Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/977C111CCDEB11EFA935138B762E951A.roa
File: 977C111CCDEB11EFA935138B762E951A.roa (raw, json)
Hash identifier: 5pGeQpYZ73LZHrItBmK/Td6CJI89UST+Tc33deV10/I=
Subject key identifier: 1E:7B:82:BA:71:32:05:45:4E:89:52:D8:3E:83:CF:A7:C3:E3:CB:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01380D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/977C111CCDEB11EFA935138B762E951A.roa
Signing time: Wed 08 Jan 2025 18:08:42 +0000
ROA not before: Wed 08 Jan 2025 18:08:38 +0000
ROA not after: Sat 03 Jan 2026 18:08:38 +0000
asID: 984
IP address blocks: 154.89.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79885 (0x1380d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 18:08:38 2025 GMT
Not After : Jan 3 18:08:38 2026 GMT
Subject: CN=677ebf29-cd7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:23:62:2d:2c:8c:ec:b3:34:f2:c2:6f:ba:15:
bc:49:8f:5c:18:73:ae:3b:c4:2b:de:73:72:1b:3e:
84:06:5b:a8:ef:50:6a:9f:b9:5a:36:48:c3:73:9f:
43:07:2a:7a:62:93:a2:2e:d4:82:aa:b9:14:27:ac:
33:41:5a:e3:46:c3:8a:b2:7d:69:08:e6:35:e3:33:
8f:a1:fb:c3:b4:5e:ff:0e:a3:76:df:c8:e3:42:8f:
01:68:a0:3d:8b:fa:b1:6a:fd:2d:42:d7:b2:b2:54:
6b:82:fe:93:f1:51:44:95:7a:ab:43:fd:25:c7:d9:
98:9d:f6:f3:d0:81:cf:d6:7a:d8:8d:d0:81:61:ed:
ea:36:30:65:26:9b:d1:2a:c1:8b:5f:e7:79:b5:d2:
22:4f:9e:72:05:4c:01:52:0f:cd:41:ba:d0:7a:53:
de:bb:57:82:ae:70:86:9d:ef:8e:e2:b4:59:e2:cf:
27:ff:ca:3a:47:65:06:8a:34:41:39:e1:0c:2a:12:
98:a6:b7:71:49:ec:79:e7:b8:92:f2:18:6e:ba:6e:
80:51:78:09:da:64:c8:3e:b9:0d:29:40:fc:2c:75:
5b:9d:34:8c:c7:12:b1:2f:9e:bc:1f:a3:1d:08:ef:
24:55:32:db:77:42:d2:58:d3:0a:95:14:54:2c:47:
ac:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7B:82:BA:71:32:05:45:4E:89:52:D8:3E:83:CF:A7:C3:E3:CB:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/977C111CCDEB11EFA935138B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.213.0/24
Signature Algorithm: sha256WithRSAEncryption
82:06:e2:e4:db:09:dc:9f:d0:f9:4c:d4:fc:0f:b1:03:10:1a:
11:65:70:b2:51:b2:48:e6:46:1d:cc:f2:3a:16:45:c3:4b:8f:
8e:32:2c:c6:b4:eb:48:fc:fd:18:0e:83:39:41:3f:13:f6:cd:
03:40:c6:fe:d2:b2:d6:54:c4:cb:ed:6f:4f:9c:48:44:a7:32:
0c:62:bd:c5:87:d7:07:e3:ea:0d:1a:40:41:22:0d:68:58:80:
a1:42:05:6a:79:3b:a8:6e:05:e6:b0:61:5d:a2:46:4e:b0:7c:
8c:3d:bd:02:69:97:38:8e:87:1f:75:58:3e:8f:74:90:6a:85:
6d:ca:96:34:10:c7:32:16:f3:b1:08:e4:5b:fc:10:ba:ed:fc:
6b:4d:41:71:fd:71:78:97:80:79:b9:31:35:19:4f:ef:10:a6:
86:a5:f6:09:94:a5:63:91:c2:f7:4e:8b:87:06:d8:af:30:49:
27:d9:33:86:32:22:0e:b9:90:0b:e6:0a:f1:90:4d:bb:31:ff:
3a:c3:16:52:85:97:69:6c:7d:a1:11:fe:d7:41:77:91:2e:c0:
24:e3:7a:f4:22:9e:de:eb:00:33:ae:20:a7:04:9d:8a:d1:0c:
57:e1:48:11:34:89:8d:94:83:09:7b:8c:9c:c2:8d:d0:6f:66:
3b:a6:bb:fd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATgNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTgwODM4WhcNMjYwMTAzMTgwODM4WjAYMRYw
FAYDVQQDEw02NzdlYmYyOS1jZDdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyCNiLSyM7LM08sJvuhW8SY9cGHOuO8Qr3nNyGz6EBluo71Bqn7laNkjD
c59DByp6YpOiLtSCqrkUJ6wzQVrjRsOKsn1pCOY14zOPofvDtF7/DqN238jjQo8B
aKA9i/qxav0tQteyslRrgv6T8VFElXqrQ/0lx9mYnfbz0IHP1nrYjdCBYe3qNjBl
JpvRKsGLX+d5tdIiT55yBUwBUg/NQbrQelPeu1eCrnCGne+O4rRZ4s8n/8o6R2UG
ijRBOeEMKhKYprdxSex557iS8hhuum6AUXgJ2mTIPrkNKUD8LHVbnTSMxxKxL568
H6MdCO8kVTLbd0LSWNMKlRRULEeseQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB57
grpxMgVFTolS2D6Dz6fD48sWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NzdDMTExQ0NERUIxMUVGQTkzNTEzOEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnVMA0GCSqGSIb3DQEB
CwUAA4IBAQCCBuLk2wncn9D5TNT8D7EDEBoRZXCyUbJI5kYdzPI6FkXDS4+OMizG
tOtI/P0YDoM5QT8T9s0DQMb+0rLWVMTL7W9PnEhEpzIMYr3Fh9cH4+oNGkBBIg1o
WIChQgVqeTuobgXmsGFdokZOsHyMPb0CaZc4jocfdVg+j3SQaoVtypY0EMcyFvOx
CORb/BC67fxrTUFx/XF4l4B5uTE1GU/vEKaGpfYJlKVjkcL3TouHBtivMEkn2TOG
MiIOuZAL5grxkE27Mf86wxZShZdpbH2hEf7XQXeRLsAk43r0Ip7e6wAzriCnBJ2K
0QxX4UgRNImNlIMJe4ycwo3Qb2Y7prv9
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:41 2025 by rpki-client