Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87126A36C0CD11EF9E055A94762E951A.roa
File: 87126A36C0CD11EF9E055A94762E951A.roa (raw, json)
Hash identifier: VYei5tCP8CVtrM229pcnE+CgznH4LCg+LM7w9wgLjjU=
Subject key identifier: 98:1B:5F:C1:7F:7D:DC:2A:00:F2:0B:CD:51:D0:36:94:AE:00:A7:B6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E1A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87126A36C0CD11EF9E055A94762E951A.roa
Signing time: Mon 23 Dec 2024 01:30:44 +0000
ROA not before: Mon 23 Dec 2024 01:30:40 +0000
ROA not after: Wed 10 Dec 2025 01:30:40 +0000
asID: 984
IP address blocks: 154.83.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73242 (0x11e1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 01:30:40 2024 GMT
Not After : Dec 10 01:30:40 2025 GMT
Subject: CN=6768bd44-e998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:99:55:f3:f1:d7:6b:44:eb:e0:90:22:e7:bb:
55:a6:52:c0:a2:ed:52:a7:9d:c9:39:d6:18:b0:1d:
17:b3:05:c0:dd:db:08:43:3a:68:ed:ab:62:cf:9d:
e0:b5:07:4d:e1:41:b1:b9:64:69:50:24:7d:6f:05:
3d:de:4a:bf:ff:9c:89:c4:16:13:61:ca:59:05:45:
f9:2f:44:ef:f1:68:6b:84:a9:9a:e5:7f:f2:aa:9c:
c3:fd:df:62:9a:40:48:36:3d:4f:49:5b:6b:3a:80:
4f:4d:60:42:42:44:f1:38:3e:1f:88:ad:aa:c3:af:
9d:d7:32:6b:9a:06:6a:ca:af:dd:5e:f9:c0:e5:bb:
7e:4d:64:ce:a2:21:30:94:06:fb:09:74:47:a2:e5:
fa:3c:88:3c:a3:e3:e0:69:20:57:52:ea:e5:fd:c3:
a5:29:76:cb:a2:5d:a3:0b:3d:35:8b:ad:6d:aa:9f:
be:86:2c:b7:a6:cc:36:75:3f:49:df:b0:75:e5:51:
e0:6c:60:0a:88:8a:71:fb:fd:3f:a3:73:b8:06:20:
62:1f:d1:41:68:a0:0e:51:22:c8:52:42:56:53:a3:
d4:23:a4:b5:03:c7:ba:e0:08:39:46:20:f6:68:9f:
19:95:26:21:8c:cf:46:c3:98:76:66:ec:9d:cb:9d:
a9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1B:5F:C1:7F:7D:DC:2A:00:F2:0B:CD:51:D0:36:94:AE:00:A7:B6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87126A36C0CD11EF9E055A94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.64.0/24
Signature Algorithm: sha256WithRSAEncryption
23:46:1c:f6:89:6d:cb:9c:78:d6:6b:31:66:96:69:95:4c:c7:
83:a1:9a:3e:24:34:2a:ca:90:a4:2c:41:ef:83:58:da:71:59:
4a:04:85:c0:16:00:ca:ca:70:b2:40:f6:d4:d6:ec:fa:27:16:
2d:4a:d1:12:34:7a:cd:ce:6f:33:63:cf:01:cb:4e:2f:91:27:
42:01:6c:82:28:30:71:ce:8d:be:ef:c6:4a:4a:40:a9:db:85:
bd:47:5c:b7:2a:e6:1a:96:5f:e5:4a:a9:f6:c9:b5:0c:94:bb:
bf:d8:ac:44:d1:97:01:07:74:1f:1b:b8:d6:01:a7:17:a8:c8:
6b:96:a0:c4:49:0f:02:55:3b:09:b8:d9:9e:a7:16:30:6e:43:
0e:29:0f:54:43:ed:c5:19:04:b4:ea:ad:68:1e:22:7e:f5:6f:
17:14:5a:a3:da:f6:46:61:fb:51:43:aa:fa:4e:6d:cb:6c:ac:
39:68:70:55:83:ec:f1:9d:2b:57:b5:c8:e2:28:ff:f3:23:f2:
34:93:f9:d5:26:ca:b0:f4:1c:47:3f:55:fb:47:79:d6:13:61:
40:72:2f:1e:4e:08:b4:d4:76:a9:a3:d8:2c:ce:ec:92:04:98:
65:5a:08:8d:f7:1a:fa:ab:24:d7:7c:d4:0c:2b:a8:e0:6a:3a:
57:9d:8b:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR4aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDEzMDQwWhcNMjUxMjEwMDEzMDQwWjAYMRYw
FAYDVQQDEw02NzY4YmQ0NC1lOTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqplV8/HXa0Tr4JAi57tVplLAou1Sp53JOdYYsB0XswXA3dsIQzpo7ati
z53gtQdN4UGxuWRpUCR9bwU93kq//5yJxBYTYcpZBUX5L0Tv8WhrhKma5X/yqpzD
/d9imkBINj1PSVtrOoBPTWBCQkTxOD4fiK2qw6+d1zJrmgZqyq/dXvnA5bt+TWTO
oiEwlAb7CXRHouX6PIg8o+PgaSBXUurl/cOlKXbLol2jCz01i61tqp++hiy3psw2
dT9J37B15VHgbGAKiIpx+/0/o3O4BiBiH9FBaKAOUSLIUkJWU6PUI6S1A8e64Ag5
RiD2aJ8ZlSYhjM9Gw5h2Zuydy52pnQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJgb
X8F/fdwqAPILzVHQNpSuAKe2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NzEyNkEzNkMwQ0QxMUVGOUUwNTVBOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlNAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjRhz2iW3LnHjWazFmlmmVTMeDoZo+JDQqypCkLEHvg1jacVlKBIXA
FgDKynCyQPbU1uz6JxYtStESNHrNzm8zY88By04vkSdCAWyCKDBxzo2+78ZKSkCp
24W9R1y3KuYall/lSqn2ybUMlLu/2KxE0ZcBB3QfG7jWAacXqMhrlqDESQ8CVTsJ
uNmepxYwbkMOKQ9UQ+3FGQS06q1oHiJ+9W8XFFqj2vZGYftRQ6r6Tm3LbKw5aHBV
g+zxnStXtcjiKP/zI/I0k/nVJsqw9BxHP1X7R3nWE2FAci8eTgi01Hapo9gszuyS
BJhlWgiN9xr6qyTXfNQMK6jgajpXnYsj
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:20 2025 by rpki-client