Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89F297BCC81611EF88C5E365762E951A.roa
File: 89F297BCC81611EF88C5E365762E951A.roa (raw, json)
Hash identifier: 9NBFKd6ZQv6wqHXrx5HY9SR5LGb76WoOFomZ1vkdt3M=
Subject key identifier: ED:B0:5F:5C:9D:89:EA:32:5E:AD:D0:57:40:7C:39:F2:F8:3D:B5:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013110
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89F297BCC81611EF88C5E365762E951A.roa
Signing time: Wed 01 Jan 2025 08:01:00 +0000
ROA not before: Wed 01 Jan 2025 08:00:56 +0000
ROA not after: Tue 11 Mar 2025 08:00:56 +0000
asID: 25818
IP address blocks: 154.91.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 11:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78096 (0x13110)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 1 08:00:56 2025 GMT
Not After : Mar 11 08:00:56 2025 GMT
Subject: CN=6774f63c-6489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:68:f4:5d:a9:c0:4e:f1:29:93:13:83:d1:e7:
31:ab:93:01:6d:03:d9:cb:7d:c5:ee:49:5d:71:06:
3d:73:99:6e:51:8e:76:b5:39:c7:1d:cb:71:74:fe:
a9:04:99:3d:31:cc:9d:f2:af:6d:d0:4e:06:53:cd:
94:1d:cd:57:76:bd:e9:76:3b:bf:ca:4d:59:43:4b:
c2:7e:71:95:60:b3:b1:3e:0c:57:9d:e5:18:7d:4c:
87:49:fb:8a:8a:7e:06:08:1c:70:7f:79:17:48:4f:
cc:7c:6b:75:2e:84:e8:7e:f6:f5:0c:56:5b:41:17:
f3:ac:5f:d9:28:a5:e7:5c:00:88:52:71:98:96:77:
39:0f:a5:44:82:64:bc:4f:64:6e:fe:aa:a4:0f:1b:
eb:e8:fc:66:1b:eb:32:87:34:05:fe:84:b8:eb:01:
de:86:81:4a:03:50:bd:0e:59:bf:7f:90:c9:eb:fd:
2d:96:21:7e:f6:8e:aa:ff:72:c8:5b:07:50:8c:d8:
35:e5:5e:be:b6:83:d5:3c:08:58:f4:87:ca:ec:cb:
34:b5:f2:91:07:69:98:b1:f9:f6:01:44:7b:d9:3c:
5b:7c:37:2d:f8:de:b8:34:09:4b:ce:dd:e9:99:66:
24:6a:b7:ac:e7:cd:4b:f2:e7:68:84:c3:c5:1e:96:
f1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B0:5F:5C:9D:89:EA:32:5E:AD:D0:57:40:7C:39:F2:F8:3D:B5:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89F297BCC81611EF88C5E365762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.208.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:be:25:76:d8:dd:c1:a5:8e:fe:5d:ff:c5:1b:30:68:04:c4:
e9:cd:4d:89:4a:fd:a6:32:f3:a6:4b:34:b1:87:49:c2:b1:40:
7a:96:88:f9:50:d3:bd:7d:99:7e:f7:20:ff:e8:83:12:0e:e6:
c2:71:3f:fa:67:77:ea:57:6d:31:c5:85:21:4d:57:d0:94:8d:
b3:d1:6a:ce:55:f0:83:b5:e3:06:e1:03:db:eb:a0:bb:16:60:
0a:3f:6a:d0:05:9c:b8:e5:f6:e3:52:6a:b5:84:8e:cf:61:0f:
a6:df:5e:b1:ec:05:a9:b8:3b:44:1f:1c:00:1e:7c:dd:d0:27:
2d:fd:91:94:8d:17:0b:92:0e:48:3c:07:66:24:87:c1:eb:ba:
40:37:75:95:81:06:11:29:ed:f0:3c:e1:fb:32:fa:44:0f:1c:
5d:73:64:07:7d:c7:c2:cf:8b:d7:50:b2:01:99:d4:f3:14:d0:
13:63:28:a8:bd:b6:08:7d:40:f2:15:5d:f2:31:a6:05:cc:3c:
3d:96:a0:66:37:25:3e:f9:c2:9b:de:ce:d2:cc:be:d5:13:75:
57:57:76:d1:3a:c3:85:5f:e5:ab:5f:b5:8b:8e:21:23:95:cf:
6e:db:5f:7a:15:c3:d5:ad:37:ba:12:f7:2e:82:94:74:11:25:
3d:9a:f6:ae
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATEQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAxMDgwMDU2WhcNMjUwMzExMDgwMDU2WjAYMRYw
FAYDVQQDEw02Nzc0ZjYzYy02NDg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv2j0XanATvEpkxOD0ecxq5MBbQPZy33F7kldcQY9c5luUY52tTnHHctx
dP6pBJk9Mcyd8q9t0E4GU82UHc1Xdr3pdju/yk1ZQ0vCfnGVYLOxPgxXneUYfUyH
SfuKin4GCBxwf3kXSE/MfGt1LoTofvb1DFZbQRfzrF/ZKKXnXACIUnGYlnc5D6VE
gmS8T2Ru/qqkDxvr6PxmG+syhzQF/oS46wHehoFKA1C9Dlm/f5DJ6/0tliF+9o6q
/3LIWwdQjNg15V6+toPVPAhY9IfK7Ms0tfKRB2mYsfn2AUR72TxbfDct+N64NAlL
zt3pmWYkares581L8udohMPFHpbxLQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO2w
X1ydieoyXq3QV0B8OfL4PbVCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OUYyOTdCQ0M4MTYxMUVGODhDNUUzNjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlvQMA0GCSqGSIb3DQEB
CwUAA4IBAQCdviV22N3BpY7+Xf/FGzBoBMTpzU2JSv2mMvOmSzSxh0nCsUB6loj5
UNO9fZl+9yD/6IMSDubCcT/6Z3fqV20xxYUhTVfQlI2z0WrOVfCDteMG4QPb66C7
FmAKP2rQBZy45fbjUmq1hI7PYQ+m316x7AWpuDtEHxwAHnzd0Cct/ZGUjRcLkg5I
PAdmJIfB67pAN3WVgQYRKe3wPOH7MvpEDxxdc2QHfcfCz4vXULIBmdTzFNATYyio
vbYIfUDyFV3yMaYFzDw9lqBmNyU++cKb3s7SzL7VE3VXV3bROsOFX+WrX7WLjiEj
lc9u2196FcPVrTe6EvcugpR0ESU9mvau
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:33 2025 by rpki-client