Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A4F2038C19711EF9DF2548F762E951A.roa
File: 9A4F2038C19711EF9DF2548F762E951A.roa (raw, json)
Hash identifier: ok7kTECWPP9EcmbHwL0GZv/y1RAsyAhbgdsb5uDNbmE=
Subject key identifier: 5A:4F:F0:42:BF:C5:42:75:FC:17:66:C6:A9:81:F0:76:46:50:AE:BD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01203F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A4F2038C19711EF9DF2548F762E951A.roa
Signing time: Tue 24 Dec 2024 01:37:15 +0000
ROA not before: Tue 24 Dec 2024 01:37:11 +0000
ROA not after: Wed 10 Dec 2025 01:37:11 +0000
asID: 984
IP address blocks: 154.90.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73791 (0x1203f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 01:37:11 2024 GMT
Not After : Dec 10 01:37:11 2025 GMT
Subject: CN=676a104a-4893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cc:0a:9c:a1:4a:fe:db:f5:ff:ab:7f:37:11:
27:31:89:ed:af:97:6c:d4:a0:68:f5:38:e4:84:4e:
cf:bb:cb:05:c7:0b:42:0f:22:00:5a:88:ae:f3:ac:
73:47:e7:d9:7d:14:a9:9f:36:38:9e:e3:50:43:88:
3e:1b:fe:5d:a2:89:d5:ef:d9:a6:4c:75:31:35:e8:
26:fd:05:6e:6a:fc:91:5b:40:41:d2:74:d6:10:89:
3c:a0:de:6a:63:a9:09:32:38:f8:de:19:40:44:cb:
ae:cb:64:33:52:20:9a:a0:c8:d5:52:ca:3b:f4:3a:
e9:a6:75:dd:17:91:02:8b:b5:c2:33:48:c3:c9:d4:
28:3c:c2:8c:92:3f:ae:87:58:f3:ed:1b:22:3c:82:
d6:9d:2c:6c:fc:25:61:33:95:44:91:2c:c2:75:8a:
c3:a6:32:3c:90:1b:fd:2a:b6:24:39:22:a1:fd:d3:
a0:51:1b:f6:13:cd:78:7a:fb:0d:60:91:96:f7:df:
b3:4c:6f:bf:fb:e1:27:5b:48:54:59:eb:84:3c:9c:
e0:dc:85:3f:35:46:43:bc:fe:01:f4:da:0e:f4:16:
12:97:41:bd:39:a3:93:44:71:a2:bf:35:ae:47:28:
ad:e6:a8:b8:8e:9c:56:4f:7c:49:2d:0b:df:53:af:
b5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4F:F0:42:BF:C5:42:75:FC:17:66:C6:A9:81:F0:76:46:50:AE:BD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A4F2038C19711EF9DF2548F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.183.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a7:01:92:e4:e3:40:d5:9b:2b:f9:9e:3f:5c:2d:07:91:b6:
fa:b3:f5:5a:fe:42:52:28:1f:ac:24:9b:ad:ab:8d:de:55:4e:
ac:93:d5:7d:65:c0:d2:59:bb:fa:77:96:5b:03:cf:ae:f6:ef:
ff:49:c9:b6:2d:86:a3:cc:68:f8:90:25:6e:b9:49:cd:1e:b5:
2a:10:0f:e7:e9:a2:bd:91:c8:b0:a9:e9:91:42:a9:c8:15:76:
b4:b8:23:c7:c7:c4:59:9e:dc:46:ad:a5:8d:fb:c9:da:78:41:
8a:1f:c1:5f:02:2b:e8:0f:e7:fd:a3:9c:98:b8:05:59:99:22:
6a:8b:8d:91:5d:d9:e3:a3:a5:af:1b:79:36:60:96:47:2e:41:
5d:96:c1:93:d1:24:ae:0e:3b:61:ea:2d:73:4f:d9:d9:d1:7c:
a1:6d:47:f1:c3:02:ec:e5:eb:ef:c7:f0:fe:67:5b:e8:1e:d1:
a4:a3:e1:b7:9e:27:99:b6:56:b1:25:ce:81:4b:b4:e2:a2:35:
51:56:0f:d9:c6:bf:c7:68:94:59:9e:eb:75:25:c4:7b:fe:f6:
cb:95:2c:23:c1:40:69:ea:ec:fd:56:54:d9:4b:33:78:3a:01:
43:e9:01:cd:22:e0:be:09:96:f8:6d:31:f1:73:c4:7c:8d:6e:
67:30:2e:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASA/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDEzNzExWhcNMjUxMjEwMDEzNzExWjAYMRYw
FAYDVQQDEw02NzZhMTA0YS00ODkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzcwKnKFK/tv1/6t/NxEnMYntr5ds1KBo9TjkhE7Pu8sFxwtCDyIAWoiu
86xzR+fZfRSpnzY4nuNQQ4g+G/5doonV79mmTHUxNegm/QVuavyRW0BB0nTWEIk8
oN5qY6kJMjj43hlARMuuy2QzUiCaoMjVUso79DrppnXdF5ECi7XCM0jDydQoPMKM
kj+uh1jz7RsiPILWnSxs/CVhM5VEkSzCdYrDpjI8kBv9KrYkOSKh/dOgURv2E814
evsNYJGW99+zTG+/++EnW0hUWeuEPJzg3IU/NUZDvP4B9NoO9BYSl0G9OaOTRHGi
vzWuRyit5qi4jpxWT3xJLQvfU6+1XQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFpP
8EK/xUJ1/BdmxqmB8HZGUK69MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QTRGMjAzOEMxOTcxMUVGOURGMjU0OEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlq3MA0GCSqGSIb3DQEB
CwUAA4IBAQAzpwGS5ONA1Zsr+Z4/XC0Hkbb6s/Va/kJSKB+sJJutq43eVU6sk9V9
ZcDSWbv6d5ZbA8+u9u//Scm2LYajzGj4kCVuuUnNHrUqEA/n6aK9kciwqemRQqnI
FXa0uCPHx8RZntxGraWN+8naeEGKH8FfAivoD+f9o5yYuAVZmSJqi42RXdnjo6Wv
G3k2YJZHLkFdlsGT0SSuDjth6i1zT9nZ0XyhbUfxwwLs5evvx/D+Z1voHtGko+G3
nieZtlaxJc6BS7TiojVRVg/Zxr/HaJRZnut1JcR7/vbLlSwjwUBp6uz9VlTZSzN4
OgFD6QHNIuC+CZb4bTHxc8R8jW5nMC7D
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:44 2025 by rpki-client