Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84B2D438C19A11EFA54665A5762E951A.roa
File: 84B2D438C19A11EFA54665A5762E951A.roa (raw, json)
Hash identifier: 4iaEzTrJaXfiivoDTeUI7/CnR0/SUnq7PcRC43N/bS8=
Subject key identifier: BF:30:DF:B5:0A:5E:4A:5A:FB:51:B2:3D:A1:F7:D3:3A:2B:8E:56:93
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012063
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84B2D438C19A11EFA54665A5762E951A.roa
Signing time: Tue 24 Dec 2024 01:58:07 +0000
ROA not before: Tue 24 Dec 2024 01:58:03 +0000
ROA not after: Wed 10 Dec 2025 01:58:03 +0000
asID: 984
IP address blocks: 154.90.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73827 (0x12063)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 01:58:03 2024 GMT
Not After : Dec 10 01:58:03 2025 GMT
Subject: CN=676a152f-f9bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ac:9c:58:7a:5d:73:d1:c6:ab:f4:7a:6c:b0:
d9:63:a9:38:27:08:66:3b:db:45:9a:c6:93:3e:fd:
1c:02:03:d7:05:80:fa:a2:74:8b:29:cc:18:7f:23:
4e:b6:fd:27:13:62:2c:02:fa:e4:7a:4d:e9:24:f0:
ca:33:58:f0:b9:9a:2b:80:6c:23:b6:b2:16:a2:7f:
9d:5d:e5:bb:33:74:db:a4:68:c6:15:3e:17:9c:bf:
11:95:6b:bc:f2:44:13:9c:09:57:30:56:c7:b8:ab:
12:b1:4f:11:5e:6f:2a:56:b5:04:2f:d0:16:94:a4:
ac:15:17:cd:55:31:8d:13:65:a1:de:c3:86:03:cd:
2e:09:25:59:f7:31:a1:9b:78:62:d6:07:f2:05:6d:
ee:2d:f3:ac:0b:7b:db:7c:10:81:f3:fa:81:21:d8:
56:a9:ed:1b:c6:82:3b:13:25:c5:e2:87:98:ff:a7:
11:b1:b2:44:c7:2d:0b:a3:eb:c3:9e:e1:2c:b5:cd:
3a:4b:50:0f:ab:2d:1f:45:ba:b2:71:33:00:3c:83:
70:a7:a9:24:0c:01:fc:4d:43:1b:f2:65:ef:eb:05:
c1:ef:b0:37:9e:3d:10:4d:ce:5e:0d:cc:e2:60:d2:
de:6f:0e:89:e3:df:ce:05:7b:10:9c:59:df:46:78:
97:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:30:DF:B5:0A:5E:4A:5A:FB:51:B2:3D:A1:F7:D3:3A:2B:8E:56:93
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84B2D438C19A11EFA54665A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.205.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:2f:4a:e6:42:50:ae:aa:95:eb:be:e3:62:b8:ec:2f:19:e4:
51:a5:5a:fb:4a:a9:33:ae:d1:38:b4:10:da:12:26:03:ad:9e:
18:c8:bb:f9:7f:68:53:61:50:5d:b8:02:0d:12:a9:89:13:70:
09:cf:6b:40:93:a6:32:80:a3:56:b4:91:a7:41:08:74:64:3d:
c8:60:0d:d6:18:db:11:2e:6e:ce:56:a4:ba:ef:64:5d:51:7f:
04:3c:44:67:07:24:eb:64:2d:83:b3:27:1b:05:40:01:7c:98:
eb:58:fd:10:a5:9d:24:88:b0:b0:b0:be:e2:84:0d:b0:e2:69:
5c:01:6f:d4:05:6b:66:15:3c:b5:84:13:d7:5a:06:ca:1c:fd:
e7:7f:bd:7c:61:05:5d:eb:9d:69:0f:e4:53:ac:22:a9:2c:67:
ee:b0:ce:6b:0c:19:d8:76:e2:f9:7e:3f:e6:70:fb:3e:59:5b:
0e:0e:4f:70:76:f4:af:8a:71:9d:d2:9f:53:60:0a:e0:90:f1:
63:76:da:16:e3:53:7e:4b:97:5f:24:9d:f9:9d:1d:43:d7:99:
7d:37:2e:91:ff:5a:7d:26:1a:80:64:d8:2a:4d:18:c1:07:7f:
e7:eb:55:5c:04:6a:59:89:85:63:a7:05:69:09:ba:38:5f:03:
53:b5:19:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASBjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDE1ODAzWhcNMjUxMjEwMDE1ODAzWjAYMRYw
FAYDVQQDEw02NzZhMTUyZi1mOWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxaycWHpdc9HGq/R6bLDZY6k4JwhmO9tFmsaTPv0cAgPXBYD6onSLKcwY
fyNOtv0nE2IsAvrkek3pJPDKM1jwuZorgGwjtrIWon+dXeW7M3TbpGjGFT4XnL8R
lWu88kQTnAlXMFbHuKsSsU8RXm8qVrUEL9AWlKSsFRfNVTGNE2Wh3sOGA80uCSVZ
9zGhm3hi1gfyBW3uLfOsC3vbfBCB8/qBIdhWqe0bxoI7EyXF4oeY/6cRsbJExy0L
o+vDnuEstc06S1APqy0fRbqycTMAPINwp6kkDAH8TUMb8mXv6wXB77A3nj0QTc5e
DcziYNLebw6J49/OBXsQnFnfRniX9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL8w
37UKXkpa+1GyPaH30zorjlaTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NEIyRDQzOEMxOUExMUVGQTU0NjY1QTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlrNMA0GCSqGSIb3DQEB
CwUAA4IBAQAeL0rmQlCuqpXrvuNiuOwvGeRRpVr7SqkzrtE4tBDaEiYDrZ4YyLv5
f2hTYVBduAINEqmJE3AJz2tAk6YygKNWtJGnQQh0ZD3IYA3WGNsRLm7OVqS672Rd
UX8EPERnByTrZC2DsycbBUABfJjrWP0QpZ0kiLCwsL7ihA2w4mlcAW/UBWtmFTy1
hBPXWgbKHP3nf718YQVd651pD+RTrCKpLGfusM5rDBnYduL5fj/mcPs+WVsODk9w
dvSvinGd0p9TYArgkPFjdtoW41N+S5dfJJ35nR1D15l9Ny6R/1p9JhqAZNgqTRjB
B3/n61VcBGpZiYVjpwVpCbo4XwNTtRku
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:30:40 2025 by rpki-client