Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AAF61BB8CDDF11EF9145A541762E951A.roa
File: AAF61BB8CDDF11EF9145A541762E951A.roa (raw, json)
Hash identifier: K3DnX/s8wchNH61dP6YfWx4PMxeNNcFJhFDvBbrK1Yc=
Subject key identifier: E5:32:72:A6:C9:12:B0:93:F6:21:DD:51:1B:30:51:24:14:DF:0E:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0137B5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AAF61BB8CDDF11EF9145A541762E951A.roa
Signing time: Wed 08 Jan 2025 16:43:20 +0000
ROA not before: Wed 08 Jan 2025 16:43:16 +0000
ROA not after: Sat 03 Jan 2026 16:43:16 +0000
asID: 984
IP address blocks: 154.89.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79797 (0x137b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 16:43:16 2025 GMT
Not After : Jan 3 16:43:16 2026 GMT
Subject: CN=677eab28-3bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f4:66:e5:40:00:08:f0:73:e7:54:69:05:5d:
84:37:b8:ad:46:7a:3e:d9:f3:8b:c1:80:fd:43:f7:
4b:79:3c:e3:d5:dd:a9:a9:5d:34:61:f5:20:db:26:
3b:04:4a:b0:83:db:85:16:70:87:f4:9f:0d:fb:6f:
5f:21:7c:f7:ea:c7:ab:2a:f1:97:eb:29:fc:2f:26:
99:b4:91:09:8e:76:71:ac:0a:14:ab:45:6e:48:be:
fd:65:f7:28:30:7e:2e:d1:c0:e4:7c:22:3c:7e:80:
3d:db:5a:2b:6c:c7:96:11:c2:4a:2f:f6:1f:bd:fd:
f2:30:9d:2e:3c:d9:53:95:df:2d:b7:60:97:6d:2b:
8f:ad:81:79:54:10:31:48:cc:9e:90:68:ff:4a:2e:
37:4f:00:e1:90:c9:74:d4:b4:74:ad:3f:d3:42:f5:
d3:58:1e:71:47:b4:ed:b2:b4:0d:c5:dd:ae:a0:82:
b7:20:24:e9:89:0a:4d:58:7b:04:e6:6d:be:7e:c3:
b9:7b:9b:2e:36:d5:79:32:66:84:9d:18:40:ae:ec:
9c:fa:43:55:47:ee:dc:75:82:24:22:10:c7:e9:03:
4e:de:3e:6b:67:8e:8f:bd:ec:71:60:92:30:59:ba:
8b:b0:ee:9a:fe:51:9b:b7:18:3c:4a:65:5c:db:9a:
9f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:32:72:A6:C9:12:B0:93:F6:21:DD:51:1B:30:51:24:14:DF:0E:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AAF61BB8CDDF11EF9145A541762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.169.0/24
Signature Algorithm: sha256WithRSAEncryption
92:9e:d1:ec:f1:9e:53:09:ea:8b:bb:fa:91:6a:b6:9d:13:45:
20:6a:2d:ba:45:fd:ff:ef:4c:64:b8:ef:8a:6e:87:1c:5b:15:
5f:4c:c2:e0:8d:93:e1:9a:77:40:3f:04:48:29:2c:b8:f2:0d:
dc:ac:84:c7:88:d0:54:1b:bf:19:4c:72:2a:89:82:01:e3:c9:
e9:66:20:19:12:41:8f:a0:76:18:4a:ae:09:5b:06:21:89:ae:
6d:53:e8:d2:6c:a6:f6:74:9a:2b:c7:8e:74:b2:ca:50:c3:33:
a3:d4:fe:e4:6c:24:26:6f:9b:01:2f:5e:6f:0f:de:42:a4:69:
10:13:81:cd:8f:59:39:ae:e3:b3:bf:f6:60:c1:52:a6:0c:d5:
1d:cf:53:18:7a:e3:bf:82:18:80:2a:47:52:5c:0a:1b:33:ec:
3c:3e:62:d7:33:65:eb:df:a3:6d:70:e6:2d:a7:0c:e4:4e:db:
79:79:26:35:da:6d:16:af:5f:c7:03:e9:67:7e:44:5f:c5:b4:
28:0d:c1:57:59:38:30:a5:69:50:ed:0f:65:a9:a5:f6:0a:f1:
57:3e:ea:d0:89:7a:9b:6d:4d:e0:c8:85:bf:1c:64:0d:59:35:
58:09:5b:60:d8:f7:4e:dd:5e:19:4c:67:8c:fb:c1:01:b6:2c:
2f:01:0f:20
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATe1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTY0MzE2WhcNMjYwMTAzMTY0MzE2WjAYMRYw
FAYDVQQDEw02NzdlYWIyOC0zYmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl/Rm5UAACPBz51RpBV2EN7itRno+2fOLwYD9Q/dLeTzj1d2pqV00YfUg
2yY7BEqwg9uFFnCH9J8N+29fIXz36serKvGX6yn8LyaZtJEJjnZxrAoUq0VuSL79
ZfcoMH4u0cDkfCI8foA921orbMeWEcJKL/Yfvf3yMJ0uPNlTld8tt2CXbSuPrYF5
VBAxSMyekGj/Si43TwDhkMl01LR0rT/TQvXTWB5xR7TtsrQNxd2uoIK3ICTpiQpN
WHsE5m2+fsO5e5suNtV5MmaEnRhAruyc+kNVR+7cdYIkIhDH6QNO3j5rZ46Pvexx
YJIwWbqLsO6a/lGbtxg8SmVc25qf0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOUy
cqbJErCT9iHdURswUSQU3w7gMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQUY2MUJCOENEREYxMUVGOTE0NUE1NDE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmpMA0GCSqGSIb3DQEB
CwUAA4IBAQCSntHs8Z5TCeqLu/qRaradE0Ugai26Rf3/70xkuO+KboccWxVfTMLg
jZPhmndAPwRIKSy48g3crITHiNBUG78ZTHIqiYIB48npZiAZEkGPoHYYSq4JWwYh
ia5tU+jSbKb2dJorx450sspQwzOj1P7kbCQmb5sBL15vD95CpGkQE4HNj1k5ruOz
v/ZgwVKmDNUdz1MYeuO/ghiAKkdSXAobM+w8PmLXM2Xr36NtcOYtpwzkTtt5eSY1
2m0Wr1/HA+lnfkRfxbQoDcFXWTgwpWlQ7Q9lqaX2CvFXPurQiXqbbU3gyIW/HGQN
WTVYCVtg2PdO3V4ZTGeM+8EBtiwvAQ8g
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:58 2025 by rpki-client