Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/708FC1CCC0EC11EF8F607067762E951A.roa
File: 708FC1CCC0EC11EF8F607067762E951A.roa (raw, json)
Hash identifier: F/mKc3vyh2MNwuSGxrJZKa4BJhIJ3C9Mtm/zsGp+6fw=
Subject key identifier: 26:54:D3:4B:73:5F:0B:A0:E4:7D:82:8F:38:31:9E:99:74:0A:CF:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F2E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/708FC1CCC0EC11EF8F607067762E951A.roa
Signing time: Mon 23 Dec 2024 05:12:01 +0000
ROA not before: Mon 23 Dec 2024 05:11:57 +0000
ROA not after: Wed 10 Dec 2025 05:11:57 +0000
asID: 984
IP address blocks: 154.90.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73518 (0x11f2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 05:11:57 2024 GMT
Not After : Dec 10 05:11:57 2025 GMT
Subject: CN=6768f120-f92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cc:20:6d:70:f6:50:da:aa:f3:02:60:73:b4:
78:0d:7f:d5:79:c6:ad:38:da:44:f0:3e:27:d8:f3:
25:b0:3f:02:2f:d7:6e:a3:49:e5:a9:8f:e3:03:43:
62:67:32:ac:ef:5e:de:79:ee:23:0b:70:03:ab:41:
a0:41:9c:24:38:14:57:e8:da:20:7f:a1:a2:a8:ca:
66:b7:81:ac:84:d9:e5:fe:95:9e:50:37:45:5c:bc:
04:4a:c5:d7:8f:f4:09:04:19:dd:88:43:31:46:2c:
5b:26:78:19:c9:74:8e:21:63:43:3c:6b:0a:25:5c:
63:e4:51:2a:c1:01:7f:00:fc:01:6f:22:a8:d2:38:
99:15:20:7f:98:af:76:92:47:9d:32:41:43:3d:ac:
bf:d2:5b:ea:e2:a8:ab:e2:5b:c5:52:a7:46:0a:1a:
5d:5a:11:51:87:6f:b5:f3:01:8d:5a:92:3d:50:53:
92:22:63:9b:01:32:6a:96:bb:1a:1b:db:f3:30:75:
06:a6:0f:6c:43:d2:95:bf:57:f0:a2:fd:15:53:25:
d7:0c:4d:c8:59:55:f3:37:d8:5c:ad:c5:9f:95:e3:
ff:6b:bb:2f:ee:2b:35:03:13:40:2b:79:d7:60:3d:
74:ef:e8:5a:b7:41:24:5c:37:76:ab:7c:36:c1:77:
8e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:54:D3:4B:73:5F:0B:A0:E4:7D:82:8F:38:31:9E:99:74:0A:CF:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/708FC1CCC0EC11EF8F607067762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.77.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:04:12:b1:1e:74:0a:e3:b5:75:4d:6e:1a:68:1a:97:c3:4e:
65:ca:34:9c:9c:bd:8a:b8:93:25:54:87:3b:44:24:3b:07:5f:
9f:87:28:d8:53:38:50:7e:b3:23:c1:77:ee:50:51:a9:c6:de:
ee:31:96:0f:75:48:d4:5e:1e:4c:74:ba:cb:54:65:1d:55:8e:
09:31:60:c5:c0:18:7c:7c:d5:b4:fd:10:18:58:00:d8:23:21:
1d:f2:ff:a2:65:4c:d4:0d:b1:e4:44:b9:f8:ab:1a:b1:f0:f4:
47:8e:81:55:f6:cd:66:36:a0:67:3d:b3:a2:13:fe:e7:51:a8:
51:69:b7:ff:2d:d9:35:38:b6:cf:d4:1d:ed:1d:32:e3:fa:3f:
b9:f7:1f:85:b4:12:05:81:11:f6:91:7f:bb:25:63:3c:58:cb:
bc:68:6b:f7:e4:34:dd:a6:6c:d1:00:92:49:04:78:81:5d:03:
a7:c9:dc:82:a9:12:a5:e1:a1:ab:d8:c0:40:e1:c5:47:6d:4c:
fe:f4:5b:39:a1:5d:fc:a6:e9:0e:e1:bb:98:4d:da:a0:4e:05:
00:f6:73:6e:ca:26:3a:ab:4e:12:73:6d:af:d1:7d:83:54:8d:
8a:bc:92:bf:2e:8c:a7:ef:68:51:2d:4c:13:dc:fc:00:58:ef:
3e:af:72:54
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR8uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDUxMTU3WhcNMjUxMjEwMDUxMTU3WjAYMRYw
FAYDVQQDEw02NzY4ZjEyMC1mOTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuMwgbXD2UNqq8wJgc7R4DX/VecatONpE8D4n2PMlsD8CL9duo0nlqY/j
A0NiZzKs717eee4jC3ADq0GgQZwkOBRX6Nogf6GiqMpmt4GshNnl/pWeUDdFXLwE
SsXXj/QJBBndiEMxRixbJngZyXSOIWNDPGsKJVxj5FEqwQF/APwBbyKo0jiZFSB/
mK92kkedMkFDPay/0lvq4qir4lvFUqdGChpdWhFRh2+18wGNWpI9UFOSImObATJq
lrsaG9vzMHUGpg9sQ9KVv1fwov0VUyXXDE3IWVXzN9hcrcWfleP/a7sv7is1AxNA
K3nXYD107+hat0EkXDd2q3w2wXeONQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCZU
00tzXwug5H2Cjzgxnpl0Cs8NMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MDhGQzFDQ0MwRUMxMUVGOEY2MDcwNjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlpNMA0GCSqGSIb3DQEB
CwUAA4IBAQChBBKxHnQK47V1TW4aaBqXw05lyjScnL2KuJMlVIc7RCQ7B1+fhyjY
UzhQfrMjwXfuUFGpxt7uMZYPdUjUXh5MdLrLVGUdVY4JMWDFwBh8fNW0/RAYWADY
IyEd8v+iZUzUDbHkRLn4qxqx8PRHjoFV9s1mNqBnPbOiE/7nUahRabf/Ldk1OLbP
1B3tHTLj+j+59x+FtBIFgRH2kX+7JWM8WMu8aGv35DTdpmzRAJJJBHiBXQOnydyC
qRKl4aGr2MBA4cVHbUz+9Fs5oV38pukO4buYTdqgTgUA9nNuyiY6q04Sc22v0X2D
VI2KvJK/Loyn72hRLUwT3PwAWO8+r3JU
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:35:25 2025 by rpki-client