Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E6C0678CDEA11EF8C7AAA84762E951A.roa
File: 8E6C0678CDEA11EF8C7AAA84762E951A.roa (raw, json)
Hash identifier: XorrQXI0tPuzMjHXLsCNJNXnG2i2N8csWkMctKNW+/I=
Subject key identifier: 4B:1F:7A:13:67:F6:21:12:72:45:99:5E:06:AD:31:33:F7:54:9B:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013805
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E6C0678CDEA11EF8C7AAA84762E951A.roa
Signing time: Wed 08 Jan 2025 18:01:17 +0000
ROA not before: Wed 08 Jan 2025 18:01:13 +0000
ROA not after: Sat 03 Jan 2026 18:01:13 +0000
asID: 984
IP address blocks: 154.89.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79877 (0x13805)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 18:01:13 2025 GMT
Not After : Jan 3 18:01:13 2026 GMT
Subject: CN=677ebd6d-cd83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:9c:3e:3e:06:cc:85:05:9f:15:6c:0d:ca:
e1:31:9b:b1:51:6b:af:77:2f:f2:10:c4:4e:cc:88:
fc:26:1b:ab:29:1e:75:4a:28:30:53:1d:87:3d:fa:
bf:43:a4:fb:83:de:fa:13:d0:29:07:53:4d:2e:08:
7b:8f:4b:bc:d8:bf:30:c3:ce:bc:01:27:7e:76:ce:
0d:85:2b:6f:0c:90:0b:f2:6b:08:d9:56:78:63:bb:
9d:10:7d:f0:e7:f9:10:7c:4f:78:5e:de:4a:0d:99:
f6:6c:40:f4:99:6c:74:6e:ce:76:fd:de:4e:00:6a:
e5:48:5a:ed:5c:5f:91:a3:ec:69:f5:04:95:79:87:
0f:3a:b7:1b:0c:3a:50:b9:7a:69:2a:9c:1f:b3:92:
a1:a9:d0:0e:f1:3b:7c:86:28:0a:54:b5:09:5e:0d:
23:b0:bd:ee:72:c7:71:9e:3a:85:99:f5:5b:e9:62:
bf:04:fb:fe:2c:2a:92:b8:ed:60:b5:62:ef:1a:ad:
7a:82:de:1f:0b:af:28:eb:18:41:90:32:34:4f:29:
c7:9f:2c:98:a4:55:e6:c8:c8:27:b1:9e:e4:da:26:
19:1c:62:c0:3c:40:13:06:c2:aa:a6:4d:c4:e3:52:
98:89:d0:92:ac:ac:69:b8:4a:b5:1e:fa:87:2a:c9:
c4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1F:7A:13:67:F6:21:12:72:45:99:5E:06:AD:31:33:F7:54:9B:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E6C0678CDEA11EF8C7AAA84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.209.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a5:1f:c8:d7:ca:04:26:88:73:87:b1:c0:55:25:9a:f8:a2:
97:3b:2e:39:22:63:af:89:bd:da:a8:59:36:75:b9:54:da:61:
c9:bf:1e:b8:ea:11:e3:e3:01:7c:d4:1d:c7:d8:88:6c:77:1e:
ad:6e:a5:6b:0d:6a:ac:39:69:35:aa:97:a1:de:17:c7:cf:f2:
98:62:4e:5a:9b:25:51:9f:cc:33:3d:26:25:ff:55:21:87:f5:
30:81:30:d3:a0:58:63:3a:33:42:e0:6a:2a:ea:23:c4:0b:4e:
3e:71:8d:40:62:be:e1:76:a6:5f:a3:33:b7:f8:b3:21:49:35:
ac:71:1c:ff:de:08:0b:8a:25:94:03:2d:16:4d:b3:5f:d1:82:
e5:3a:71:f3:b8:f5:39:bc:b4:0a:f9:02:fb:de:eb:e9:67:f0:
56:d7:19:44:f2:52:8f:54:62:3d:42:99:ae:f5:10:ed:b9:ec:
01:a5:25:23:be:2c:f4:11:6a:50:a4:eb:a7:a4:98:2b:be:58:
0e:83:6b:06:ad:f3:db:71:a5:42:3e:03:3e:65:a6:3c:ba:bc:
d2:06:42:2f:39:95:5c:d8:f3:93:f3:43:9b:5b:b9:fc:82:fa:
b2:55:b9:27:ca:bb:75:55:c0:74:3e:8f:c1:65:c9:3b:fe:d6:
80:d7:aa:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATgFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTgwMTEzWhcNMjYwMTAzMTgwMTEzWjAYMRYw
FAYDVQQDEw02NzdlYmQ2ZC1jZDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsjicPj4GzIUFnxVsDcrhMZuxUWuvdy/yEMROzIj8JhurKR51SigwUx2H
Pfq/Q6T7g976E9ApB1NNLgh7j0u82L8ww868ASd+ds4NhStvDJAL8msI2VZ4Y7ud
EH3w5/kQfE94Xt5KDZn2bED0mWx0bs52/d5OAGrlSFrtXF+Ro+xp9QSVeYcPOrcb
DDpQuXppKpwfs5KhqdAO8Tt8higKVLUJXg0jsL3ucsdxnjqFmfVb6WK/BPv+LCqS
uO1gtWLvGq16gt4fC68o6xhBkDI0TynHnyyYpFXmyMgnsZ7k2iYZHGLAPEATBsKq
pk3E41KYidCSrKxpuEq1HvqHKsnEiwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEsf
ehNn9iESckWZXgatMTP3VJtiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RTZDMDY3OENERUExMUVGOEM3QUFBODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnRMA0GCSqGSIb3DQEB
CwUAA4IBAQCfpR/I18oEJohzh7HAVSWa+KKXOy45ImOvib3aqFk2dblU2mHJvx64
6hHj4wF81B3H2Ihsdx6tbqVrDWqsOWk1qpeh3hfHz/KYYk5amyVRn8wzPSYl/1Uh
h/UwgTDToFhjOjNC4Goq6iPEC04+cY1AYr7hdqZfozO3+LMhSTWscRz/3ggLiiWU
Ay0WTbNf0YLlOnHzuPU5vLQK+QL73uvpZ/BW1xlE8lKPVGI9Qpmu9RDtuewBpSUj
viz0EWpQpOunpJgrvlgOg2sGrfPbcaVCPgM+ZaY8urzSBkIvOZVc2POT80ObW7n8
gvqyVbknyrt1VcB0Po/BZck7/taA16pY
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:38 2025 by rpki-client