Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BD72D4EAB3411EFBF07B6A4762E951A.roa
File: 8BD72D4EAB3411EFBF07B6A4762E951A.roa (raw, json)
Hash identifier: Pw86fmJSQ3K0fruX+hzWaoSBrANkWw7qsOFTVgZMKvY=
Subject key identifier: AF:4D:06:71:27:51:7F:FE:E4:EE:10:30:E7:15:B0:B8:AD:83:E7:23
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01134E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BD72D4EAB3411EFBF07B6A4762E951A.roa
Signing time: Mon 25 Nov 2024 13:52:44 +0000
ROA not before: Mon 25 Nov 2024 13:52:41 +0000
ROA not after: Wed 07 Jan 2026 13:52:41 +0000
asID: 149981
IP address blocks: 154.85.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70478 (0x1134e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 25 13:52:41 2024 GMT
Not After : Jan 7 13:52:41 2026 GMT
Subject: CN=6744812c-e345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f4:1b:bb:db:7d:01:62:34:78:dd:9b:03:42:
df:a3:6c:e3:9a:bb:f3:9d:59:1a:a3:ea:03:f3:50:
29:a6:e0:65:c6:aa:01:0d:b6:65:7c:80:5b:22:14:
c5:b1:6a:fd:ef:7e:9c:b9:be:20:cb:ce:05:0c:45:
32:fd:a3:32:15:ee:e1:a3:bb:4c:d4:26:5c:49:8d:
87:5c:75:8c:09:c1:0c:df:03:d4:dd:3a:e6:d5:f1:
42:05:4f:e7:8f:89:27:c1:03:0c:98:88:9a:d7:a5:
bf:94:30:d4:70:bc:f3:ca:12:8f:24:6f:87:5d:f5:
fc:fc:da:14:18:3b:37:dc:c4:1a:26:44:41:4b:09:
5e:21:d5:99:6d:c0:29:8e:81:b6:6a:3e:ce:09:e7:
0c:37:95:6d:87:73:7f:b8:22:3e:24:81:fb:53:d9:
41:d0:0d:10:45:3f:66:fc:58:e8:ca:10:db:64:8c:
bf:e1:ed:61:92:9d:ad:77:dc:6f:f8:ae:a8:a7:ab:
3d:62:47:f2:22:9a:6b:a8:9e:e2:3f:21:31:e6:06:
09:a8:5e:1f:ef:c2:a9:f0:0c:86:b9:61:e0:4f:87:
a9:a7:43:5f:ac:8f:e7:ce:38:35:f8:db:d7:52:23:
ef:76:69:e4:e2:6d:aa:9c:ad:36:6a:2a:ad:83:b8:
07:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4D:06:71:27:51:7F:FE:E4:EE:10:30:E7:15:B0:B8:AD:83:E7:23
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BD72D4EAB3411EFBF07B6A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.88.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:07:42:bf:c9:15:1f:4a:3b:6b:5c:8e:ea:9b:5e:93:ca:61:
ce:5a:87:c4:d2:61:53:9b:d5:56:22:dc:ff:61:c5:ab:2c:e5:
c1:09:be:4e:ee:9c:c5:82:0d:a2:d8:7f:50:e2:56:6f:fe:81:
19:05:4d:34:3d:c4:49:c5:1a:10:d2:09:52:a1:19:f3:06:d0:
5c:86:54:80:e0:79:e7:b4:cf:88:ce:c2:aa:89:05:de:f1:9c:
d2:c8:75:00:7f:8b:1a:8b:ef:22:11:77:1c:00:f7:eb:0f:2b:
be:88:dd:c0:04:fe:1c:be:86:72:55:e0:26:5c:43:e6:eb:e3:
5f:14:22:c5:fa:9f:b1:be:9f:8f:b5:d7:ef:60:70:f9:86:6d:
64:73:e3:e1:75:a9:2c:31:97:ba:03:64:57:37:bb:d0:86:e3:
4d:c9:1c:53:13:51:0d:13:b0:97:40:b4:9a:bd:b9:c7:0b:91:
76:ef:d2:d2:c6:3d:06:a4:31:7f:6a:44:9f:5f:01:34:aa:a2:
e3:27:c5:36:31:ab:22:56:b0:d1:8a:14:9f:e0:ba:2c:7f:3e:
6f:6b:7d:d3:85:9c:ae:b9:48:fc:b4:8f:38:db:ec:a1:30:91:
b9:1d:79:70:6f:26:b1:52:1a:95:e9:67:4d:08:87:1e:61:06:
9f:cc:b1:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARNOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTI1MTM1MjQxWhcNMjYwMTA3MTM1MjQxWjAYMRYw
FAYDVQQDEw02NzQ0ODEyYy1lMzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqvQbu9t9AWI0eN2bA0Lfo2zjmrvznVkao+oD81AppuBlxqoBDbZlfIBb
IhTFsWr9736cub4gy84FDEUy/aMyFe7ho7tM1CZcSY2HXHWMCcEM3wPU3Trm1fFC
BU/nj4knwQMMmIia16W/lDDUcLzzyhKPJG+HXfX8/NoUGDs33MQaJkRBSwleIdWZ
bcApjoG2aj7OCecMN5Vth3N/uCI+JIH7U9lB0A0QRT9m/FjoyhDbZIy/4e1hkp2t
d9xv+K6op6s9YkfyIpprqJ7iPyEx5gYJqF4f78Kp8AyGuWHgT4epp0NfrI/nzjg1
+NvXUiPvdmnk4m2qnK02aiqtg7gHlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK9N
BnEnUX/+5O4QMOcVsLitg+cjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QkQ3MkQ0RUFCMzQxMUVGQkYwN0I2QTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlVYMA0GCSqGSIb3DQEB
CwUAA4IBAQC/B0K/yRUfSjtrXI7qm16TymHOWofE0mFTm9VWItz/YcWrLOXBCb5O
7pzFgg2i2H9Q4lZv/oEZBU00PcRJxRoQ0glSoRnzBtBchlSA4HnntM+IzsKqiQXe
8ZzSyHUAf4sai+8iEXccAPfrDyu+iN3ABP4cvoZyVeAmXEPm6+NfFCLF+p+xvp+P
tdfvYHD5hm1kc+PhdaksMZe6A2RXN7vQhuNNyRxTE1ENE7CXQLSavbnHC5F279LS
xj0GpDF/akSfXwE0qqLjJ8U2MasiVrDRihSf4Losfz5va33ThZyuuUj8tI842+yh
MJG5HXlwbyaxUhqV6WdNCIceYQafzLFt
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:39 2025 by rpki-client