Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D3ED560C0DC11EFA78FDF81762E951A.roa
File: 9D3ED560C0DC11EFA78FDF81762E951A.roa (raw, json)
Hash identifier: omMvjL9+NfroUFCdpgXX0P94PSPJm1WS/5duT4jT7Zw=
Subject key identifier: 78:B9:F5:7F:E3:2D:17:CC:9C:E4:C2:C0:A1:19:0E:EA:C8:FD:96:F2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011EB2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D3ED560C0DC11EFA78FDF81762E951A.roa
Signing time: Mon 23 Dec 2024 03:18:44 +0000
ROA not before: Mon 23 Dec 2024 03:18:40 +0000
ROA not after: Wed 10 Dec 2025 03:18:40 +0000
asID: 984
IP address blocks: 154.89.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73394 (0x11eb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 03:18:40 2024 GMT
Not After : Dec 10 03:18:40 2025 GMT
Subject: CN=6768d693-129b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:36:11:52:bf:7b:15:bb:d5:8a:45:0e:f6:f6:
3b:23:bd:57:2b:3f:75:1e:15:a1:37:49:73:bd:ca:
8d:a9:f0:f4:bb:25:e9:11:65:7b:4f:80:61:5e:a9:
d8:f2:7f:16:6f:92:65:57:b8:68:05:32:17:a5:a2:
8a:c9:b0:6e:2d:a7:27:ff:4a:3b:1a:83:67:17:c9:
20:35:86:cf:bf:be:de:ab:26:87:d7:87:b6:94:8d:
e4:70:5a:70:d7:0e:da:f3:ad:11:f0:ee:18:63:da:
36:d1:61:ba:a6:20:bc:45:e9:10:07:41:f4:a5:c5:
2f:fb:a6:0f:9f:7c:3a:1c:9b:fd:23:e2:95:d5:fd:
72:b8:bd:04:28:34:68:a2:da:cf:cc:b7:d4:9a:72:
27:c5:ee:c3:4f:ac:f2:77:d3:93:e9:72:a2:37:7a:
01:cf:84:98:7b:66:64:3d:c7:2c:12:13:43:05:76:
dd:a1:30:01:82:7d:91:4c:ee:c2:b9:d7:d3:60:5b:
9c:ec:ee:6a:56:5d:ab:e9:68:04:3f:ce:eb:44:25:
24:a6:da:d2:db:49:91:a4:bc:c4:1b:73:91:4b:d9:
dd:b9:8b:00:34:fe:44:32:3e:e7:1c:d2:27:3f:67:
9f:cb:42:42:21:52:7f:31:81:71:28:ee:47:dc:60:
e5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:B9:F5:7F:E3:2D:17:CC:9C:E4:C2:C0:A1:19:0E:EA:C8:FD:96:F2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D3ED560C0DC11EFA78FDF81762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.183.0/24
Signature Algorithm: sha256WithRSAEncryption
87:2a:4e:0e:da:62:1b:83:53:5e:2a:b6:4d:2b:07:95:d5:a3:
12:18:8f:8f:20:8e:ee:8b:33:74:26:97:a5:bc:f0:1d:af:3b:
71:ec:6f:fa:fb:96:9c:e5:4d:96:17:40:e6:88:d7:5f:30:ce:
50:49:df:d7:20:59:33:25:a9:0c:fc:57:18:6a:ce:09:3f:6e:
f9:e4:69:e1:8b:55:68:a2:54:26:03:3b:35:ff:b4:93:af:fc:
69:b4:e3:73:de:0f:c8:de:f0:07:99:86:5b:65:17:72:dc:48:
2c:f8:f5:4e:ab:97:74:f8:b6:75:c0:04:4b:70:7a:21:2e:3c:
ff:88:93:30:94:f1:bf:42:0f:6d:92:e6:62:c8:ce:ee:67:2e:
18:86:36:e9:c6:d8:f1:ff:c8:e9:05:8b:f9:ea:9f:86:e4:82:
db:a6:8b:5d:e2:fb:06:ce:1e:b7:91:5a:f9:ba:89:9d:df:d3:
72:bd:e9:16:10:41:de:d9:3a:a0:bb:29:13:b3:0b:a8:f3:bd:
cd:0a:41:f3:5b:72:03:68:31:b0:ef:a2:6a:dc:70:ab:f7:c5:
4d:44:64:6f:87:46:cf:bd:f5:4a:45:df:41:71:8d:d8:26:fa:
60:5e:06:26:8c:c2:74:7f:cc:d1:39:6a:6f:c4:21:25:0a:4c:
ae:ba:58:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR6yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDMxODQwWhcNMjUxMjEwMDMxODQwWjAYMRYw
FAYDVQQDEw02NzY4ZDY5My0xMjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzjYRUr97FbvVikUO9vY7I71XKz91HhWhN0lzvcqNqfD0uyXpEWV7T4Bh
XqnY8n8Wb5JlV7hoBTIXpaKKybBuLacn/0o7GoNnF8kgNYbPv77eqyaH14e2lI3k
cFpw1w7a860R8O4YY9o20WG6piC8RekQB0H0pcUv+6YPn3w6HJv9I+KV1f1yuL0E
KDRootrPzLfUmnInxe7DT6zyd9OT6XKiN3oBz4SYe2ZkPccsEhNDBXbdoTABgn2R
TO7CudfTYFuc7O5qVl2r6WgEP87rRCUkptrS20mRpLzEG3ORS9nduYsANP5EMj7n
HNInP2efy0JCIVJ/MYFxKO5H3GDlYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHi5
9X/jLRfMnOTCwKEZDurI/ZbyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RDNFRDU2MEMwREMxMUVGQTc4RkRGODE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlm3MA0GCSqGSIb3DQEB
CwUAA4IBAQCHKk4O2mIbg1NeKrZNKweV1aMSGI+PII7uizN0JpelvPAdrztx7G/6
+5ac5U2WF0DmiNdfMM5QSd/XIFkzJakM/FcYas4JP2755Gnhi1VoolQmAzs1/7ST
r/xptONz3g/I3vAHmYZbZRdy3Egs+PVOq5d0+LZ1wARLcHohLjz/iJMwlPG/Qg9t
kuZiyM7uZy4Yhjbpxtjx/8jpBYv56p+G5ILbpotd4vsGzh63kVr5uomd39NyvekW
EEHe2TqguykTswuo873NCkHzW3IDaDGw76Jq3HCr98VNRGRvh0bPvfVKRd9BcY3Y
JvpgXgYmjMJ0f8zROWpvxCElCkyuulgV
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:38 2025 by rpki-client