Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B0A56550C5DD11EFBAE93D4F762E951A.roa
File: B0A56550C5DD11EFBAE93D4F762E951A.roa (raw, json)
Hash identifier: Xveiuxq/tzq3fDZev9fTL5MyoOK/K2iHOsU7zZu/Y7k=
Subject key identifier: 11:DC:29:CE:A3:F7:4D:E7:78:71:C0:6D:B7:4F:5D:20:40:2E:D3:03
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D30
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B0A56550C5DD11EFBAE93D4F762E951A.roa
Signing time: Sun 29 Dec 2024 12:09:01 +0000
ROA not before: Sun 29 Dec 2024 12:08:58 +0000
ROA not after: Sun 12 Dec 2027 12:08:58 +0000
asID: 17561
IP address blocks: 154.210.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77104 (0x12d30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 12:08:58 2024 GMT
Not After : Dec 12 12:08:58 2027 GMT
Subject: CN=67713bdd-1e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b7:fc:b0:0f:10:9f:e6:59:ce:bd:3e:13:fb:
d3:64:7b:f0:9f:cc:3e:65:67:76:14:47:85:e6:6a:
ce:40:c9:21:d7:fa:3b:91:9f:42:28:6b:6e:a0:7a:
d9:84:e4:23:e2:78:ca:d9:c2:b0:fc:50:b3:36:d1:
64:28:0b:48:dc:5c:f2:3c:d6:43:40:68:a5:e0:6d:
ac:42:8f:ed:56:9d:26:eb:97:29:ba:d3:8d:02:e8:
a5:cd:89:05:9a:27:3f:75:d5:55:8a:2b:03:40:ac:
18:18:fd:37:42:01:4f:9c:c4:0c:e7:32:71:1d:a9:
97:a6:d1:ce:13:09:9e:13:66:18:a9:46:a4:2d:a1:
86:14:7c:03:2e:eb:34:03:37:18:ef:1c:b1:2f:85:
f1:cf:54:45:4f:e3:ee:ea:c4:f6:08:4b:1b:7d:d2:
b5:39:f8:16:b8:80:91:6b:96:51:88:51:5f:94:9d:
45:c9:9f:89:5e:f1:93:06:8c:b4:9a:05:12:12:30:
ac:02:24:72:3a:37:64:7f:ee:41:5a:1c:0f:88:6e:
1d:37:22:95:ba:d5:5a:cf:5e:56:09:c3:3b:64:92:
41:95:d3:e0:a9:1d:f9:a7:c9:39:30:66:8e:b5:6c:
a2:2c:de:74:b2:24:1c:9f:8a:73:e0:c0:b5:45:2b:
6f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:DC:29:CE:A3:F7:4D:E7:78:71:C0:6D:B7:4F:5D:20:40:2E:D3:03
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B0A56550C5DD11EFBAE93D4F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.89.0/24
Signature Algorithm: sha256WithRSAEncryption
57:b4:21:7a:24:b4:58:c7:0a:af:ea:a6:77:43:8f:63:98:21:
b1:de:fb:b4:a1:d2:43:d2:c3:71:3d:83:d5:3a:07:7b:7a:07:
41:77:90:b9:77:f5:2f:ee:31:a4:19:6a:da:f1:1f:88:cc:4d:
ae:34:d8:79:1b:e2:4b:01:0a:f2:29:54:06:79:9c:78:05:2b:
e1:df:27:0a:1e:38:18:0f:99:45:b7:5d:a7:e5:12:a9:b5:48:
7d:44:7c:74:69:1b:a9:b3:65:91:39:7a:af:bc:fe:d9:d6:78:
90:2a:62:24:69:09:46:2f:4d:08:ab:e5:09:4a:d0:67:66:d5:
c7:1d:bd:4a:1f:fc:c3:9d:ff:62:69:56:61:43:5a:8a:2d:57:
0f:46:7e:6d:1d:f6:fa:2d:71:78:eb:ff:4f:60:e1:e6:27:c6:
15:e2:4d:4d:9e:89:51:17:f0:2b:5a:1a:40:c6:06:56:b2:7f:
28:a1:71:22:8a:64:6b:ef:06:e4:c4:86:1f:7b:15:95:05:8c:
a3:a9:32:ac:ce:92:3d:44:01:59:db:c5:ff:09:63:12:7e:95:
df:96:fc:85:ea:15:a1:75:dc:45:06:cc:1b:f2:bf:8f:c1:32:
0e:16:53:c9:ca:d7:f4:a6:4c:cf:7e:a8:b0:62:8f:b6:fa:d6:
d5:31:76:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS0wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTIwODU4WhcNMjcxMjEyMTIwODU4WjAYMRYw
FAYDVQQDEw02NzcxM2JkZC0xZTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmrf8sA8Qn+ZZzr0+E/vTZHvwn8w+ZWd2FEeF5mrOQMkh1/o7kZ9CKGtu
oHrZhOQj4njK2cKw/FCzNtFkKAtI3FzyPNZDQGil4G2sQo/tVp0m65cputONAuil
zYkFmic/ddVViisDQKwYGP03QgFPnMQM5zJxHamXptHOEwmeE2YYqUakLaGGFHwD
Lus0AzcY7xyxL4Xxz1RFT+Pu6sT2CEsbfdK1OfgWuICRa5ZRiFFflJ1FyZ+JXvGT
Boy0mgUSEjCsAiRyOjdkf+5BWhwPiG4dNyKVutVaz15WCcM7ZJJBldPgqR35p8k5
MGaOtWyiLN50siQcn4pz4MC1RStv2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBHc
Kc6j903neHHAbbdPXSBALtMDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMEE1NjU1MEM1REQxMUVGQkFFOTNENEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJZMA0GCSqGSIb3DQEB
CwUAA4IBAQBXtCF6JLRYxwqv6qZ3Q49jmCGx3vu0odJD0sNxPYPVOgd7egdBd5C5
d/Uv7jGkGWra8R+IzE2uNNh5G+JLAQryKVQGeZx4BSvh3ycKHjgYD5lFt12n5RKp
tUh9RHx0aRups2WROXqvvP7Z1niQKmIkaQlGL00Iq+UJStBnZtXHHb1KH/zDnf9i
aVZhQ1qKLVcPRn5tHfb6LXF46/9PYOHmJ8YV4k1NnolRF/ArWhpAxgZWsn8ooXEi
imRr7wbkxIYfexWVBYyjqTKszpI9RAFZ28X/CWMSfpXflvyF6hWhddxFBswb8r+P
wTIOFlPJytf0pkzPfqiwYo+2+tbVMXaG
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:18:58 2025 by rpki-client