Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1266DB2CDDA11EF8BBF37A2762E951A.roa
File: B1266DB2CDDA11EF8BBF37A2762E951A.roa (raw, json)
Hash identifier: 3ByaAR0aeBj3cwxJpirJWiQQTvJBsXcRXQ5HOKLct4k=
Subject key identifier: EE:7A:4D:47:43:A5:FB:47:46:9F:24:F6:E7:98:5A:62:87:76:32:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01378F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1266DB2CDDA11EF8BBF37A2762E951A.roa
Signing time: Wed 08 Jan 2025 16:07:43 +0000
ROA not before: Wed 08 Jan 2025 16:07:39 +0000
ROA not after: Sat 03 Jan 2026 16:07:39 +0000
asID: 984
IP address blocks: 154.89.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79759 (0x1378f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 16:07:39 2025 GMT
Not After : Jan 3 16:07:39 2026 GMT
Subject: CN=677ea2cf-f46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ae:9b:6e:18:8d:ae:d4:2a:a5:bf:68:c0:32:
b7:12:9d:76:c1:9c:31:de:74:e6:41:c3:9f:d4:7e:
8b:e7:66:34:7a:ab:66:c3:24:07:f9:06:c5:35:6a:
3c:2f:b2:00:d3:0e:06:04:2a:7e:58:7a:dc:98:bd:
5e:b1:bd:39:0f:5d:97:d6:34:4c:1d:c2:a2:e7:88:
ca:fa:99:85:a8:61:db:fc:da:39:7e:c3:92:08:28:
53:36:96:66:bd:36:73:e6:f1:f2:f6:8f:48:b3:c9:
40:f9:e6:61:2b:2e:31:86:43:74:0f:0f:a7:5c:e9:
a4:26:2c:5f:73:38:d6:d0:c7:27:1f:f1:f0:9f:83:
b9:24:66:d7:dd:5d:48:a4:cb:9c:b3:10:dd:f2:5b:
51:53:e5:8e:83:41:5b:94:d2:b2:c8:f7:dd:9e:f5:
8e:aa:0b:4e:1b:f5:67:b4:05:cd:22:e6:91:af:27:
34:ea:9b:20:9c:cf:45:70:9b:e9:3c:d1:07:ec:be:
b2:46:c3:56:b2:9e:b8:a7:a4:e6:87:38:8e:5d:10:
6e:f3:4c:79:e7:f4:8f:4c:a3:ea:2f:70:a0:30:98:
d0:c8:7c:a1:b9:eb:65:ab:ac:4b:c7:1a:31:99:92:
b0:99:0a:02:51:7b:b5:74:cb:08:e9:6b:2f:c1:1c:
f9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:7A:4D:47:43:A5:FB:47:46:9F:24:F6:E7:98:5A:62:87:76:32:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1266DB2CDDA11EF8BBF37A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.150.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:97:1d:a5:ae:93:2e:df:4b:4c:16:24:de:be:91:4c:6f:7a:
cd:d9:da:59:32:a8:0d:eb:0b:24:0b:b3:ae:fa:eb:88:c3:6a:
5f:bb:ef:a0:3e:d6:2a:8e:94:87:84:fe:e1:26:1a:04:bf:83:
fa:22:99:28:f0:44:57:2c:b0:15:e0:94:99:20:0c:0b:03:bc:
ed:1c:0a:b1:1e:4d:87:d3:56:38:d1:21:cf:28:d6:e6:bf:df:
71:d2:95:ce:e8:b6:7e:d8:95:bd:41:c5:8f:b7:8a:0f:57:0b:
fc:ff:3f:b7:78:e5:d7:f7:75:0a:87:ae:68:42:d0:22:a3:9a:
93:96:e0:8a:69:90:88:23:73:e7:32:48:c8:1d:c2:d3:04:77:
e9:bf:5e:84:b9:bb:a4:23:71:02:58:53:85:54:06:86:af:d4:
96:74:b8:35:b6:db:e8:90:9a:a9:9c:87:89:9d:1e:da:c2:63:
30:d7:81:86:fd:c0:f5:07:aa:b1:ae:b8:6c:68:ea:22:ac:16:
b9:9b:bf:fa:27:11:fa:ae:10:ff:f0:e5:28:74:9c:01:93:16:
bc:69:f4:49:a4:73:3f:ae:42:fb:48:a4:89:6e:b3:1c:58:b2:
e5:12:51:26:32:60:09:02:91:ab:52:62:0a:2a:27:df:ee:ca:
a0:37:b1:82
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATePMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTYwNzM5WhcNMjYwMTAzMTYwNzM5WjAYMRYw
FAYDVQQDEw02NzdlYTJjZi1mNDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy66bbhiNrtQqpb9owDK3Ep12wZwx3nTmQcOf1H6L52Y0eqtmwyQH+QbF
NWo8L7IA0w4GBCp+WHrcmL1esb05D12X1jRMHcKi54jK+pmFqGHb/No5fsOSCChT
NpZmvTZz5vHy9o9Is8lA+eZhKy4xhkN0Dw+nXOmkJixfczjW0McnH/Hwn4O5JGbX
3V1IpMucsxDd8ltRU+WOg0FblNKyyPfdnvWOqgtOG/VntAXNIuaRryc06psgnM9F
cJvpPNEH7L6yRsNWsp64p6TmhziOXRBu80x55/SPTKPqL3CgMJjQyHyhuetlq6xL
xxoxmZKwmQoCUXu1dMsI6WsvwRz5aQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO56
TUdDpftHRp8k9ueYWmKHdjJUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMTI2NkRCMkNEREExMUVGOEJCRjM3QTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmWMA0GCSqGSIb3DQEB
CwUAA4IBAQCxlx2lrpMu30tMFiTevpFMb3rN2dpZMqgN6wskC7Ou+uuIw2pfu++g
PtYqjpSHhP7hJhoEv4P6Ipko8ERXLLAV4JSZIAwLA7ztHAqxHk2H01Y40SHPKNbm
v99x0pXO6LZ+2JW9QcWPt4oPVwv8/z+3eOXX93UKh65oQtAio5qTluCKaZCII3Pn
MkjIHcLTBHfpv16EubukI3ECWFOFVAaGr9SWdLg1ttvokJqpnIeJnR7awmMw14GG
/cD1B6qxrrhsaOoirBa5m7/6JxH6rhD/8OUodJwBkxa8afRJpHM/rkL7SKSJbrMc
WLLlElEmMmAJApGrUmIKKiff7sqgN7GC
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:19 2025 by rpki-client