:d3:91:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR5uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDI0MTE3WhcNMjUxMjEwMDI0MTE3WjAYMRYw
FAYDVQQDEw02NzY4Y2RkMC1lZjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2ix/sGgd6EEcs8IXscEiSu88rKRV8ioDAfXzGRw+AmInpQq2iSCRHH3l
JQ7AqMZYLA868+am5djAkVBwWOVQnDcUIEreuViqvlDipuyTciyAmrsKTO+z7HZC
Xrm9/QmkAz+9ZFIg6qlP1gWTwCH7efPTabzkF1OM7yuyGXWopmnQVhA2Mmb8DbW2
GKco0bFit5lUJ92Fm2mogkjB9o6tAhE3ZtDPN3w55TSlDIgi+wf5ON5ZVXuH1IgR
ZpfmVL73QP5NBjakPtE8/3cFYWCeivrj76FUMd1LkZ00AXz0vlBKYoIQtIA5bK5P
P+mHVCr+ohQwk6jfSDAkEJBCiDer3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNkY
Kyf6fDfYEkJiifV+HHmxWCz/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NDMxQjdBNkMwRDcxMUVGODY3OENDNUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmVMA0GCSqGSIb3DQEB
CwUAA4IBAQA185FHBtcsodmEnkYD+5KPe9DCUD1IIPOgMZUD7TsRZgY1s78KfuIp
4QN7/foKSOezVr4OezaJoAY3Ny7u6VdUQRkuUCtrKOnnyk1XD6/bFAjp08eQrR5w
R+Ay5EwdJazdmeHF8GvxBwEtPO3xGI5v87sD1Rl5dpY0mqc5ivnjL7rjAs5oUJ6e
YkMcm/fUU37ClJ83n8MV5mh9NhpaKrO/YOVfxarFepaWq1DLMapc4QplsGkeTaod
UwsxvQ8HE5uCdJ6itK3BMOuHyOxd6AvTEjPR+mOaSM56J9mDiiA+to4KatCbNMIH
KlvkBbeE+RB4N9iHLeHCH9O+CJB905Ec
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:58:13 2025 by rpki-client