Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B047BBCC36011EFA070CB82762E951A.roa
File: 8B047BBCC36011EFA070CB82762E951A.roa (raw, json)
Hash identifier: FPvpEPTx3YP9AzE0HsHnpD1MVsf0SaI/qWIPJgjx92o=
Subject key identifier: 59:DD:B5:E1:6A:63:8E:8D:73:3E:97:3F:80:E3:58:E8:6C:39:DA:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012648
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B047BBCC36011EFA070CB82762E951A.roa
Signing time: Thu 26 Dec 2024 08:08:09 +0000
ROA not before: Thu 26 Dec 2024 08:08:06 +0000
ROA not after: Fri 12 Dec 2025 08:08:06 +0000
asID: 984
IP address blocks: 154.91.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75336 (0x12648)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 08:08:06 2024 GMT
Not After : Dec 12 08:08:06 2025 GMT
Subject: CN=676d0ee9-e726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:94:f1:2d:f5:2d:aa:3a:09:0f:69:ce:0c:e8:
13:f2:37:b1:fb:e6:86:b8:14:24:56:d0:80:7e:39:
b5:b9:f3:e8:a8:3a:4d:cc:c4:96:8a:b8:39:90:45:
b0:c4:d4:f6:52:4f:18:63:d9:fe:29:ce:fe:68:fa:
05:dc:c7:e3:af:7b:4f:c0:81:a8:5b:73:97:c2:42:
42:34:d1:a9:a6:52:09:c6:73:2b:40:d2:3d:de:bc:
44:c9:6f:18:e3:a7:7e:f7:f0:73:bf:fa:3d:ed:6d:
b3:0b:90:07:ea:37:ba:63:06:e8:c7:f8:fd:12:75:
fc:eb:2e:f4:7d:e2:f4:2d:6e:2b:0c:99:e0:db:c7:
73:bc:9d:88:78:87:30:43:b8:98:20:a9:1b:4a:ff:
50:6e:be:ec:37:da:60:9d:68:1d:9b:87:3e:39:39:
41:a4:ed:d6:87:41:43:76:b8:5b:5c:a3:3d:09:27:
46:60:57:5b:98:21:d8:fd:2a:29:fd:03:5d:3b:d4:
36:bd:46:5a:e8:ea:3e:9d:38:84:2f:12:6f:d2:bd:
df:21:cf:62:88:ac:b3:f4:23:fc:4f:25:95:e7:38:
cb:de:3f:b0:dd:c4:9e:e7:0b:56:6b:8c:e7:4c:65:
4f:9a:54:50:28:a9:be:b3:49:a4:1f:07:37:3c:f3:
fc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:DD:B5:E1:6A:63:8E:8D:73:3E:97:3F:80:E3:58:E8:6C:39:DA:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B047BBCC36011EFA070CB82762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.140.0/24
Signature Algorithm: sha256WithRSAEncryption
68:aa:90:b0:8a:78:6c:f1:22:3a:70:3c:28:1b:ed:f5:e6:2e:
4e:0a:92:41:b1:4c:e7:54:75:7a:0e:9e:3b:19:66:24:83:54:
86:fd:d7:87:5b:91:cd:7c:0d:83:00:ed:f6:3d:6b:10:ee:89:
84:cc:d4:8b:7b:bf:a8:11:bf:68:4e:f1:b5:4a:b1:f5:5e:26:
9a:f2:95:24:8e:ca:b8:33:ed:88:67:19:50:60:3e:cc:99:c9:
bf:2c:c3:ca:a6:5b:44:70:dc:3c:3b:65:bd:cb:66:5f:14:bf:
67:be:7d:73:dc:ac:6c:a9:6e:c1:5c:31:fe:f2:55:7c:94:28:
c0:c6:85:d3:9c:a8:65:d0:94:f1:cf:9a:5f:c2:0b:64:6b:fc:
4f:1a:8a:91:ca:f2:b5:e6:ec:fa:b9:85:5b:48:b7:9b:06:be:
75:1c:af:46:85:78:4d:a8:44:2a:26:71:a7:ce:f7:91:5b:c5:
6f:f7:b8:11:8e:b3:48:8c:e6:f5:b2:a3:0f:cd:f8:08:4c:9f:
4a:9e:df:30:a5:6b:f7:3f:02:63:29:0a:51:91:42:b1:48:74:
cb:c0:e1:bb:94:53:85:41:07:87:74:88:d3:b7:f7:85:8d:1b:
10:f0:62:44:38:fb:a1:02:0c:41:e9:d5:45:6a:ce:ba:f9:9b:
e7:d7:52:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASZIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDgwODA2WhcNMjUxMjEyMDgwODA2WjAYMRYw
FAYDVQQDEw02NzZkMGVlOS1lNzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs5TxLfUtqjoJD2nODOgT8jex++aGuBQkVtCAfjm1ufPoqDpNzMSWirg5
kEWwxNT2Uk8YY9n+Kc7+aPoF3Mfjr3tPwIGoW3OXwkJCNNGpplIJxnMrQNI93rxE
yW8Y46d+9/Bzv/o97W2zC5AH6je6Ywbox/j9EnX86y70feL0LW4rDJng28dzvJ2I
eIcwQ7iYIKkbSv9Qbr7sN9pgnWgdm4c+OTlBpO3Wh0FDdrhbXKM9CSdGYFdbmCHY
/Sop/QNdO9Q2vUZa6Oo+nTiELxJv0r3fIc9iiKyz9CP8TyWV5zjL3j+w3cSe5wtW
a4znTGVPmlRQKKm+s0mkHwc3PPP8iwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFnd
teFqY46Ncz6XP4DjWOhsOdobMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QjA0N0JCQ0MzNjAxMUVGQTA3MENCODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmluMMA0GCSqGSIb3DQEB
CwUAA4IBAQBoqpCwinhs8SI6cDwoG+315i5OCpJBsUznVHV6Dp47GWYkg1SG/deH
W5HNfA2DAO32PWsQ7omEzNSLe7+oEb9oTvG1SrH1Xiaa8pUkjsq4M+2IZxlQYD7M
mcm/LMPKpltEcNw8O2W9y2ZfFL9nvn1z3KxsqW7BXDH+8lV8lCjAxoXTnKhl0JTx
z5pfwgtka/xPGoqRyvK15uz6uYVbSLebBr51HK9GhXhNqEQqJnGnzveRW8Vv97gR
jrNIjOb1sqMPzfgITJ9Knt8wpWv3PwJjKQpRkUKxSHTLwOG7lFOFQQeHdIjTt/eF
jRsQ8GJEOPuhAgxB6dVFas66+Zvn11IG
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:04 2025 by rpki-client