Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88639CC0C26C11EFA0890377762E951A.roa
File: 88639CC0C26C11EFA0890377762E951A.roa (raw, json)
Hash identifier: azK8i8n61NKXSgthMUjRPElw38/prxsrSzU0QQ2RoRk=
Subject key identifier: C6:B5:44:54:17:9A:8B:F7:AF:E6:94:A5:79:97:80:56:CA:26:ED:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012432
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88639CC0C26C11EFA0890377762E951A.roa
Signing time: Wed 25 Dec 2024 03:01:27 +0000
ROA not before: Wed 25 Dec 2024 03:01:24 +0000
ROA not after: Wed 10 Dec 2025 03:01:24 +0000
asID: 984
IP address blocks: 154.211.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74802 (0x12432)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 03:01:24 2024 GMT
Not After : Dec 10 03:01:24 2025 GMT
Subject: CN=676b7587-aa64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:98:04:96:ba:dc:49:67:24:45:5c:a7:76:42:
0f:65:ca:a6:96:9c:b1:e7:d2:86:69:53:8e:d1:42:
5f:b5:72:ac:97:61:b7:6d:d4:55:38:65:07:8e:ed:
bb:83:cc:eb:5f:4f:09:5c:44:d0:b6:f6:d7:0b:b0:
2b:c1:fc:0e:1e:79:bb:0a:57:6f:f2:aa:57:2e:cd:
9f:86:e0:11:19:f8:2d:ea:e7:e4:61:1b:9a:c4:17:
7a:94:db:34:32:94:71:61:30:9a:34:14:44:77:bd:
eb:1d:73:df:91:eb:e4:d2:63:85:99:5c:c6:9b:08:
79:78:95:bd:95:e6:5b:c1:43:da:84:bb:dc:32:53:
b1:8d:45:47:77:b6:dc:bf:4d:87:7e:fd:38:29:47:
a6:fb:fa:93:db:fb:d9:b4:8b:08:6e:67:65:a8:28:
3f:77:8d:e4:de:c6:e6:89:16:93:80:e7:27:b2:1c:
14:b1:cc:ab:fd:9a:8e:e2:23:c9:e9:4d:79:6b:4e:
ed:fc:5e:f2:fa:42:15:cf:aa:40:05:9e:6e:29:63:
47:05:e9:2c:fa:eb:ea:58:53:3d:aa:e2:16:19:bb:
4d:51:09:35:fb:18:15:86:03:a9:1e:4f:43:62:de:
e0:e1:4f:74:0c:22:ab:1b:a7:ef:ec:b1:59:c2:8e:
89:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B5:44:54:17:9A:8B:F7:AF:E6:94:A5:79:97:80:56:CA:26:ED:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88639CC0C26C11EFA0890377762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.165.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:5c:95:9d:4d:75:db:d6:6e:ac:b3:5a:cc:1e:0f:44:c9:2e:
e8:be:29:9a:1f:56:58:6e:75:1f:a1:a2:d2:03:a9:ca:fa:86:
bf:f0:e1:87:93:b2:c2:93:60:0d:77:d2:e6:12:40:50:44:2a:
f4:74:42:7e:f5:54:ec:84:2e:72:a8:c5:2e:26:78:f2:3b:54:
da:9f:63:0f:58:7b:5d:7b:81:18:5c:13:dc:43:57:ed:44:f7:
60:58:7a:3e:34:5f:7f:c0:0f:ea:5d:cc:db:c6:dc:6d:d2:6f:
94:5c:50:b1:5e:66:aa:69:72:c7:48:45:cf:5d:fe:43:22:83:
9e:3f:67:7a:0c:13:b0:7f:e0:24:72:14:d3:1b:c1:d1:31:d4:
61:8a:88:11:58:fd:90:08:99:24:68:ad:5f:59:74:88:e8:d9:
1f:87:50:b4:31:5a:4e:30:c7:d7:98:2d:d5:60:9e:6b:b4:41:
d9:73:ce:6a:bb:34:92:b0:1f:21:fb:4b:9b:a4:c5:42:ec:0e:
09:e3:a5:91:3f:e3:8c:f5:53:d8:68:26:bf:6f:11:7b:4f:6b:
2d:a7:d0:37:67:d9:30:30:cc:94:8d:e0:58:54:52:fe:75:32:
f1:45:b5:27:f5:c8:f6:c2:84:8a:a4:df:67:fe:78:d5:29:55:
1c:3b:e8:b2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASQyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDMwMTI0WhcNMjUxMjEwMDMwMTI0WjAYMRYw
FAYDVQQDEw02NzZiNzU4Ny1hYTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvpgElrrcSWckRVyndkIPZcqmlpyx59KGaVOO0UJftXKsl2G3bdRVOGUH
ju27g8zrX08JXETQtvbXC7ArwfwOHnm7Cldv8qpXLs2fhuARGfgt6ufkYRuaxBd6
lNs0MpRxYTCaNBREd73rHXPfkevk0mOFmVzGmwh5eJW9leZbwUPahLvcMlOxjUVH
d7bcv02Hfv04KUem+/qT2/vZtIsIbmdlqCg/d43k3sbmiRaTgOcnshwUscyr/ZqO
4iPJ6U15a07t/F7y+kIVz6pABZ5uKWNHBeks+uvqWFM9quIWGbtNUQk1+xgVhgOp
Hk9DYt7g4U90DCKrG6fv7LFZwo6JUwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMa1
RFQXmov3r+aUpXmXgFbKJu1yMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODYzOUNDMEMyNkMxMUVGQTA4OTAzNzc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtOlMA0GCSqGSIb3DQEB
CwUAA4IBAQC7XJWdTXXb1m6ss1rMHg9EyS7ovimaH1ZYbnUfoaLSA6nK+oa/8OGH
k7LCk2ANd9LmEkBQRCr0dEJ+9VTshC5yqMUuJnjyO1Tan2MPWHtde4EYXBPcQ1ft
RPdgWHo+NF9/wA/qXczbxtxt0m+UXFCxXmaqaXLHSEXPXf5DIoOeP2d6DBOwf+Ak
chTTG8HRMdRhiogRWP2QCJkkaK1fWXSI6Nkfh1C0MVpOMMfXmC3VYJ5rtEHZc85q
uzSSsB8h+0ubpMVC7A4J46WRP+OM9VPYaCa/bxF7T2stp9A3Z9kwMMyUjeBYVFL+
dTLxRbUn9cj2woSKpN9n/njVKVUcO+iy
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:51 2025 by rpki-client