Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A5CF760C3D911EF8BA9B879762E951A.roa
File: 8A5CF760C3D911EF8BA9B879762E951A.roa (raw, json)
Hash identifier: v0iA+mLY+6fTCbNLAE+OrWTQ1rqwjblR2QOknSFzREY=
Subject key identifier: 96:3F:43:F1:D8:F9:05:67:8F:52:B3:57:A9:ED:62:8C:59:2E:DC:87
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012896
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A5CF760C3D911EF8BA9B879762E951A.roa
Signing time: Thu 26 Dec 2024 22:34:17 +0000
ROA not before: Thu 26 Dec 2024 22:34:13 +0000
ROA not after: Sun 12 Dec 2027 22:34:13 +0000
asID: 17561
IP address blocks: 154.85.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75926 (0x12896)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 22:34:13 2024 GMT
Not After : Dec 12 22:34:13 2027 GMT
Subject: CN=676dd9e9-9030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ba:89:0a:f8:52:3c:be:02:fb:2e:03:68:02:
a9:36:52:b5:fa:bb:16:20:63:02:91:36:7e:62:f0:
ee:69:07:37:1a:52:4a:21:b3:75:58:bd:e5:9f:47:
7b:f2:52:61:c0:b8:44:32:83:4b:f4:d2:53:fb:8a:
81:d9:7c:5a:39:4c:5c:d8:ef:e2:94:e4:68:73:65:
9e:a0:ae:0e:9a:15:19:5e:8c:8f:a1:1b:87:ae:41:
e1:b7:9f:be:61:5c:c5:40:39:0b:a3:bf:36:ac:2e:
31:fe:be:f1:e7:e1:98:b3:66:f5:0f:5d:45:97:5c:
ba:1f:d8:4c:80:34:1c:74:d3:cb:27:36:6e:cd:f5:
8f:dc:6c:81:37:8c:6c:aa:90:40:fc:e6:cb:10:9a:
8f:4d:6e:a0:19:eb:0d:d7:86:4d:92:73:b2:cb:3c:
43:78:bc:66:8f:f4:7f:28:00:67:57:3c:55:e0:76:
58:79:c0:ba:d5:88:18:88:2d:09:f4:69:c6:9d:61:
f2:21:59:2e:07:3d:c1:71:0c:ec:3f:c1:34:d9:2c:
b6:43:bf:ee:56:f4:dc:19:92:ee:bc:ba:75:3d:03:
24:ab:e1:0a:a3:61:39:a8:82:b9:ac:f5:ae:38:2a:
e0:9f:79:fd:65:32:79:1a:8f:87:e6:ee:90:e1:c3:
82:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3F:43:F1:D8:F9:05:67:8F:52:B3:57:A9:ED:62:8C:59:2E:DC:87
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A5CF760C3D911EF8BA9B879762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.21.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:33:5a:83:1a:1b:8c:e6:78:13:7e:51:4e:c9:d1:2e:97:a4:
a9:41:78:8c:c9:ae:d0:2b:3d:f7:e3:c0:f2:ee:4f:fb:8b:86:
d8:7c:b2:fe:4d:17:88:3e:d9:02:e8:11:8c:25:d4:9c:4e:93:
31:80:a6:a3:75:d7:48:68:97:1f:df:24:37:78:cc:6d:45:ce:
18:37:7a:28:34:31:62:f5:25:63:30:b2:b1:e9:c5:53:bd:28:
f9:c6:3a:8e:fe:33:a0:5d:7a:db:16:54:8b:10:0b:e5:77:74:
87:3a:00:5d:29:bf:76:8d:8a:7e:42:d4:e7:6d:09:3f:78:3e:
48:af:e4:6e:45:89:bf:bc:af:7c:85:fd:b8:9c:83:39:d6:46:
55:97:e4:78:8f:5f:58:8a:37:9d:04:5f:24:55:28:15:a3:b9:
dd:8d:19:f4:69:bd:8f:ab:45:ed:c6:ae:ef:e2:4f:d3:ba:dc:
09:8b:b0:72:1f:84:48:d0:16:c0:33:09:4f:4e:c6:11:fa:e6:
08:6d:21:6e:c0:fb:7f:d0:33:06:5d:df:5d:dd:72:e9:57:7c:
1b:87:20:f5:50:41:69:6d:e0:d5:07:43:43:8b:69:ef:8b:d1:
da:66:fd:d8:75:b1:d8:3d:91:92:52:e5:84:5d:ee:5f:06:c8:
41:97:85:4e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASiWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjIzNDEzWhcNMjcxMjEyMjIzNDEzWjAYMRYw
FAYDVQQDEw02NzZkZDllOS05MDMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7rqJCvhSPL4C+y4DaAKpNlK1+rsWIGMCkTZ+YvDuaQc3GlJKIbN1WL3l
n0d78lJhwLhEMoNL9NJT+4qB2XxaOUxc2O/ilORoc2WeoK4OmhUZXoyPoRuHrkHh
t5++YVzFQDkLo782rC4x/r7x5+GYs2b1D11Fl1y6H9hMgDQcdNPLJzZuzfWP3GyB
N4xsqpBA/ObLEJqPTW6gGesN14ZNknOyyzxDeLxmj/R/KABnVzxV4HZYecC61YgY
iC0J9GnGnWHyIVkuBz3BcQzsP8E02Sy2Q7/uVvTcGZLuvLp1PQMkq+EKo2E5qIK5
rPWuOCrgn3n9ZTJ5Go+H5u6Q4cOCPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJY/
Q/HY+QVnj1KzV6ntYoxZLtyHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QTVDRjc2MEMzRDkxMUVGOEJBOUI4Nzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlUVMA0GCSqGSIb3DQEB
CwUAA4IBAQCgM1qDGhuM5ngTflFOydEul6SpQXiMya7QKz3348Dy7k/7i4bYfLL+
TReIPtkC6BGMJdScTpMxgKajdddIaJcf3yQ3eMxtRc4YN3ooNDFi9SVjMLKx6cVT
vSj5xjqO/jOgXXrbFlSLEAvld3SHOgBdKb92jYp+QtTnbQk/eD5Ir+RuRYm/vK98
hf24nIM51kZVl+R4j19YijedBF8kVSgVo7ndjRn0ab2Pq0Xtxq7v4k/TutwJi7By
H4RI0BbAMwlPTsYR+uYIbSFuwPt/0DMGXd9d3XLpV3wbhyD1UEFpbeDVB0NDi2nv
i9HaZv3YdbHYPZGSUuWEXe5fBshBl4VO
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:14:02 2025 by rpki-client