Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9E0BFB70C0F111EF92543F87762E951A.roa
File: 9E0BFB70C0F111EF92543F87762E951A.roa (raw, json)
Hash identifier: BNZpsvqv+Ck4QIKFKj7ADU/iJW23DQu/7qC40dv+rQ4=
Subject key identifier: 4D:8B:E1:36:C2:01:55:55:3C:0C:CF:C1:52:EE:47:38:B2:28:E7:35
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F64
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9E0BFB70C0F111EF92543F87762E951A.roa
Signing time: Mon 23 Dec 2024 05:49:04 +0000
ROA not before: Mon 23 Dec 2024 05:49:01 +0000
ROA not after: Wed 10 Dec 2025 05:49:01 +0000
asID: 984
IP address blocks: 154.90.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 14:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73572 (0x11f64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 05:49:01 2024 GMT
Not After : Dec 10 05:49:01 2025 GMT
Subject: CN=6768f9d0-5095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:06:61:6f:41:d8:0d:76:8c:22:2e:f1:76:d8:
6b:54:96:10:3c:3f:fe:62:f5:ba:03:b3:0e:b3:ac:
67:32:49:8f:3e:ae:a5:63:51:da:92:c5:09:58:d8:
39:dc:e2:55:81:ef:50:6b:3d:2f:1f:b9:48:e1:4e:
6d:c0:34:f7:b0:01:f2:39:81:15:6c:57:35:c8:e3:
94:65:4d:bb:8d:81:93:d6:5d:e0:29:34:08:f9:d1:
33:46:c0:28:e4:21:f4:95:68:83:c4:05:d4:a9:55:
be:fa:6a:aa:54:80:99:0c:63:4f:f2:b9:d9:13:ac:
d3:bf:e5:70:f3:34:fa:db:89:11:ec:49:66:02:17:
37:69:aa:95:3d:26:12:45:94:06:74:82:f5:72:63:
2f:9b:ac:92:cb:72:d4:79:be:4f:f8:4f:53:a2:93:
be:0b:c5:5f:5f:5a:06:b1:13:28:fd:5c:42:e9:ba:
4d:b8:0a:50:03:25:6d:0e:22:e9:85:af:2f:5a:59:
5d:07:f8:d5:56:b6:08:b6:1c:fa:b3:64:4a:40:3a:
8d:af:08:1f:85:62:9d:29:1e:f5:be:4f:56:92:6c:
4a:e9:e0:bb:87:ec:13:a9:5c:ce:42:00:0d:6c:8e:
d9:63:66:48:03:02:0b:90:3b:22:5d:6a:95:61:b4:
6e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:8B:E1:36:C2:01:55:55:3C:0C:CF:C1:52:EE:47:38:B2:28:E7:35
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9E0BFB70C0F111EF92543F87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.104.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:4a:7f:4f:22:37:83:a1:a0:3d:43:59:f0:97:a5:38:ee:1b:
2c:eb:8a:3e:87:82:c8:a3:96:13:3e:ca:f2:56:23:bc:30:c8:
32:6a:44:20:53:25:0a:91:66:57:29:ab:56:ba:92:38:b8:e3:
f0:b2:81:f9:ee:2f:ee:d3:aa:71:1d:5b:bf:85:bc:81:68:4c:
dd:f2:60:a3:da:ad:0f:bb:b5:ab:13:ce:e3:82:01:97:45:e3:
94:d5:2a:ec:5f:20:48:12:79:e7:04:bc:8d:4d:e2:8a:be:9d:
66:cc:d2:51:58:86:b7:14:4b:79:59:c9:d5:09:9d:ea:f1:df:
b1:a3:ed:f5:69:ea:cc:5d:fb:94:18:41:6b:20:58:db:78:26:
f1:e6:0c:5c:d5:3a:46:56:8c:c3:77:27:73:fd:85:9a:36:53:
fa:e7:52:02:b5:66:df:9a:a4:91:21:57:4d:44:db:57:ea:b2:
52:f1:82:cf:58:e7:4a:8c:3e:e9:25:4a:e0:12:4f:61:5b:a3:
f7:df:8b:cf:f0:44:2a:6c:44:31:8b:92:81:88:01:9d:44:1d:
38:28:87:1e:24:35:dd:4f:0e:c9:78:ca:7e:ba:7c:52:2f:6b:
50:5d:16:d8:c4:07:3a:a0:8f:ee:bf:c9:31:29:96:25:7c:b5:
ee:02:b2:98
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR9kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDU0OTAxWhcNMjUxMjEwMDU0OTAxWjAYMRYw
FAYDVQQDEw02NzY4ZjlkMC01MDk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArAZhb0HYDXaMIi7xdthrVJYQPD/+YvW6A7MOs6xnMkmPPq6lY1HaksUJ
WNg53OJVge9Qaz0vH7lI4U5twDT3sAHyOYEVbFc1yOOUZU27jYGT1l3gKTQI+dEz
RsAo5CH0lWiDxAXUqVW++mqqVICZDGNP8rnZE6zTv+Vw8zT624kR7ElmAhc3aaqV
PSYSRZQGdIL1cmMvm6ySy3LUeb5P+E9TopO+C8VfX1oGsRMo/VxC6bpNuApQAyVt
DiLpha8vWlldB/jVVrYIthz6s2RKQDqNrwgfhWKdKR71vk9WkmxK6eC7h+wTqVzO
QgANbI7ZY2ZIAwILkDsiXWqVYbRuOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE2L
4TbCAVVVPAzPwVLuRziyKOc1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RTBCRkI3MEMwRjExMUVGOTI1NDNGODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlpoMA0GCSqGSIb3DQEB
CwUAA4IBAQBaSn9PIjeDoaA9Q1nwl6U47hss64o+h4LIo5YTPsryViO8MMgyakQg
UyUKkWZXKatWupI4uOPwsoH57i/u06pxHVu/hbyBaEzd8mCj2q0Pu7WrE87jggGX
ReOU1SrsXyBIEnnnBLyNTeKKvp1mzNJRWIa3FEt5WcnVCZ3q8d+xo+31aerMXfuU
GEFrIFjbeCbx5gxc1TpGVozDdydz/YWaNlP651ICtWbfmqSRIVdNRNtX6rJS8YLP
WOdKjD7pJUrgEk9hW6P334vP8EQqbEQxi5KBiAGdRB04KIceJDXdTw7JeMp+unxS
L2tQXRbYxAc6oI/uv8kxKZYlfLXuArKY
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:53:02 2025 by rpki-client