Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/927B5F42C0D511EFAB50E250762E951A.roa
File: 927B5F42C0D511EFAB50E250762E951A.roa (raw, json)
Hash identifier: 2dWSlY57Uy0Z5gWPzWrQy9KstZgf82UgNAXfeRKN1EI=
Subject key identifier: 5C:EC:4C:58:EF:4F:8E:E7:C3:09:65:96:BE:1F:DE:DC:E5:6F:1E:05
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E56
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/927B5F42C0D511EFAB50E250762E951A.roa
Signing time: Mon 23 Dec 2024 02:28:19 +0000
ROA not before: Mon 23 Dec 2024 02:28:15 +0000
ROA not after: Wed 10 Dec 2025 02:28:15 +0000
asID: 984
IP address blocks: 154.89.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73302 (0x11e56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 02:28:15 2024 GMT
Not After : Dec 10 02:28:15 2025 GMT
Subject: CN=6768cac3-72a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f1:5c:9f:d6:b7:2f:60:b6:a1:6e:97:5a:7e:
df:4d:76:ef:aa:1d:7c:63:d0:df:0d:e6:26:fc:b0:
4d:10:36:a7:f4:f2:15:13:2d:b6:3e:5f:9a:7c:2d:
6d:4c:6b:57:fd:42:e2:61:30:2c:61:8b:bf:53:73:
3d:bd:2d:cc:cf:36:51:f3:5d:95:c4:e2:5c:08:dc:
14:38:ae:ce:5d:9a:84:fa:ef:23:23:fb:4f:cf:30:
ea:f2:03:59:ad:98:14:ce:93:79:cd:2d:64:11:ea:
65:b2:d9:96:db:9b:74:a3:74:7e:6b:e9:7f:ab:69:
5b:52:49:3d:62:ec:dd:e9:62:fd:6b:f8:ab:a1:57:
a6:87:2f:bf:5a:44:ff:21:10:56:38:a2:84:b7:c1:
9a:29:99:94:a9:61:d3:7e:e5:9e:ad:fa:9a:92:0b:
6a:1b:d5:33:d1:d1:de:cc:5a:41:2b:71:a1:ae:25:
61:d4:e4:87:e7:28:f8:69:e8:06:96:c7:f1:2d:87:
32:d6:28:1d:e2:9e:5c:09:6f:f4:63:b2:86:b8:b5:
28:e4:cb:ba:ed:d8:59:02:1f:92:dc:da:82:40:8b:
e5:79:51:1a:fb:1a:ab:3d:29:ac:0a:4d:16:29:1c:
a9:38:35:ad:f7:8f:e4:ae:10:80:2b:33:a1:cf:c9:
e4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:EC:4C:58:EF:4F:8E:E7:C3:09:65:96:BE:1F:DE:DC:E5:6F:1E:05
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/927B5F42C0D511EFAB50E250762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.135.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:8d:7d:6e:c1:01:07:e5:86:8d:60:33:95:f6:3f:6d:18:db:
3f:5b:df:0e:df:0e:fb:ff:26:ca:20:39:f8:4a:1a:f6:f3:b1:
c9:1b:5f:87:85:c2:17:a1:92:56:78:66:5a:5b:81:10:87:8b:
3a:da:6c:af:dc:ed:4f:11:67:42:5b:26:6b:6e:9e:fe:b7:8b:
d6:84:d2:91:89:61:b7:00:29:8e:e4:1c:7e:76:60:21:80:ae:
c2:92:8a:1d:52:34:4a:8d:b4:65:d4:bc:ba:28:5d:ed:0e:5e:
86:b3:57:fa:a8:dd:12:b7:83:38:05:51:74:4d:e1:e1:1f:e4:
91:70:da:42:13:51:2b:5e:ae:19:1c:f2:04:ed:af:66:35:fa:
16:64:57:03:6f:d8:8b:d1:94:9d:9d:4f:c0:9b:5e:bb:73:6f:
5e:78:4c:44:33:ed:8b:dc:d6:d5:af:79:f3:7e:91:da:44:34:
02:0a:61:2e:f3:e7:ef:88:ed:83:da:79:de:fa:0e:ac:5e:89:
25:86:25:cf:39:e3:64:f3:d6:1d:05:68:96:da:55:66:10:ac:
36:4d:be:af:18:b6:ce:03:82:c2:46:6e:ab:8d:37:b8:27:8a:
86:65:7e:e6:e8:22:95:8c:59:ea:d9:a7:e3:fa:d9:ff:4b:c2:
f3:0d:f4:81
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR5WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDIyODE1WhcNMjUxMjEwMDIyODE1WjAYMRYw
FAYDVQQDEw02NzY4Y2FjMy03MmE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwPFcn9a3L2C2oW6XWn7fTXbvqh18Y9DfDeYm/LBNEDan9PIVEy22Pl+a
fC1tTGtX/ULiYTAsYYu/U3M9vS3MzzZR812VxOJcCNwUOK7OXZqE+u8jI/tPzzDq
8gNZrZgUzpN5zS1kEeplstmW25t0o3R+a+l/q2lbUkk9Yuzd6WL9a/iroVemhy+/
WkT/IRBWOKKEt8GaKZmUqWHTfuWerfqakgtqG9Uz0dHezFpBK3GhriVh1OSH5yj4
aegGlsfxLYcy1igd4p5cCW/0Y7KGuLUo5Mu67dhZAh+S3NqCQIvleVEa+xqrPSms
Ck0WKRypODWt94/krhCAKzOhz8nkSwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFzs
TFjvT47nwwlllr4f3tzlbx4FMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MjdCNUY0MkMwRDUxMUVGQUI1MEUyNTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmHMA0GCSqGSIb3DQEB
CwUAA4IBAQB/jX1uwQEH5YaNYDOV9j9tGNs/W98O3w77/ybKIDn4Shr287HJG1+H
hcIXoZJWeGZaW4EQh4s62myv3O1PEWdCWyZrbp7+t4vWhNKRiWG3ACmO5Bx+dmAh
gK7CkoodUjRKjbRl1Ly6KF3tDl6Gs1f6qN0St4M4BVF0TeHhH+SRcNpCE1ErXq4Z
HPIE7a9mNfoWZFcDb9iL0ZSdnU/Am167c29eeExEM+2L3NbVr3nzfpHaRDQCCmEu
8+fviO2D2nne+g6sXoklhiXPOeNk89YdBWiW2lVmEKw2Tb6vGLbOA4LCRm6rjTe4
J4qGZX7m6CKVjFnq2afj+tn/S8LzDfSB
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:45 2025 by rpki-client