Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/850DFFB8C19311EFAB860F73762E951A.roa
File: 850DFFB8C19311EFAB860F73762E951A.roa (raw, json)
Hash identifier: Ar/PqZCEmf+NOfTNEJYC2sxh0Zwi/Hzh3eOcTYCyelw=
Subject key identifier: 7A:66:C1:13:77:48:62:90:90:BC:A6:C3:CD:00:B2:2A:23:E6:1E:22
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01200D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/850DFFB8C19311EFAB860F73762E951A.roa
Signing time: Tue 24 Dec 2024 01:08:01 +0000
ROA not before: Tue 24 Dec 2024 01:07:57 +0000
ROA not after: Wed 10 Dec 2025 01:07:57 +0000
asID: 984
IP address blocks: 154.90.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73741 (0x1200d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 01:07:57 2024 GMT
Not After : Dec 10 01:07:57 2025 GMT
Subject: CN=676a0971-3e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d2:99:91:d7:bd:a2:0e:b5:10:83:52:02:23:
6d:da:ea:b1:e7:82:cb:8e:d0:08:2e:4d:4a:58:b3:
4f:de:ba:78:95:7b:4a:c0:14:1e:3d:6b:c7:2d:01:
bc:c7:d4:87:a9:fe:99:97:05:ba:3c:02:fe:c9:34:
07:0b:c2:cd:cf:82:e3:b2:a3:87:e9:d5:95:24:ca:
11:b4:fc:b0:da:62:72:af:fd:66:4c:26:08:af:d8:
7c:10:80:eb:ea:e1:46:09:c4:53:02:0c:2c:16:e1:
5e:06:1e:e9:5c:a0:fe:ed:26:6e:5d:21:ca:55:af:
9a:0d:c1:34:39:4e:38:33:27:09:29:d0:68:ce:ad:
15:11:61:07:64:f0:1f:e2:b4:f1:97:1f:e3:a7:21:
1a:3f:93:30:3a:10:49:ba:1e:e8:cb:64:91:60:73:
01:1e:14:01:e1:28:2e:a9:bb:46:12:8b:e7:bd:0b:
38:5b:ae:5c:09:a9:8a:f6:b0:b8:1d:58:34:70:23:
a8:6e:08:0c:54:7f:76:94:90:ef:5c:34:32:b3:e1:
c8:f2:fd:26:e2:04:d6:c8:0d:41:e9:59:f1:25:eb:
1b:cf:51:b6:fa:f4:5b:26:ab:87:6c:a6:da:08:c9:
7a:5c:91:ef:fd:ed:ca:2e:05:9b:24:09:54:88:16:
b5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:66:C1:13:77:48:62:90:90:BC:A6:C3:CD:00:B2:2A:23:E6:1E:22
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/850DFFB8C19311EFAB860F73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.157.0/24
Signature Algorithm: sha256WithRSAEncryption
34:c2:ac:b7:c3:67:9c:64:1c:f9:28:44:f6:dc:62:96:e3:24:
79:35:47:05:80:58:80:bd:c3:2e:d8:64:f6:fa:f5:0c:a7:7e:
d0:80:57:26:2d:e4:4f:5d:e7:92:6a:8e:31:d0:65:7b:bf:be:
9f:9c:48:52:48:1e:10:7b:66:06:40:2f:3c:c6:49:03:65:ef:
32:a9:68:bc:50:a0:c9:d2:5d:9b:04:47:ce:d0:4d:cf:b1:f5:
1a:44:0d:3d:66:06:f6:ce:49:38:45:33:b6:83:49:10:33:ed:
32:f1:f4:e9:24:b3:df:4b:90:35:d0:bd:20:32:5d:fe:fe:9f:
ac:bd:f9:9f:c2:11:5d:d5:85:3e:a9:47:ba:18:ca:fb:9e:bd:
7a:bd:d2:5b:87:65:5f:b1:1c:21:c8:cd:5b:3b:38:c9:57:b6:
06:37:7e:72:0d:c3:c5:2c:7d:68:ce:af:04:b1:ed:df:0e:7d:
85:32:8a:a8:0d:36:b5:1b:cf:16:cc:3c:c0:62:7a:0b:24:ec:
ea:e0:d7:23:dc:b1:f5:ec:2c:79:ad:c4:dd:16:86:b4:6a:03:
89:93:f9:d6:0a:14:1c:63:c3:8e:59:dd:26:84:47:bb:1e:40:
24:7d:4b:e0:d3:89:af:dd:a6:58:dd:83:17:13:e2:88:b5:cf:
14:64:24:d4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASANMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDEwNzU3WhcNMjUxMjEwMDEwNzU3WjAYMRYw
FAYDVQQDEw02NzZhMDk3MS0zZTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvNKZkde9og61EINSAiNt2uqx54LLjtAILk1KWLNP3rp4lXtKwBQePWvH
LQG8x9SHqf6ZlwW6PAL+yTQHC8LNz4LjsqOH6dWVJMoRtPyw2mJyr/1mTCYIr9h8
EIDr6uFGCcRTAgwsFuFeBh7pXKD+7SZuXSHKVa+aDcE0OU44MycJKdBozq0VEWEH
ZPAf4rTxlx/jpyEaP5MwOhBJuh7oy2SRYHMBHhQB4SguqbtGEovnvQs4W65cCamK
9rC4HVg0cCOobggMVH92lJDvXDQys+HI8v0m4gTWyA1B6VnxJesbz1G2+vRbJquH
bKbaCMl6XJHv/e3KLgWbJAlUiBa1YQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHpm
wRN3SGKQkLymw80Asioj5h4iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NTBERkZCOEMxOTMxMUVGQUI4NjBGNzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlqdMA0GCSqGSIb3DQEB
CwUAA4IBAQA0wqy3w2ecZBz5KET23GKW4yR5NUcFgFiAvcMu2GT2+vUMp37QgFcm
LeRPXeeSao4x0GV7v76fnEhSSB4Qe2YGQC88xkkDZe8yqWi8UKDJ0l2bBEfO0E3P
sfUaRA09Zgb2zkk4RTO2g0kQM+0y8fTpJLPfS5A10L0gMl3+/p+svfmfwhFd1YU+
qUe6GMr7nr16vdJbh2VfsRwhyM1bOzjJV7YGN35yDcPFLH1ozq8Ese3fDn2FMoqo
DTa1G88WzDzAYnoLJOzq4Ncj3LH17Cx5rcTdFoa0agOJk/nWChQcY8OOWd0mhEe7
HkAkfUvg04mv3aZY3YMXE+KItc8UZCTU
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:05:37 2025 by rpki-client