Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB4B57AAC19511EFABB94582762E951A.roa
File: AB4B57AAC19511EFABB94582762E951A.roa (raw, json)
Hash identifier: ezrFeved2D1b5T7QohnmLnOqmIMcLSdiTk6NZhCDGyA=
Subject key identifier: 17:BC:EF:F3:4C:54:39:4C:94:A7:59:4B:9B:85:02:BD:10:7E:30:66
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012027
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB4B57AAC19511EFABB94582762E951A.roa
Signing time: Tue 24 Dec 2024 01:23:24 +0000
ROA not before: Tue 24 Dec 2024 01:23:21 +0000
ROA not after: Wed 10 Dec 2025 01:23:21 +0000
asID: 984
IP address blocks: 154.90.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73767 (0x12027)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 01:23:21 2024 GMT
Not After : Dec 10 01:23:21 2025 GMT
Subject: CN=676a0d0c-ba24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:45:04:1f:55:ba:1f:94:c7:86:17:52:0f:80:
e7:5a:25:10:0c:b0:d1:78:56:aa:77:75:64:c1:2c:
84:14:b0:d3:48:e6:22:c8:a7:c3:8c:7b:1c:e1:30:
a6:64:9e:b6:cb:45:11:30:03:b0:f8:8b:53:89:96:
54:2b:63:1d:f4:35:87:fd:e8:af:7d:e6:84:88:d9:
34:00:9d:8a:54:c3:18:1e:08:2f:05:8d:c2:aa:a0:
5e:93:a6:0f:45:59:a6:10:4d:c1:c6:ca:ac:9c:4d:
27:ed:13:3f:b0:b6:65:e8:12:31:bf:1b:b3:0c:6c:
9b:0a:0e:d7:82:26:b4:06:c9:50:13:d0:fe:08:15:
d5:d1:51:ec:35:2f:80:80:f2:4d:2a:97:84:9b:cd:
f5:89:21:63:aa:45:46:eb:2c:0b:08:7a:4a:e6:23:
f3:ee:c2:5d:4c:72:8b:ed:1e:46:84:9d:19:ff:87:
f1:f1:65:ce:9d:04:f4:bf:7c:e9:3f:56:c9:d0:a5:
db:f0:5d:33:23:57:5f:d8:6d:55:1f:db:40:07:d4:
9b:fe:54:20:53:24:bc:01:95:47:28:aa:53:aa:b4:
a1:4a:58:e9:20:73:14:dd:15:11:6a:08:ed:f9:87:
46:ee:7f:a5:2b:52:ea:a6:8f:19:cf:55:f6:b3:36:
76:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BC:EF:F3:4C:54:39:4C:94:A7:59:4B:9B:85:02:BD:10:7E:30:66
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB4B57AAC19511EFABB94582762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.171.0/24
Signature Algorithm: sha256WithRSAEncryption
90:00:03:27:47:ed:5b:b0:fb:28:23:14:2d:f3:72:71:fd:06:
e5:3a:9c:b8:bf:ea:8e:ab:e9:94:ce:60:4e:2b:d7:96:3e:b2:
36:c5:df:1b:96:c5:66:9c:b6:b7:7c:9b:26:fb:21:32:f0:9f:
bb:c5:c6:33:ea:06:08:bc:b1:cd:11:1e:86:31:41:15:94:39:
9f:ea:b6:b6:d5:7e:74:df:98:fc:4f:a4:3b:8b:42:17:b8:7a:
41:9d:39:80:c6:7a:ee:84:6e:35:04:91:6e:60:1e:92:e7:eb:
f7:a3:1d:43:50:6a:ae:a0:a1:c1:4d:c4:d7:44:e5:21:c7:94:
e3:f4:97:6d:4c:46:9b:5c:9b:db:e1:48:f5:af:08:57:92:ea:
f9:e1:86:06:c4:aa:f9:76:0c:ce:25:6a:71:84:55:bc:b3:ba:
fd:d2:fa:41:08:07:10:6a:4b:21:c5:ae:4e:d5:4b:e3:8b:ca:
30:49:a9:ae:88:0a:9c:37:3f:1f:aa:f5:7a:0c:b4:fe:3e:d5:
7e:bc:70:5f:f5:f3:02:26:05:f6:99:fd:02:64:cd:69:7f:b3:
d5:11:42:1b:91:1d:49:72:4a:34:da:3f:57:52:d3:5c:c2:cd:
9a:1a:40:16:d6:1e:49:30:ba:af:a3:e0:34:f3:f6:ae:53:26:
65:e4:d9:cd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASAnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDEyMzIxWhcNMjUxMjEwMDEyMzIxWjAYMRYw
FAYDVQQDEw02NzZhMGQwYy1iYTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo0UEH1W6H5THhhdSD4DnWiUQDLDReFaqd3VkwSyEFLDTSOYiyKfDjHsc
4TCmZJ62y0URMAOw+ItTiZZUK2Md9DWH/eivfeaEiNk0AJ2KVMMYHggvBY3CqqBe
k6YPRVmmEE3BxsqsnE0n7RM/sLZl6BIxvxuzDGybCg7Xgia0BslQE9D+CBXV0VHs
NS+AgPJNKpeEm831iSFjqkVG6ywLCHpK5iPz7sJdTHKL7R5GhJ0Z/4fx8WXOnQT0
v3zpP1bJ0KXb8F0zI1df2G1VH9tAB9Sb/lQgUyS8AZVHKKpTqrShSljpIHMU3RUR
agjt+YdG7n+lK1Lqpo8Zz1X2szZ2FQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBe8
7/NMVDlMlKdZS5uFAr0QfjBmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQjRCNTdBQUMxOTUxMUVGQUJCOTQ1ODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlqrMA0GCSqGSIb3DQEB
CwUAA4IBAQCQAAMnR+1bsPsoIxQt83Jx/QblOpy4v+qOq+mUzmBOK9eWPrI2xd8b
lsVmnLa3fJsm+yEy8J+7xcYz6gYIvLHNER6GMUEVlDmf6ra21X5035j8T6Q7i0IX
uHpBnTmAxnruhG41BJFuYB6S5+v3ox1DUGquoKHBTcTXROUhx5Tj9JdtTEabXJvb
4Uj1rwhXkur54YYGxKr5dgzOJWpxhFW8s7r90vpBCAcQakshxa5O1Uvji8owSamu
iAqcNz8fqvV6DLT+PtV+vHBf9fMCJgX2mf0CZM1pf7PVEUIbkR1Jcko02j9XUtNc
ws2aGkAW1h5JMLqvo+A08/auUyZl5NnN
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:14 2025 by rpki-client