Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84B3C906C1D111EF8D43A58B762E951A.roa
File: 84B3C906C1D111EF8D43A58B762E951A.roa (raw, json)
Hash identifier: d+fJI+25WN/m8DsIQbFCCuFSSzvJ6aatpinogSDHGtQ=
Subject key identifier: 5B:38:BF:B6:7C:53:5F:12:4C:06:4A:03:76:02:5B:8E:BA:22:DF:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0122A7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84B3C906C1D111EF8D43A58B762E951A.roa
Signing time: Tue 24 Dec 2024 08:31:49 +0000
ROA not before: Tue 24 Dec 2024 08:31:45 +0000
ROA not after: Wed 10 Dec 2025 08:31:45 +0000
asID: 984
IP address blocks: 154.193.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74407 (0x122a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 08:31:45 2024 GMT
Not After : Dec 10 08:31:45 2025 GMT
Subject: CN=676a7175-a95b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7b:50:98:97:ec:26:b5:52:f2:c6:b3:47:42:
4c:ba:0e:24:64:be:69:a3:02:7a:f4:b1:18:57:3c:
26:74:c7:52:f0:28:5f:b1:9b:4a:ba:a9:ae:54:4f:
ea:b3:46:85:05:94:c5:60:9d:35:12:1f:c5:02:44:
b2:32:e0:ec:3c:70:b8:6b:92:a0:3e:6c:eb:7f:c4:
dd:70:22:b8:f2:77:6f:6e:4c:e7:b9:54:c8:78:5e:
1e:59:df:e5:68:48:07:c7:d3:98:b9:00:c9:b9:7b:
b9:29:7a:9b:32:a1:dd:88:e7:ea:aa:07:68:8d:8a:
b6:be:90:d5:97:93:88:f4:e0:bc:ec:6a:62:42:cb:
10:7a:8e:4f:4f:5e:bb:ae:8c:18:f3:d6:01:98:93:
3d:76:08:86:f0:05:0b:3c:02:be:6f:02:37:54:e4:
15:ac:83:c8:47:0b:47:f0:93:c6:db:7d:4d:8d:8a:
e5:75:a0:85:ee:15:80:6f:fe:89:25:05:9d:ef:31:
8e:6a:f3:50:70:cb:90:6c:47:2d:9b:d0:85:15:87:
d6:db:dc:a6:f1:60:2f:73:af:c6:82:05:b3:0c:11:
fa:d4:09:6d:7f:ac:f9:7a:23:df:ae:c5:c4:d2:eb:
f3:6b:e5:92:ae:16:8a:58:a4:0c:98:c9:68:a2:1d:
ef:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:38:BF:B6:7C:53:5F:12:4C:06:4A:03:76:02:5B:8E:BA:22:DF:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84B3C906C1D111EF8D43A58B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.243.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:ba:54:23:ae:9a:c5:09:d2:27:2a:78:c9:84:8a:69:56:a8:
ef:5c:96:9e:7c:e5:99:79:6b:22:0e:f4:fc:47:13:36:c9:91:
19:91:08:c2:52:5f:f4:fd:e3:40:71:67:46:e7:54:b6:ce:20:
c4:f2:06:12:b8:60:71:0e:68:11:c4:51:9f:06:96:8a:fb:96:
a3:4a:7c:1c:cf:97:06:bd:7d:29:d5:6a:73:5f:b9:a7:98:bc:
69:47:3c:82:9d:6d:c4:38:1e:95:b7:2a:13:0b:14:33:1b:79:
30:fc:44:dd:bf:ab:a2:61:ba:be:c0:31:3a:01:5a:ca:2c:a9:
f8:0f:20:99:c2:95:0a:35:63:9f:cb:43:38:bd:6a:01:77:1a:
77:71:3e:37:aa:53:4c:f1:e3:59:f8:a1:a5:1a:26:82:d5:80:
6b:54:c8:51:70:a9:75:a1:e3:3f:89:5c:20:73:5e:df:49:be:
f2:a4:d8:7d:44:e8:e4:00:e9:6c:9e:02:a4:a7:cc:ec:44:26:
76:3e:be:7f:1e:8b:76:1e:73:66:97:b6:68:9b:eb:06:37:82:
08:6a:45:86:dd:9b:0f:da:8e:86:13:06:53:e9:b7:09:c4:c7:
8b:63:21:ed:77:d2:6a:d3:4a:51:02:d0:6a:b7:23:2d:76:da:
72:b3:c0:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASKnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDgzMTQ1WhcNMjUxMjEwMDgzMTQ1WjAYMRYw
FAYDVQQDEw02NzZhNzE3NS1hOTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApntQmJfsJrVS8sazR0JMug4kZL5powJ69LEYVzwmdMdS8ChfsZtKuqmu
VE/qs0aFBZTFYJ01Eh/FAkSyMuDsPHC4a5KgPmzrf8TdcCK48ndvbkznuVTIeF4e
Wd/laEgHx9OYuQDJuXu5KXqbMqHdiOfqqgdojYq2vpDVl5OI9OC87GpiQssQeo5P
T167rowY89YBmJM9dgiG8AULPAK+bwI3VOQVrIPIRwtH8JPG231NjYrldaCF7hWA
b/6JJQWd7zGOavNQcMuQbEctm9CFFYfW29ym8WAvc6/GggWzDBH61Altf6z5eiPf
rsXE0uvza+WSrhaKWKQMmMlooh3vKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFs4
v7Z8U18STAZKA3YCW466It+VMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NEIzQzkwNkMxRDExMUVGOEQ0M0E1OEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsHzMA0GCSqGSIb3DQEB
CwUAA4IBAQCiulQjrprFCdInKnjJhIppVqjvXJaefOWZeWsiDvT8RxM2yZEZkQjC
Ul/0/eNAcWdG51S2ziDE8gYSuGBxDmgRxFGfBpaK+5ajSnwcz5cGvX0p1WpzX7mn
mLxpRzyCnW3EOB6VtyoTCxQzG3kw/ETdv6uiYbq+wDE6AVrKLKn4DyCZwpUKNWOf
y0M4vWoBdxp3cT43qlNM8eNZ+KGlGiaC1YBrVMhRcKl1oeM/iVwgc17fSb7ypNh9
ROjkAOlsngKkp8zsRCZ2Pr5/Hot2HnNml7Zom+sGN4IIakWG3ZsP2o6GEwZT6bcJ
xMeLYyHtd9Jq00pRAtBqtyMtdtpys8BB
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:16:33 2025 by rpki-client