Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/981B827AC1AB11EFB4E3439E762E951A.roa
File: 981B827AC1AB11EFB4E3439E762E951A.roa (raw, json)
Hash identifier: HuuEHNAtW8yQ2Y8pLpsXfYx2q8UfPrU0UyS8VCi61uw=
Subject key identifier: B9:7A:AF:8E:5F:C1:92:23:86:89:A2:17:1E:F5:09:D0:FF:22:FA:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012133
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/981B827AC1AB11EFB4E3439E762E951A.roa
Signing time: Tue 24 Dec 2024 04:00:21 +0000
ROA not before: Tue 24 Dec 2024 04:00:17 +0000
ROA not after: Wed 10 Dec 2025 04:00:17 +0000
asID: 984
IP address blocks: 154.92.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74035 (0x12133)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 04:00:17 2024 GMT
Not After : Dec 10 04:00:17 2025 GMT
Subject: CN=676a31d5-0926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d8:04:ee:3f:ea:98:26:97:82:57:ac:a6:dd:
61:d4:b2:75:71:69:65:7d:85:09:47:ac:b0:14:d9:
74:c8:db:e1:4f:94:1b:94:ec:6c:f3:28:03:5d:66:
24:f4:dc:c3:06:ed:cd:33:f3:84:ce:8c:9a:db:a7:
32:86:9d:35:99:53:e6:3c:4c:55:c2:12:49:84:74:
7e:5f:c2:8f:3c:5f:b9:d2:f0:20:49:47:ed:79:26:
0b:0f:c8:59:3d:bb:02:8a:c2:0b:2a:a4:bb:23:a4:
8a:0d:ac:95:83:ee:5e:45:0d:fc:92:1b:21:f7:c1:
10:d9:1f:f8:3c:8a:5e:17:62:db:fb:bc:96:11:a0:
8c:40:22:36:00:ca:4f:dd:73:d3:a6:57:78:00:3b:
33:69:f1:0f:31:56:21:1a:e7:7d:43:12:69:76:23:
ca:0b:fc:73:86:17:26:1e:ed:05:bf:13:9c:36:e8:
23:5c:80:ba:0a:47:11:41:5a:7b:9c:51:0a:85:eb:
24:cc:07:5a:b7:70:76:0d:74:6b:dd:97:1d:5a:77:
82:f1:37:79:c0:87:d4:8e:7c:64:46:8d:d5:e2:b7:
33:20:f3:7e:39:19:5c:71:44:a1:64:77:20:ce:c8:
b2:60:66:b4:42:54:99:b3:1c:16:5c:29:e8:fa:eb:
02:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7A:AF:8E:5F:C1:92:23:86:89:A2:17:1E:F5:09:D0:FF:22:FA:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/981B827AC1AB11EFB4E3439E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.247.0/24
Signature Algorithm: sha256WithRSAEncryption
be:b1:26:94:bb:d1:53:a8:c4:d8:5f:d0:a0:78:e4:eb:26:12:
1d:53:8f:a5:23:72:88:b0:b5:a6:a2:ef:b2:dd:33:db:ee:8d:
26:67:5b:91:c4:ba:9c:69:d3:84:f2:62:0f:93:7c:89:e5:05:
16:aa:21:d1:07:7b:df:ba:b4:1f:85:58:88:71:25:d2:c5:2b:
62:c7:6c:55:5d:ef:e5:b9:2a:98:26:2f:e8:45:ee:1d:f9:c4:
79:f7:2b:bb:bf:37:a4:7e:7e:46:d1:f9:b5:39:fa:15:73:d3:
4b:53:58:76:51:57:ad:fa:65:5d:be:6a:ae:4a:9b:b6:97:67:
8f:8b:b4:a5:23:da:f7:91:39:7c:73:bd:84:10:5e:74:8f:07:
b3:77:f4:26:5b:8b:4b:a4:c8:f8:52:a6:36:f2:29:97:af:47:
dc:d4:16:0f:25:a0:f2:71:75:51:e2:37:b5:df:83:1e:97:05:
8a:17:2f:ed:6f:b4:5f:cf:2e:8c:3b:43:db:5e:fc:6d:9d:a6:
4b:fd:e1:19:c8:2e:96:03:b6:ac:15:03:00:5b:ec:d6:90:24:
63:f7:f8:e8:88:5c:45:13:3c:74:3c:9e:f2:23:45:a3:32:5a:
f8:1b:7b:fd:f3:46:63:fb:7e:b7:d0:88:a2:48:6b:d2:84:5a:
2e:a6:60:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASEzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDQwMDE3WhcNMjUxMjEwMDQwMDE3WjAYMRYw
FAYDVQQDEw02NzZhMzFkNS0wOTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuNgE7j/qmCaXglespt1h1LJ1cWllfYUJR6ywFNl0yNvhT5QblOxs8ygD
XWYk9NzDBu3NM/OEzoya26cyhp01mVPmPExVwhJJhHR+X8KPPF+50vAgSUfteSYL
D8hZPbsCisILKqS7I6SKDayVg+5eRQ38khsh98EQ2R/4PIpeF2Lb+7yWEaCMQCI2
AMpP3XPTpld4ADszafEPMVYhGud9QxJpdiPKC/xzhhcmHu0FvxOcNugjXIC6CkcR
QVp7nFEKheskzAdat3B2DXRr3ZcdWneC8Td5wIfUjnxkRo3V4rczIPN+ORlccUSh
ZHcgzsiyYGa0QlSZsxwWXCno+usCCQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLl6
r45fwZIjhomiFx71CdD/IvqoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85ODFCODI3QUMxQUIxMUVGQjRFMzQzOUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlz3MA0GCSqGSIb3DQEB
CwUAA4IBAQC+sSaUu9FTqMTYX9CgeOTrJhIdU4+lI3KIsLWmou+y3TPb7o0mZ1uR
xLqcadOE8mIPk3yJ5QUWqiHRB3vfurQfhViIcSXSxStix2xVXe/luSqYJi/oRe4d
+cR59yu7vzekfn5G0fm1OfoVc9NLU1h2UVet+mVdvmquSpu2l2ePi7SlI9r3kTl8
c72EEF50jwezd/QmW4tLpMj4UqY28imXr0fc1BYPJaDycXVR4je134MelwWKFy/t
b7Rfzy6MO0PbXvxtnaZL/eEZyC6WA7asFQMAW+zWkCRj9/joiFxFEzx0PJ7yI0Wj
Mlr4G3v980Zj+3630IiiSGvShFoupmDW
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:12 2025 by rpki-client