Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C2EE856C19D11EF9D2C26BD762E951A.roa
File: 9C2EE856C19D11EF9D2C26BD762E951A.roa (raw, json)
Hash identifier: D0Of9NIHTB/zPHQyqyoYmMk7TWq6KYRUmfTxZL3SOaE=
Subject key identifier: F3:25:C5:CD:67:9D:42:63:BB:CD:12:6C:6D:36:1C:3A:5F:8E:44:7E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012089
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C2EE856C19D11EF9D2C26BD762E951A.roa
Signing time: Tue 24 Dec 2024 02:20:15 +0000
ROA not before: Tue 24 Dec 2024 02:20:11 +0000
ROA not after: Wed 10 Dec 2025 02:20:11 +0000
asID: 984
IP address blocks: 154.90.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73865 (0x12089)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 02:20:11 2024 GMT
Not After : Dec 10 02:20:11 2025 GMT
Subject: CN=676a1a5e-c068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:84:2b:d8:fb:55:01:a3:17:43:5b:65:95:68:
29:8d:3d:0d:19:1d:fb:b8:87:fc:7a:15:80:60:51:
5b:b1:3b:1f:89:11:cc:99:0c:7a:34:0d:17:b1:32:
c4:26:e6:7f:42:b9:14:95:f5:53:0c:e3:dd:47:5d:
e0:a6:2b:3f:9d:0a:b1:2a:c7:15:b4:1c:97:69:97:
2e:95:11:08:38:a2:88:a8:23:c1:b5:80:34:55:f9:
05:51:b2:2f:91:d8:66:c7:da:44:bb:bb:78:94:76:
9a:ef:d5:d4:cd:e5:d6:f2:29:f5:7a:c3:40:4d:4c:
02:c8:a9:d5:28:09:2f:92:c8:61:a9:36:8a:8d:cc:
98:18:33:2a:69:2c:f6:5c:00:7d:77:f8:39:a6:d7:
4d:3f:b2:3f:88:a7:1a:8f:bb:0c:a4:aa:3e:8a:f4:
49:35:47:d0:c3:71:04:a8:de:83:9d:b8:df:93:b6:
7e:5d:e7:be:4d:40:ab:e0:51:cd:ee:51:47:51:df:
4c:1d:22:f4:4f:c8:98:78:97:62:8b:8d:4b:af:e6:
98:12:7b:50:a5:3d:92:48:3d:bb:f7:19:94:cd:63:
1d:a3:3e:07:9c:72:41:d4:a2:cd:68:70:04:95:a1:
4b:fb:81:66:81:24:5a:63:2e:ba:fe:7a:80:96:ed:
0a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:25:C5:CD:67:9D:42:63:BB:CD:12:6C:6D:36:1C:3A:5F:8E:44:7E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C2EE856C19D11EF9D2C26BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/24
Signature Algorithm: sha256WithRSAEncryption
05:0f:44:45:f9:cb:5c:27:e4:3f:38:c3:c7:64:92:33:e6:b9:
03:c3:98:16:09:59:db:87:db:b4:45:56:92:43:92:82:00:66:
11:e1:09:df:f2:7f:be:53:1d:71:24:74:73:f4:e4:5d:d9:bf:
d4:8f:97:6a:80:74:4d:d0:59:3e:c8:2d:52:19:e5:e6:01:6f:
63:bc:64:33:36:a0:cb:55:e3:8d:b5:7a:0a:81:ca:2b:35:b4:
33:95:40:e9:ea:fc:d7:da:5d:5a:8c:0d:aa:08:03:0b:c6:62:
1e:04:a4:ed:a1:0e:72:ec:6c:76:1e:c6:86:19:c0:f9:74:08:
f2:ba:4c:96:58:97:ad:9e:fe:e3:69:b1:f1:c2:6a:28:3b:d6:
94:b0:2c:2f:0f:da:83:3b:f3:03:0d:a2:77:d3:17:77:1e:5e:
79:35:da:d8:28:f6:19:40:28:3b:ca:7a:65:d8:1b:71:18:db:
a0:a0:0a:7a:5c:10:7e:0f:ad:33:a2:4a:5f:5c:51:e2:31:fc:
73:8c:df:2e:11:d1:e2:24:ee:b2:49:5e:08:6e:4a:6d:c6:b3:
29:08:53:9a:08:00:0f:d8:47:c2:9f:ba:fd:db:2c:58:ae:33:
67:59:72:43:4f:6a:a1:4a:8e:11:b8:4b:6e:ea:c8:b0:78:37:
f2:23:48:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASCJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDIyMDExWhcNMjUxMjEwMDIyMDExWjAYMRYw
FAYDVQQDEw02NzZhMWE1ZS1jMDY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1oQr2PtVAaMXQ1tllWgpjT0NGR37uIf8ehWAYFFbsTsfiRHMmQx6NA0X
sTLEJuZ/QrkUlfVTDOPdR13gpis/nQqxKscVtByXaZculREIOKKIqCPBtYA0VfkF
UbIvkdhmx9pEu7t4lHaa79XUzeXW8in1esNATUwCyKnVKAkvkshhqTaKjcyYGDMq
aSz2XAB9d/g5ptdNP7I/iKcaj7sMpKo+ivRJNUfQw3EEqN6Dnbjfk7Z+Xee+TUCr
4FHN7lFHUd9MHSL0T8iYeJdii41Lr+aYEntQpT2SSD279xmUzWMdoz4HnHJB1KLN
aHAElaFL+4FmgSRaYy66/nqAlu0KAwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPMl
xc1nnUJju80SbG02HDpfjkR+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QzJFRTg1NkMxOUQxMUVGOUQyQzI2QkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQAFD0RF+ctcJ+Q/OMPHZJIz5rkDw5gWCVnbh9u0RVaSQ5KCAGYR4Qnf
8n++Ux1xJHRz9ORd2b/Uj5dqgHRN0Fk+yC1SGeXmAW9jvGQzNqDLVeONtXoKgcor
NbQzlUDp6vzX2l1ajA2qCAMLxmIeBKTtoQ5y7Gx2HsaGGcD5dAjyukyWWJetnv7j
abHxwmooO9aUsCwvD9qDO/MDDaJ30xd3Hl55NdrYKPYZQCg7ynpl2BtxGNugoAp6
XBB+D60zokpfXFHiMfxzjN8uEdHiJO6ySV4IbkptxrMpCFOaCAAP2EfCn7r92yxY
rjNnWXJDT2qhSo4RuEtu6siweDfyI0hB
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:19 2025 by rpki-client