Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81D2F0E6CDE211EFA0924E53762E951A.roa
File: 81D2F0E6CDE211EFA0924E53762E951A.roa (raw, json)
Hash identifier: Ew0V0eiGTL1+SfW3nZFTO85wmpctVMBgVQAIOWrTFU0=
Subject key identifier: 40:7F:3F:36:D3:42:57:F9:46:79:01:EA:CD:EC:0E:D5:14:02:33:7C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0137CB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81D2F0E6CDE211EFA0924E53762E951A.roa
Signing time: Wed 08 Jan 2025 17:03:40 +0000
ROA not before: Wed 08 Jan 2025 17:03:36 +0000
ROA not after: Sat 03 Jan 2026 17:03:36 +0000
asID: 984
IP address blocks: 154.89.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79819 (0x137cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 17:03:36 2025 GMT
Not After : Jan 3 17:03:36 2026 GMT
Subject: CN=677eafeb-a0e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:22:94:92:b3:8d:d7:aa:41:6b:46:cb:7b:35:
a4:df:74:f7:23:2a:d1:b9:6c:42:3d:a7:d4:47:d2:
8b:8b:14:63:62:c5:1c:6e:0a:d8:94:c7:f7:ff:67:
0f:98:8a:f1:f8:1b:fa:d8:41:f3:23:c5:55:43:ae:
53:b3:9b:16:cd:4f:c4:37:cb:d0:7d:33:c6:a5:b0:
8d:aa:2c:ae:a6:28:78:ff:d5:75:4c:0a:2b:ee:c4:
61:3f:72:d0:79:c2:92:30:bf:1c:16:2d:54:a6:35:
aa:1c:1c:a1:0c:13:ca:e5:42:fc:33:e8:07:ac:9e:
e3:80:ba:d0:92:28:c0:e7:4e:8a:54:40:f1:f1:42:
87:0a:ac:7a:97:14:83:ff:7b:f0:7b:42:47:b4:28:
55:d4:83:2c:af:ce:56:f9:38:a9:f6:fc:f1:79:aa:
82:9e:b1:05:d6:36:8e:d6:8f:03:14:44:5e:fb:3b:
79:76:fd:5d:7f:18:de:57:4c:ec:f0:ea:8d:b0:ea:
df:e5:7c:18:a0:8c:88:25:22:b6:3e:57:29:3c:08:
80:90:ba:83:cc:e4:9e:7b:26:fa:33:91:b9:75:9a:
9b:84:9e:2b:99:5e:91:f7:4a:ce:5e:b3:4e:21:33:
84:90:ad:ba:db:16:c7:09:d4:67:2c:20:57:de:cb:
2f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7F:3F:36:D3:42:57:F9:46:79:01:EA:CD:EC:0E:D5:14:02:33:7C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81D2F0E6CDE211EFA0924E53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.180.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:a8:f5:b0:a9:d5:04:e4:a2:46:79:88:5a:af:d5:7b:9f:55:
13:3a:c8:2f:17:7d:87:9c:71:30:68:de:6d:cb:d4:ef:26:b0:
ad:67:72:27:6b:b8:22:f9:3c:1c:8d:50:48:5b:c6:e7:c4:f6:
30:28:6d:7a:bc:9f:eb:f2:94:e1:dc:58:37:79:21:39:af:25:
71:d6:28:ff:13:4b:c0:86:b4:d5:27:f0:7f:f0:0d:30:10:57:
1d:77:1d:8f:c9:aa:17:b5:ae:8a:0d:11:17:45:52:32:ef:37:
6f:ef:e4:a9:fc:e2:cd:82:10:23:b9:47:9d:50:e6:c7:71:f3:
43:51:73:60:35:7e:48:a4:10:35:84:d2:d4:d6:40:0a:73:14:
4a:e2:e0:52:31:05:f9:e1:f7:fb:79:ac:a6:c8:3b:90:1b:7d:
74:18:c9:58:ac:37:fa:4f:24:82:5a:0d:46:44:a0:4c:4d:b1:
7b:fe:22:c1:26:4b:d4:9b:c0:4c:ce:80:b3:ca:e2:3f:16:c2:
a1:2e:2d:60:26:44:2e:c1:8d:65:be:3e:17:35:cf:63:d8:98:
0b:5e:f0:fd:64:a7:5e:93:6d:0d:3b:8b:67:b5:ee:5c:dd:23:
0b:63:22:88:12:1e:ad:ab:fd:41:70:7f:e4:1f:44:65:e0:8b:
d7:d9:1f:a9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATfLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTcwMzM2WhcNMjYwMTAzMTcwMzM2WjAYMRYw
FAYDVQQDEw02NzdlYWZlYi1hMGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtSKUkrON16pBa0bLezWk33T3IyrRuWxCPafUR9KLixRjYsUcbgrYlMf3
/2cPmIrx+Bv62EHzI8VVQ65Ts5sWzU/EN8vQfTPGpbCNqiyupih4/9V1TAor7sRh
P3LQecKSML8cFi1UpjWqHByhDBPK5UL8M+gHrJ7jgLrQkijA506KVEDx8UKHCqx6
lxSD/3vwe0JHtChV1IMsr85W+Tip9vzxeaqCnrEF1jaO1o8DFERe+zt5dv1dfxje
V0zs8OqNsOrf5XwYoIyIJSK2PlcpPAiAkLqDzOSeeyb6M5G5dZqbhJ4rmV6R90rO
XrNOITOEkK262xbHCdRnLCBX3ssv2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEB/
PzbTQlf5RnkB6s3sDtUUAjN8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MUQyRjBFNkNERTIxMUVGQTA5MjRFNTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlm0MA0GCSqGSIb3DQEB
CwUAA4IBAQCrqPWwqdUE5KJGeYhar9V7n1UTOsgvF32HnHEwaN5ty9TvJrCtZ3In
a7gi+TwcjVBIW8bnxPYwKG16vJ/r8pTh3Fg3eSE5ryVx1ij/E0vAhrTVJ/B/8A0w
EFcddx2PyaoXta6KDREXRVIy7zdv7+Sp/OLNghAjuUedUObHcfNDUXNgNX5IpBA1
hNLU1kAKcxRK4uBSMQX54ff7eaymyDuQG310GMlYrDf6TySCWg1GRKBMTbF7/iLB
JkvUm8BMzoCzyuI/FsKhLi1gJkQuwY1lvj4XNc9j2JgLXvD9ZKdek20NO4tnte5c
3SMLYyKIEh6tq/1BcH/kH0Rl4IvX2R+p
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:19 2025 by rpki-client