Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/958B04A2C19E11EF8E6E8F44762E951A.roa
File: 958B04A2C19E11EF8E6E8F44762E951A.roa (raw, json)
Hash identifier: Fk37QuWJuRXwzn7WBkgGmLSfoMK1QX4H91XRwBlURjE=
Subject key identifier: D6:A7:24:66:3E:B7:52:0D:09:83:3C:00:F0:CF:B9:35:16:A3:38:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012095
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/958B04A2C19E11EF8E6E8F44762E951A.roa
Signing time: Tue 24 Dec 2024 02:27:13 +0000
ROA not before: Tue 24 Dec 2024 02:27:09 +0000
ROA not after: Wed 10 Dec 2025 02:27:09 +0000
asID: 984
IP address blocks: 154.90.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73877 (0x12095)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 02:27:09 2024 GMT
Not After : Dec 10 02:27:09 2025 GMT
Subject: CN=676a1c01-0af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:92:e7:a3:43:f4:97:47:29:09:f5:ef:67:4f:
50:92:8e:da:b0:0e:50:4f:9b:db:4e:bf:aa:3b:6a:
9e:1e:48:e3:5d:73:5f:da:33:0a:4d:54:f0:74:12:
de:40:77:2f:f1:1f:74:97:36:13:d5:37:82:bb:a5:
2d:71:31:c3:d8:51:f2:b1:b8:e2:f2:bd:a5:67:3e:
ca:c4:2d:75:81:70:5c:4a:a0:0f:e3:1d:a3:e9:2f:
92:5a:8d:1e:cc:d9:06:83:cd:f2:4c:39:70:8f:36:
bf:09:58:fb:56:1a:d8:48:27:cd:93:bc:fd:29:2a:
64:64:de:f5:45:99:a2:e5:ef:26:7e:e5:06:69:80:
ac:52:19:72:0c:be:2a:65:bc:35:98:96:09:82:21:
f2:af:16:e0:70:17:52:49:60:bc:eb:2a:58:63:9d:
6d:90:eb:5d:96:2f:0f:6c:cb:7d:b5:b7:1d:22:75:
79:49:c5:73:c9:27:6b:b2:b7:9e:18:78:f3:ba:5a:
18:16:82:b5:be:aa:61:91:7e:54:28:85:d2:ec:c1:
44:ae:f1:2f:27:9f:8e:04:8b:65:f0:ab:43:64:21:
e9:1b:5d:4e:27:f7:d9:d9:94:9f:53:f2:54:df:42:
ce:ac:8c:f3:cd:3d:1c:12:24:a5:62:ec:4a:da:69:
87:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A7:24:66:3E:B7:52:0D:09:83:3C:00:F0:CF:B9:35:16:A3:38:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/958B04A2C19E11EF8E6E8F44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.230.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:7e:44:8f:2e:0f:aa:41:90:af:b2:14:71:4d:1a:e6:d4:dc:
7d:8d:73:3f:23:7e:b0:ec:b0:11:de:13:73:79:16:73:be:78:
45:eb:d3:99:d6:9a:19:f7:4f:0f:ee:6c:92:f8:db:43:9d:85:
30:4b:9e:e3:4a:7a:b1:fa:cb:d8:7e:db:c1:f1:25:d3:cc:a1:
bd:23:c2:3a:49:a8:99:14:30:19:40:36:d3:a0:1f:f8:6d:95:
12:44:f8:78:2b:27:5e:9f:3b:e5:53:33:a1:f6:65:f2:3c:5d:
a0:07:5d:41:cd:58:59:ab:cf:70:bf:01:a1:32:25:56:e5:ae:
3a:a0:41:75:6c:85:a4:20:4e:8f:7a:64:1b:fb:46:08:f6:e6:
94:61:3b:39:b7:32:c1:ab:ff:56:bd:b8:56:4a:ef:1e:02:59:
f1:a6:0d:04:e3:66:9f:ba:41:a5:b9:24:ef:47:dd:f0:8b:2f:
d8:77:8e:97:71:8e:4b:b8:8e:16:75:d9:e7:48:f6:2b:08:1b:
db:be:ab:01:ac:d7:6c:e9:32:a6:a2:19:6e:d8:54:49:56:45:
09:37:7b:81:e0:ed:12:45:1c:f6:6a:d4:dc:9d:58:ee:cc:81:
ac:cc:0f:0c:d7:3a:40:e6:f0:84:22:14:bb:fd:95:c6:f5:58:
3a:5a:62:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASCVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDIyNzA5WhcNMjUxMjEwMDIyNzA5WjAYMRYw
FAYDVQQDEw02NzZhMWMwMS0wYWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwpLno0P0l0cpCfXvZ09Qko7asA5QT5vbTr+qO2qeHkjjXXNf2jMKTVTw
dBLeQHcv8R90lzYT1TeCu6UtcTHD2FHysbji8r2lZz7KxC11gXBcSqAP4x2j6S+S
Wo0ezNkGg83yTDlwjza/CVj7VhrYSCfNk7z9KSpkZN71RZmi5e8mfuUGaYCsUhly
DL4qZbw1mJYJgiHyrxbgcBdSSWC86ypYY51tkOtdli8PbMt9tbcdInV5ScVzySdr
sreeGHjzuloYFoK1vqphkX5UKIXS7MFErvEvJ5+OBItl8KtDZCHpG11OJ/fZ2ZSf
U/JU30LOrIzzzT0cEiSlYuxK2mmHKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNan
JGY+t1INCYM8APDPuTUWozifMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NThCMDRBMkMxOUUxMUVGOEU2RThGNDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlrmMA0GCSqGSIb3DQEB
CwUAA4IBAQDGfkSPLg+qQZCvshRxTRrm1Nx9jXM/I36w7LAR3hNzeRZzvnhF69OZ
1poZ908P7myS+NtDnYUwS57jSnqx+svYftvB8SXTzKG9I8I6SaiZFDAZQDbToB/4
bZUSRPh4KydenzvlUzOh9mXyPF2gB11BzVhZq89wvwGhMiVW5a46oEF1bIWkIE6P
emQb+0YI9uaUYTs5tzLBq/9WvbhWSu8eAlnxpg0E42afukGluSTvR93wiy/Yd46X
cY5LuI4WddnnSPYrCBvbvqsBrNds6TKmohlu2FRJVkUJN3uB4O0SRRz2atTcnVju
zIGszA8M1zpA5vCEIhS7/ZXG9Vg6WmJp
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:42:04 2025 by rpki-client