Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/850D6CF8C3DF11EF9A02579E762E951A.roa
File: 850D6CF8C3DF11EF9A02579E762E951A.roa (raw, json)
Hash identifier: dxKD7DFK4CPo/uUcrHPmOQK6kzxHTwW7w0f3U8ptb50=
Subject key identifier: B8:4E:38:35:E1:91:E8:1B:39:06:5C:C6:B9:FB:6C:F4:99:CF:45:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0128D2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/850D6CF8C3DF11EF9A02579E762E951A.roa
Signing time: Thu 26 Dec 2024 23:17:05 +0000
ROA not before: Thu 26 Dec 2024 23:17:01 +0000
ROA not after: Fri 12 Dec 2025 23:17:01 +0000
asID: 984
IP address blocks: 154.86.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75986 (0x128d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 23:17:01 2024 GMT
Not After : Dec 12 23:17:01 2025 GMT
Subject: CN=676de3f1-49e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:21:c4:e3:a2:f7:92:a2:40:b2:ea:c3:53:0b:
24:d4:cd:f0:c7:02:01:bb:d5:2e:ca:88:3c:08:47:
1a:7e:7d:87:9d:e6:bd:60:1a:16:46:95:74:af:24:
db:54:5f:13:36:d4:3c:b5:a7:5a:d1:8c:85:ab:3d:
56:d8:d8:ca:9e:44:3b:3f:f0:bb:61:af:8f:59:37:
ce:21:3b:f5:97:5d:0d:16:83:37:e4:9a:3f:bd:60:
ed:52:21:10:21:9c:37:21:e3:61:1f:ef:ee:bb:b3:
77:1e:c5:99:71:9b:e0:ed:c3:10:9c:ec:3d:f7:ed:
a4:d5:d7:48:bf:a2:bf:bc:2e:f9:ad:9d:c2:bc:06:
2e:d8:ea:b9:ea:a2:80:79:3b:7e:28:90:7f:f1:f1:
49:79:38:75:ef:11:63:e3:df:83:7a:f3:1b:d5:83:
b1:3f:d6:39:f1:47:78:ff:27:59:63:8b:86:c7:0f:
a5:1e:06:f4:42:8b:17:e5:08:d2:83:b6:86:6e:ee:
ec:8f:40:ef:ad:cf:ef:15:41:b5:15:d6:09:b0:3a:
0f:8b:61:a1:73:1b:77:ba:d3:f4:77:28:9d:f2:93:
48:b6:13:1a:c2:a1:8f:09:20:2d:7f:16:29:96:0e:
ec:97:17:a8:55:20:12:e3:82:17:cf:bb:29:39:b7:
a0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4E:38:35:E1:91:E8:1B:39:06:5C:C6:B9:FB:6C:F4:99:CF:45:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/850D6CF8C3DF11EF9A02579E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.123.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:1d:43:16:46:8e:12:d3:f5:5f:68:3f:9e:77:e9:6b:59:8a:
82:9d:04:98:f2:a9:c1:ae:56:89:84:be:32:78:95:56:f4:5d:
ae:dc:8b:19:06:e0:d7:31:27:5a:50:46:a6:13:15:7c:d4:36:
97:37:f2:08:1a:6b:9a:b7:44:b8:f7:d7:fc:46:2e:07:39:88:
b3:34:a9:b4:53:ac:18:a5:6a:92:15:b5:09:5d:b3:b2:0e:d6:
88:06:fe:0e:03:98:b9:ae:7b:ff:c9:a9:1a:81:f2:6d:65:ec:
88:77:79:12:aa:2b:16:39:b5:34:2b:af:56:bb:fb:ad:23:cb:
47:12:b6:87:62:81:68:56:23:c5:9a:6b:84:97:c6:91:8e:22:
33:ee:a3:f6:23:a3:36:4a:bd:78:ce:f2:44:4c:2c:c6:c5:d2:
82:e7:aa:4e:d4:63:69:5d:08:fc:28:99:0d:a4:5c:05:28:99:
92:1e:d0:d7:eb:10:3d:ea:58:3f:78:5f:e3:08:85:34:71:5a:
40:c2:df:a6:45:ec:c1:c8:ba:65:6d:19:64:40:b8:6f:bf:4f:
ad:79:1a:77:c1:b6:38:ce:27:af:93:68:69:5b:bb:72:b0:a0:
fd:a0:27:e6:1a:6c:70:72:d0:59:02:ed:a5:c2:9d:0f:4d:ba:
7b:f8:d9:81
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASjSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjMxNzAxWhcNMjUxMjEyMjMxNzAxWjAYMRYw
FAYDVQQDEw02NzZkZTNmMS00OWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4yHE46L3kqJAsurDUwsk1M3wxwIBu9Uuyog8CEcafn2Hnea9YBoWRpV0
ryTbVF8TNtQ8tada0YyFqz1W2NjKnkQ7P/C7Ya+PWTfOITv1l10NFoM35Jo/vWDt
UiEQIZw3IeNhH+/uu7N3HsWZcZvg7cMQnOw99+2k1ddIv6K/vC75rZ3CvAYu2Oq5
6qKAeTt+KJB/8fFJeTh17xFj49+DevMb1YOxP9Y58Ud4/ydZY4uGxw+lHgb0QosX
5QjSg7aGbu7sj0Dvrc/vFUG1FdYJsDoPi2Ghcxt3utP0dyid8pNIthMawqGPCSAt
fxYplg7slxeoVSAS44IXz7spObegewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLhO
ODXhkegbOQZcxrn7bPSZz0VXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NTBENkNGOEMzREYxMUVGOUEwMjU3OUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZ7MA0GCSqGSIb3DQEB
CwUAA4IBAQA+HUMWRo4S0/VfaD+ed+lrWYqCnQSY8qnBrlaJhL4yeJVW9F2u3IsZ
BuDXMSdaUEamExV81DaXN/IIGmuat0S499f8Ri4HOYizNKm0U6wYpWqSFbUJXbOy
DtaIBv4OA5i5rnv/yakagfJtZeyId3kSqisWObU0K69Wu/utI8tHEraHYoFoViPF
mmuEl8aRjiIz7qP2I6M2Sr14zvJETCzGxdKC56pO1GNpXQj8KJkNpFwFKJmSHtDX
6xA96lg/eF/jCIU0cVpAwt+mRezByLplbRlkQLhvv0+teRp3wbY4zievk2hpW7ty
sKD9oCfmGmxwctBZAu2lwp0PTbp7+NmB
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:20:52 2025 by rpki-client