Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79A0F352CDDB11EFA73081A6762E951A.roa
File: 79A0F352CDDB11EFA73081A6762E951A.roa (raw, json)
Hash identifier: 3DlTYdkPxPdK6TTSehwgxJ7dlOEcq4Leg/X8BKWLhHs=
Subject key identifier: AE:60:3B:0A:C5:6C:5E:E7:73:01:7A:B4:31:42:22:4E:9F:E9:29:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013795
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79A0F352CDDB11EFA73081A6762E951A.roa
Signing time: Wed 08 Jan 2025 16:13:19 +0000
ROA not before: Wed 08 Jan 2025 16:13:16 +0000
ROA not after: Sat 03 Jan 2026 16:13:16 +0000
asID: 984
IP address blocks: 154.89.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79765 (0x13795)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 16:13:16 2025 GMT
Not After : Jan 3 16:13:16 2026 GMT
Subject: CN=677ea41f-df58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:4d:d9:60:0b:ca:6e:34:3c:d1:54:6d:eb:89:
05:c5:35:16:8b:d1:74:c3:11:ad:20:6b:cd:b1:b8:
8d:51:4f:f7:50:74:bb:16:2b:5b:e4:ee:69:4e:6a:
11:3e:fc:80:3c:61:26:bc:6f:b8:f5:34:b5:05:01:
0a:22:0c:3b:4a:81:34:a1:b8:83:ff:bf:9b:00:13:
aa:36:02:ba:ce:8c:d1:e7:9c:07:c1:a8:6e:ca:a3:
57:9f:9c:87:0a:74:d1:e3:41:b8:aa:ff:2e:d4:06:
90:55:cc:11:5d:08:66:37:19:b3:1a:56:ce:30:2a:
b5:55:f9:39:51:c7:15:70:a9:a5:fb:63:72:90:ff:
0a:1f:d3:bb:8a:85:43:3b:8e:e4:1f:82:f1:7b:c9:
10:62:3b:e1:10:47:f2:a4:d2:01:63:a9:a3:ec:cd:
a3:8d:ec:10:9a:e9:e3:36:84:75:46:02:9d:c6:0c:
79:77:db:fa:b2:e0:cb:7f:98:b8:3b:b9:31:10:20:
23:bc:85:7a:26:b0:7d:40:e5:de:b2:c9:1a:05:a0:
fa:eb:53:0f:9d:b7:f3:ce:d3:dc:4d:f1:bf:c3:10:
6e:d3:96:b5:cd:9a:6f:af:bb:95:a0:5e:b1:51:17:
e3:36:62:5c:f9:bd:9d:cd:7f:57:17:f2:fa:eb:ad:
49:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:60:3B:0A:C5:6C:5E:E7:73:01:7A:B4:31:42:22:4E:9F:E9:29:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79A0F352CDDB11EFA73081A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.153.0/24
Signature Algorithm: sha256WithRSAEncryption
63:ed:4d:f6:e8:51:c3:eb:88:7a:4d:b6:ef:8b:fe:01:b6:dc:
6a:07:73:fd:87:90:8a:aa:6c:86:40:1c:69:b7:c7:63:59:2e:
01:26:f7:80:91:1e:75:92:29:e7:5c:c7:18:54:03:cb:04:b6:
b4:6b:c6:d6:e4:e7:46:df:6a:96:3b:7f:65:62:94:23:4c:ac:
3f:55:3b:2a:0d:9d:b1:82:b3:ad:92:0a:eb:cd:57:43:aa:cf:
d4:c7:be:92:80:5e:df:cb:39:96:75:00:ce:cb:1e:39:82:c3:
4c:2d:26:82:cb:fa:9f:88:06:62:bb:cd:c3:58:c9:a3:22:a5:
55:b8:ff:7e:c3:cc:6d:79:9d:eb:bd:22:d1:37:b1:48:f1:8f:
12:69:5e:e8:24:5f:77:dc:1f:d9:75:b1:c3:d0:33:7e:ff:1d:
29:3a:c4:c6:57:f1:c5:e2:18:df:e4:ac:71:9f:05:a3:7b:8f:
0d:09:cc:af:b1:a8:b8:3d:ba:88:39:a3:c3:58:0f:e1:49:2d:
f8:d1:b8:67:09:29:d1:b3:e8:73:07:49:37:35:01:ea:b1:5d:
8c:ba:5d:48:41:65:29:98:45:78:fa:84:76:47:47:a3:de:bf:
4f:8d:f3:07:05:5c:0b:53:2d:cb:a7:f5:aa:05:02:09:ce:fa:
bc:20:41:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATeVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTYxMzE2WhcNMjYwMTAzMTYxMzE2WjAYMRYw
FAYDVQQDEw02NzdlYTQxZi1kZjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA503ZYAvKbjQ80VRt64kFxTUWi9F0wxGtIGvNsbiNUU/3UHS7Fitb5O5p
TmoRPvyAPGEmvG+49TS1BQEKIgw7SoE0obiD/7+bABOqNgK6zozR55wHwahuyqNX
n5yHCnTR40G4qv8u1AaQVcwRXQhmNxmzGlbOMCq1Vfk5UccVcKml+2NykP8KH9O7
ioVDO47kH4Lxe8kQYjvhEEfypNIBY6mj7M2jjewQmunjNoR1RgKdxgx5d9v6suDL
f5i4O7kxECAjvIV6JrB9QOXesskaBaD661MPnbfzztPcTfG/wxBu05a1zZpvr7uV
oF6xURfjNmJc+b2dzX9XF/L6661JSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK5g
OwrFbF7ncwF6tDFCIk6f6SnYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83OUEwRjM1MkNEREIxMUVGQTczMDgxQTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmZMA0GCSqGSIb3DQEB
CwUAA4IBAQBj7U326FHD64h6Tbbvi/4BttxqB3P9h5CKqmyGQBxpt8djWS4BJveA
kR51kinnXMcYVAPLBLa0a8bW5OdG32qWO39lYpQjTKw/VTsqDZ2xgrOtkgrrzVdD
qs/Ux76SgF7fyzmWdQDOyx45gsNMLSaCy/qfiAZiu83DWMmjIqVVuP9+w8xteZ3r
vSLRN7FI8Y8SaV7oJF933B/ZdbHD0DN+/x0pOsTGV/HF4hjf5KxxnwWje48NCcyv
sai4PbqIOaPDWA/hSS340bhnCSnRs+hzB0k3NQHqsV2Mul1IQWUpmEV4+oR2R0ej
3r9PjfMHBVwLUy3Lp/WqBQIJzvq8IEEa
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:56 2025 by rpki-client