Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91F54E02C19811EFB4608396762E951A.roa
File: 91F54E02C19811EFB4608396762E951A.roa (raw, json)
Hash identifier: m81R0X9ukwAgpyc35NQXv5lh+eImrQbAsrGcimFVTRY=
Subject key identifier: D7:C4:82:F6:75:C1:20:F3:4F:72:3A:FA:CA:C5:9E:30:8C:93:3F:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01204B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91F54E02C19811EFB4608396762E951A.roa
Signing time: Tue 24 Dec 2024 01:44:10 +0000
ROA not before: Tue 24 Dec 2024 01:44:07 +0000
ROA not after: Wed 10 Dec 2025 01:44:07 +0000
asID: 984
IP address blocks: 154.90.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73803 (0x1204b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 01:44:07 2024 GMT
Not After : Dec 10 01:44:07 2025 GMT
Subject: CN=676a11ea-6da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cf:f7:4f:73:82:ef:4f:86:d3:55:43:31:ac:
ba:f6:a1:b1:43:57:0d:2c:cf:fb:ae:d4:48:d9:8d:
e9:c6:05:c5:9f:67:5c:90:b8:bd:80:9e:5c:73:29:
06:8f:1f:5c:ea:1c:77:9f:bd:02:39:94:22:16:ed:
de:c6:06:2a:60:27:3c:12:a9:de:79:e6:3e:92:a8:
6c:77:e6:30:01:d0:f5:be:00:81:7e:79:5e:98:94:
ed:45:21:bc:df:ea:29:54:a2:39:5e:ec:21:cf:dc:
f1:9d:e2:45:7f:b0:40:10:0d:d1:bd:dc:f6:21:6d:
58:89:e5:15:cc:21:d8:ca:f1:3f:01:bb:41:c1:3a:
f9:44:31:78:45:1c:7b:ff:a7:e1:04:eb:d8:83:bd:
12:9d:2f:d4:54:4a:80:e4:2a:52:7a:f9:16:34:68:
58:79:05:13:1a:08:34:9e:18:8f:ce:f5:3d:a5:db:
e7:0e:df:48:d3:0d:b8:05:4e:76:e4:07:18:b5:fb:
9b:16:76:ce:c2:42:61:11:6f:8c:97:4e:b8:48:8b:
e2:fb:27:53:85:0c:22:e4:3a:48:cc:2d:6b:ee:fb:
90:aa:73:69:e4:f7:9b:9c:47:92:87:6c:54:f2:8d:
fd:54:3f:44:67:bd:71:15:28:02:7e:a0:cd:a8:30:
54:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C4:82:F6:75:C1:20:F3:4F:72:3A:FA:CA:C5:9E:30:8C:93:3F:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91F54E02C19811EFB4608396762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.193.0/24
Signature Algorithm: sha256WithRSAEncryption
54:29:56:1d:3e:bb:88:72:69:e0:4e:07:e8:8d:1a:97:cc:3e:
3a:e6:1b:e7:4b:ba:fb:a6:05:4c:69:34:5e:6b:f2:2f:36:5e:
e0:e9:61:a6:d2:eb:0e:00:2f:c7:5b:b5:26:b0:55:f3:03:c1:
49:20:99:91:1c:1c:51:3b:fd:79:a7:43:de:74:34:e6:ca:2d:
e9:05:d5:91:ab:59:e0:f2:0c:55:8d:be:ab:76:e5:d7:ab:d0:
0b:b9:d7:16:ba:4f:49:2b:9e:24:e3:1f:39:86:b0:b5:80:94:
c9:71:31:4a:e9:a5:01:44:c9:83:15:ac:4a:54:b6:76:66:22:
6e:c2:33:e5:ca:e9:cb:b8:c7:11:bb:66:1f:6b:6a:a8:df:ec:
38:88:96:9b:22:46:a5:8e:94:48:9d:5e:4c:e9:30:2b:84:d5:
71:97:e0:0d:bb:85:cd:f2:28:a9:48:9f:e9:29:d8:e6:0f:d1:
e0:5c:43:8e:25:45:32:62:66:00:3b:a8:e6:a9:08:ab:ab:c3:
b5:d1:e9:c4:fe:ee:af:29:c8:7f:db:fa:79:38:39:6d:3a:ee:
da:e5:45:53:4a:ed:af:00:9e:d5:46:c0:b7:46:78:c8:98:99:
76:36:20:79:6c:14:af:7c:d3:d4:f0:e5:13:11:a6:0a:9d:90:
2a:0a:cc:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASBLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDE0NDA3WhcNMjUxMjEwMDE0NDA3WjAYMRYw
FAYDVQQDEw02NzZhMTFlYS02ZGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0s/3T3OC70+G01VDMay69qGxQ1cNLM/7rtRI2Y3pxgXFn2dckLi9gJ5c
cykGjx9c6hx3n70COZQiFu3exgYqYCc8EqneeeY+kqhsd+YwAdD1vgCBfnlemJTt
RSG83+opVKI5Xuwhz9zxneJFf7BAEA3Rvdz2IW1YieUVzCHYyvE/AbtBwTr5RDF4
RRx7/6fhBOvYg70SnS/UVEqA5CpSevkWNGhYeQUTGgg0nhiPzvU9pdvnDt9I0w24
BU525AcYtfubFnbOwkJhEW+Ml064SIvi+ydThQwi5DpIzC1r7vuQqnNp5PebnEeS
h2xU8o39VD9EZ71xFSgCfqDNqDBUUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNfE
gvZ1wSDzT3I6+srFnjCMkz+yMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MUY1NEUwMkMxOTgxMUVGQjQ2MDgzOTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlrBMA0GCSqGSIb3DQEB
CwUAA4IBAQBUKVYdPruIcmngTgfojRqXzD465hvnS7r7pgVMaTRea/IvNl7g6WGm
0usOAC/HW7UmsFXzA8FJIJmRHBxRO/15p0PedDTmyi3pBdWRq1ng8gxVjb6rduXX
q9ALudcWuk9JK54k4x85hrC1gJTJcTFK6aUBRMmDFaxKVLZ2ZiJuwjPlyunLuMcR
u2Yfa2qo3+w4iJabIkaljpRInV5M6TArhNVxl+ANu4XN8iipSJ/pKdjmD9HgXEOO
JUUyYmYAO6jmqQirq8O10enE/u6vKch/2/p5ODltOu7a5UVTSu2vAJ7VRsC3RnjI
mJl2NiB5bBSvfNPU8OUTEaYKnZAqCswd
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:35 2025 by rpki-client