Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CEF32C8C0DA11EF8E14D274762E951A.roa
File: 9CEF32C8C0DA11EF8E14D274762E951A.roa (raw, json)
Hash identifier: CCFQNh1yj9oLCg8jer06UIAxu46rhqP/aBhGl3rYYbs=
Subject key identifier: EF:44:AD:09:BE:12:74:48:9A:9D:47:F1:D4:71:3B:00:AF:66:39:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E98
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CEF32C8C0DA11EF8E14D274762E951A.roa
Signing time: Mon 23 Dec 2024 03:04:24 +0000
ROA not before: Mon 23 Dec 2024 03:04:20 +0000
ROA not after: Wed 10 Dec 2025 03:04:20 +0000
asID: 984
IP address blocks: 154.89.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73368 (0x11e98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 03:04:20 2024 GMT
Not After : Dec 10 03:04:20 2025 GMT
Subject: CN=6768d338-35d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:b1:e1:1a:26:34:d7:6e:22:da:e6:42:f0:
c0:ca:aa:e0:98:ad:16:1e:68:16:05:ce:c4:30:d4:
c0:d2:53:e4:5b:ec:9a:43:ca:c8:be:cd:58:b7:56:
c5:51:8b:c6:49:24:82:68:a4:6f:13:34:66:62:c7:
73:28:37:c9:70:00:03:5b:bf:29:a3:d6:9f:83:cd:
33:4e:5c:49:86:20:e8:7e:e6:7e:34:ab:62:d0:d1:
f8:00:f4:20:fd:3f:b3:74:aa:a3:a6:46:4b:a6:d7:
c0:b1:ea:c0:9b:c1:82:76:b9:ed:f0:c6:b3:26:22:
64:1e:a1:38:77:a2:68:fd:21:7f:a8:91:c7:57:ef:
03:5c:f5:94:f5:24:10:11:21:8a:07:78:8e:d6:69:
04:47:99:fa:f9:28:55:34:f0:29:0f:2b:58:28:a2:
5b:12:88:77:7f:9f:10:c3:42:9a:8b:8f:af:00:e1:
59:59:5e:cb:44:84:69:79:88:ca:59:ef:7c:c4:5c:
5f:13:b0:02:c6:13:c0:60:0b:89:5b:76:c3:c5:c1:
ac:10:eb:0e:cf:0c:3d:17:48:b4:7b:96:f1:00:b7:
dd:d7:06:39:ff:0c:d6:08:11:05:a9:4f:1e:49:b5:
8e:38:c9:65:bf:ff:86:2c:df:f3:6c:29:b6:4c:2d:
ba:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:44:AD:09:BE:12:74:48:9A:9D:47:F1:D4:71:3B:00:AF:66:39:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CEF32C8C0DA11EF8E14D274762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.170.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:ad:48:4d:0f:89:27:7b:24:a7:f6:9a:52:34:73:27:2b:f5:
82:84:dd:dd:c5:e2:73:88:1f:cf:a3:83:14:56:4f:e2:5d:5c:
c2:82:b7:f4:bb:13:61:9b:8b:1a:56:f1:a4:8f:49:d8:79:97:
68:0f:ef:c1:8c:e1:1a:7c:b1:f7:ab:b4:20:13:41:bb:95:cc:
fd:c0:8b:d3:64:15:a7:fa:5e:28:bb:05:af:01:c8:7d:fc:30:
5d:4f:9f:26:dc:ff:3e:24:57:ba:5c:39:af:95:67:11:c2:d9:
51:59:f5:d3:30:ab:95:b8:eb:52:e7:e4:f7:b4:04:0d:8a:b1:
8a:a0:0c:0d:0f:59:0a:57:64:06:2a:d4:09:9b:06:80:f1:07:
20:12:10:15:4f:1a:ea:29:2c:5e:f4:3f:10:dc:27:7d:a2:01:
44:c7:8d:d8:8b:83:46:3d:18:ad:c3:6e:2d:84:7b:a2:5a:09:
13:79:a5:b9:d7:96:6c:c0:a6:79:1e:cc:91:95:54:18:74:15:
85:f2:4c:e1:e8:ff:61:b7:ce:16:b8:0a:18:31:53:be:9a:0e:
3f:b4:2a:9c:53:e2:d7:a2:01:0f:7a:74:83:18:d5:0c:db:1d:
c9:4f:a4:c8:aa:12:f1:ba:b2:ec:45:3f:b8:1d:53:50:87:b4:
04:fd:54:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR6YMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDMwNDIwWhcNMjUxMjEwMDMwNDIwWjAYMRYw
FAYDVQQDEw02NzY4ZDMzOC0zNWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwYqx4RomNNduItrmQvDAyqrgmK0WHmgWBc7EMNTA0lPkW+yaQ8rIvs1Y
t1bFUYvGSSSCaKRvEzRmYsdzKDfJcAADW78po9afg80zTlxJhiDofuZ+NKti0NH4
APQg/T+zdKqjpkZLptfAserAm8GCdrnt8MazJiJkHqE4d6Jo/SF/qJHHV+8DXPWU
9SQQESGKB3iO1mkER5n6+ShVNPApDytYKKJbEoh3f58Qw0Kai4+vAOFZWV7LRIRp
eYjKWe98xFxfE7ACxhPAYAuJW3bDxcGsEOsOzww9F0i0e5bxALfd1wY5/wzWCBEF
qU8eSbWOOMllv/+GLN/zbCm2TC26CQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO9E
rQm+EnRImp1H8dRxOwCvZjmkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Q0VGMzJDOEMwREExMUVGOEUxNEQyNzQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmqMA0GCSqGSIb3DQEB
CwUAA4IBAQDBrUhND4kneySn9ppSNHMnK/WChN3dxeJziB/Po4MUVk/iXVzCgrf0
uxNhm4saVvGkj0nYeZdoD+/BjOEafLH3q7QgE0G7lcz9wIvTZBWn+l4ouwWvAch9
/DBdT58m3P8+JFe6XDmvlWcRwtlRWfXTMKuVuOtS5+T3tAQNirGKoAwND1kKV2QG
KtQJmwaA8QcgEhAVTxrqKSxe9D8Q3Cd9ogFEx43Yi4NGPRitw24thHuiWgkTeaW5
15ZswKZ5HsyRlVQYdBWF8kzh6P9ht84WuAoYMVO+mg4/tCqcU+LXogEPenSDGNUM
2x3JT6TIqhLxurLsRT+4HVNQh7QE/VSj
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:49:37 2025 by rpki-client