Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A98E5068C5E411EF9ADDE379762E951A.roa
File: A98E5068C5E411EF9ADDE379762E951A.roa (raw, json)
Hash identifier: ZZhhPufTruiK5y4cI9SnxrPrRE7jJTVPoGwY7f5Q4t0=
Subject key identifier: 72:5A:D8:73:61:71:90:43:1D:96:FE:B9:CA:FC:22:BA:24:15:0D:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D6E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A98E5068C5E411EF9ADDE379762E951A.roa
Signing time: Sun 29 Dec 2024 12:58:56 +0000
ROA not before: Sun 29 Dec 2024 12:58:52 +0000
ROA not after: Fri 12 Dec 2025 12:58:52 +0000
asID: 984
IP address blocks: 154.210.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77166 (0x12d6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 12:58:52 2024 GMT
Not After : Dec 12 12:58:52 2025 GMT
Subject: CN=67714790-9e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:07:c9:e1:2c:ce:e8:78:fb:2d:40:99:53:3c:
23:a7:7f:ed:24:c5:07:19:9c:11:a2:eb:84:2c:ba:
ee:36:77:e2:ba:bf:d2:f7:f0:12:36:f1:39:c3:c6:
a0:66:81:98:32:6f:0e:89:7d:6f:8b:e5:03:b5:75:
67:81:6a:62:84:de:30:17:af:06:18:75:7e:1f:74:
3f:38:7c:62:89:85:69:c9:ac:10:2d:16:a3:9d:7f:
8f:29:98:fc:03:25:7c:78:36:ca:e2:1e:db:fa:f3:
aa:b7:fe:9a:39:93:78:32:76:45:1e:a4:d3:2e:d7:
a5:09:2f:9b:23:e3:f2:a0:98:55:3f:a2:a0:94:c0:
46:46:47:d9:8a:41:97:b9:af:00:08:6d:70:8f:aa:
fd:bd:db:b0:d2:5a:d2:3d:cc:59:f7:c6:af:05:e7:
3c:a8:a2:02:c4:7d:3f:9a:01:10:22:39:1a:f3:20:
1b:1b:e8:b2:a9:be:cf:b4:72:27:bf:2c:d9:2d:eb:
eb:8e:b6:0c:ff:d9:50:ac:f0:8f:56:1b:b9:8a:72:
f3:e4:d0:3b:d7:12:9b:f8:56:18:db:f4:5d:20:2c:
18:8f:73:59:d7:23:10:c7:5a:ec:fb:47:da:4f:00:
19:e7:2d:8b:8f:55:e3:34:98:ff:1c:17:b4:a2:34:
7b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5A:D8:73:61:71:90:43:1D:96:FE:B9:CA:FC:22:BA:24:15:0D:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A98E5068C5E411EF9ADDE379762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.121.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:77:01:02:3b:8d:e4:24:a1:9d:5a:ba:18:db:b9:c8:de:2b:
33:15:d7:66:dc:a4:5a:9f:8f:14:71:29:bf:fe:77:1c:03:e9:
69:ea:33:87:5a:ae:29:c7:cf:6d:05:da:ce:ae:4d:1b:40:cd:
8d:81:fb:80:86:90:3f:3f:b0:3d:9f:02:19:a3:d2:1d:8d:84:
10:eb:d4:8c:55:d6:94:a7:0d:a6:58:76:25:d3:71:ce:1f:9c:
56:88:06:38:2a:f9:ac:47:65:54:75:1a:0b:2e:0d:d4:78:97:
70:fc:12:77:49:a6:18:4a:c6:7f:a5:be:1e:3c:8c:88:b2:70:
24:ed:d1:4c:2c:10:3d:4e:57:9d:cb:c1:d4:c6:fe:8e:e2:a3:
fd:85:fd:bb:52:db:e0:b9:e1:11:5a:b8:55:36:e3:ff:0a:c2:
a6:ab:8c:94:77:d8:67:c1:a6:b8:5a:30:5e:38:f6:41:17:98:
bc:df:f4:7d:d6:43:77:1e:9a:df:ae:f6:7c:d4:2e:f3:4d:aa:
e0:e9:64:fa:fc:a7:6e:6b:61:10:59:92:e0:5d:2f:9c:1c:91:
d7:7c:e4:c5:94:ba:5a:44:17:3f:50:a7:6d:fc:2a:66:e2:dd:
b8:ea:cc:31:84:e3:1a:67:e9:69:2b:e1:d1:43:37:e6:26:ef:
a1:fc:82:b8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS1uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTI1ODUyWhcNMjUxMjEyMTI1ODUyWjAYMRYw
FAYDVQQDEw02NzcxNDc5MC05ZTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwwfJ4SzO6Hj7LUCZUzwjp3/tJMUHGZwRouuELLruNnfiur/S9/ASNvE5
w8agZoGYMm8OiX1vi+UDtXVngWpihN4wF68GGHV+H3Q/OHxiiYVpyawQLRajnX+P
KZj8AyV8eDbK4h7b+vOqt/6aOZN4MnZFHqTTLtelCS+bI+PyoJhVP6KglMBGRkfZ
ikGXua8ACG1wj6r9vduw0lrSPcxZ98avBec8qKICxH0/mgEQIjka8yAbG+iyqb7P
tHInvyzZLevrjrYM/9lQrPCPVhu5inLz5NA71xKb+FYY2/RdICwYj3NZ1yMQx1rs
+0faTwAZ5y2Lj1XjNJj/HBe0ojR7tQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHJa
2HNhcZBDHZb+ucr8IrokFQ2tMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOThFNTA2OEM1RTQxMUVGOUFEREUzNzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJ5MA0GCSqGSIb3DQEB
CwUAA4IBAQBqdwECO43kJKGdWroY27nI3iszFddm3KRan48UcSm//nccA+lp6jOH
Wq4px89tBdrOrk0bQM2NgfuAhpA/P7A9nwIZo9IdjYQQ69SMVdaUpw2mWHYl03HO
H5xWiAY4KvmsR2VUdRoLLg3UeJdw/BJ3SaYYSsZ/pb4ePIyIsnAk7dFMLBA9Tled
y8HUxv6O4qP9hf27UtvgueERWrhVNuP/CsKmq4yUd9hnwaa4WjBeOPZBF5i83/R9
1kN3HprfrvZ81C7zTarg6WT6/Kdua2EQWZLgXS+cHJHXfOTFlLpaRBc/UKdt/Cpm
4t246swxhOMaZ+lpK+HRQzfmJu+h/IK4
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:45:32 2025 by rpki-client