Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AAF95680C0F511EFB58EC6A0762E951A.roa
File: AAF95680C0F511EFB58EC6A0762E951A.roa (raw, json)
Hash identifier: Y58il3JpRmSWej259+ssebAM0e3PEJ3dm2hHvc9Vs3A=
Subject key identifier: 7A:93:5B:68:0D:9F:C9:BD:7E:A8:C9:72:A8:F1:95:F6:98:94:22:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F8A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AAF95680C0F511EFB58EC6A0762E951A.roa
Signing time: Mon 23 Dec 2024 06:18:04 +0000
ROA not before: Mon 23 Dec 2024 06:18:00 +0000
ROA not after: Wed 10 Dec 2025 06:18:00 +0000
asID: 984
IP address blocks: 154.90.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73610 (0x11f8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 06:18:00 2024 GMT
Not After : Dec 10 06:18:00 2025 GMT
Subject: CN=6769009c-0fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:70:a9:a2:83:24:31:59:87:01:e0:f9:da:11:
b3:d4:ac:bb:29:63:75:1c:a3:a0:13:2a:64:90:6e:
7b:eb:df:f7:50:c8:19:a9:80:46:28:5e:58:d3:ac:
8c:a8:58:11:6f:40:98:a1:b9:d7:14:e5:c0:3f:06:
7e:75:f4:9a:01:c9:70:2d:d6:af:47:38:32:ca:32:
26:12:2b:0d:df:1a:92:17:d9:92:2c:09:f8:85:40:
48:f4:27:0b:bb:3e:4c:66:98:de:24:be:e9:f0:1c:
d3:89:7c:03:05:5f:24:68:13:16:2b:a7:f1:0f:20:
3d:e5:93:cd:69:73:00:5b:5f:28:f0:5b:1f:39:88:
cd:f9:2f:b4:35:61:0c:9e:02:92:ed:8e:fc:28:92:
25:29:62:45:2b:7e:2c:36:bf:86:99:92:1b:8d:0b:
05:b8:51:1b:de:b8:c0:70:9c:c8:41:90:89:db:04:
e3:75:13:47:c2:7e:ad:8d:af:64:19:63:1d:fd:73:
37:28:f9:e3:e0:81:73:12:d4:a5:ef:66:e5:43:a7:
a4:80:3b:cf:bb:3c:6e:55:bd:35:4b:e8:93:bf:75:
89:16:e8:a2:16:07:60:92:06:4a:03:50:23:4c:db:
31:f3:01:9a:1f:b7:fd:88:1b:8f:a4:d7:b1:f9:32:
a0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:93:5B:68:0D:9F:C9:BD:7E:A8:C9:72:A8:F1:95:F6:98:94:22:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AAF95680C0F511EFB58EC6A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.123.0/24
Signature Algorithm: sha256WithRSAEncryption
94:eb:b3:95:62:bb:fd:42:25:6b:d1:bf:a8:be:ad:fc:84:0e:
7c:f3:56:b6:36:62:3f:d3:bc:17:27:b7:69:3d:96:cb:d8:41:
24:bd:c9:53:1b:42:92:93:1c:f9:49:0d:81:b8:db:85:27:61:
f1:b2:f8:1f:40:5f:b5:86:41:b3:24:86:21:5c:a0:26:f1:ea:
8b:fb:bb:3b:bb:bf:fa:cd:bc:68:c9:04:89:80:91:ec:21:4b:
8f:2d:82:aa:bc:f0:ef:24:05:b2:89:b7:6d:4e:d1:f4:99:64:
49:fe:77:0d:21:ba:dd:bb:9a:08:c0:0a:e6:03:ae:92:83:62:
a9:b7:dd:92:ea:7b:3a:19:35:2f:96:b7:32:b5:11:32:85:8d:
e7:cf:14:11:24:fe:61:33:9c:f2:1e:de:a7:c8:ef:72:13:52:
cc:d2:eb:c9:c1:86:a3:44:fb:95:bd:39:92:5e:1f:d2:ef:76:
1e:21:3f:fe:0c:61:d4:c2:48:df:09:8d:5d:97:86:1f:1f:d2:
41:f3:76:e4:99:64:48:13:43:68:b4:fc:9c:ce:18:f7:3f:e1:
07:4e:8f:9d:dd:14:5c:be:91:47:f1:58:d8:f1:da:0a:53:ef:
c0:ac:12:fa:14:55:45:3a:35:b1:65:b5:c5:6d:62:ce:27:d5:
55:a5:d0:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR+KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDYxODAwWhcNMjUxMjEwMDYxODAwWjAYMRYw
FAYDVQQDEw02NzY5MDA5Yy0wZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp3CpooMkMVmHAeD52hGz1Ky7KWN1HKOgEypkkG5769/3UMgZqYBGKF5Y
06yMqFgRb0CYobnXFOXAPwZ+dfSaAclwLdavRzgyyjImEisN3xqSF9mSLAn4hUBI
9CcLuz5MZpjeJL7p8BzTiXwDBV8kaBMWK6fxDyA95ZPNaXMAW18o8FsfOYjN+S+0
NWEMngKS7Y78KJIlKWJFK34sNr+GmZIbjQsFuFEb3rjAcJzIQZCJ2wTjdRNHwn6t
ja9kGWMd/XM3KPnj4IFzEtSl72blQ6ekgDvPuzxuVb01S+iTv3WJFuiiFgdgkgZK
A1AjTNsx8wGaH7f9iBuPpNex+TKgsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHqT
W2gNn8m9fqjJcqjxlfaYlCJ7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQUY5NTY4MEMwRjUxMUVGQjU4RUM2QTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlp7MA0GCSqGSIb3DQEB
CwUAA4IBAQCU67OVYrv9QiVr0b+ovq38hA5881a2NmI/07wXJ7dpPZbL2EEkvclT
G0KSkxz5SQ2BuNuFJ2HxsvgfQF+1hkGzJIYhXKAm8eqL+7s7u7/6zbxoyQSJgJHs
IUuPLYKqvPDvJAWyibdtTtH0mWRJ/ncNIbrdu5oIwArmA66Sg2Kpt92S6ns6GTUv
lrcytREyhY3nzxQRJP5hM5zyHt6nyO9yE1LM0uvJwYajRPuVvTmSXh/S73YeIT/+
DGHUwkjfCY1dl4YfH9JB83bkmWRIE0NotPyczhj3P+EHTo+d3RRcvpFH8VjY8doK
U+/ArBL6FFVFOjWxZbXFbWLOJ9VVpdAb
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:18:54 2025 by rpki-client