Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5FA0EC6C0E111EFB97D86A4762E951A.roa
File: B5FA0EC6C0E111EFB97D86A4762E951A.roa (raw, json)
Hash identifier: whzvFZyLS+ZbWPLfG6qXn4I2FoZi3KLtUtBIiQwjFS0=
Subject key identifier: 53:C4:69:2E:0A:F4:89:9E:B1:AE:C3:C2:4C:5F:4B:B2:0B:71:4E:5A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011EF4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5FA0EC6C0E111EFB97D86A4762E951A.roa
Signing time: Mon 23 Dec 2024 03:55:12 +0000
ROA not before: Mon 23 Dec 2024 03:55:09 +0000
ROA not after: Wed 10 Dec 2025 03:55:09 +0000
asID: 984
IP address blocks: 154.89.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73460 (0x11ef4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 03:55:09 2024 GMT
Not After : Dec 10 03:55:09 2025 GMT
Subject: CN=6768df20-8098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:64:ed:c5:e9:57:0c:ed:65:f7:5c:03:a8:65:
a6:08:80:db:f1:38:8a:25:c1:78:22:00:96:83:1b:
7e:c6:22:a5:c9:87:12:e5:7c:8f:21:ec:d8:e2:6e:
79:ed:37:f7:1c:e8:68:90:46:24:0c:b4:81:80:04:
1c:b2:d5:01:bd:46:10:77:fc:e7:f3:81:4a:b2:f4:
14:c0:a2:dd:96:d1:0e:91:10:75:64:c3:e4:0b:b7:
28:3c:6e:dd:b2:24:46:03:54:51:19:68:96:ac:96:
1d:47:03:40:8a:7c:e8:bc:83:88:e4:71:89:b9:9e:
48:fa:48:83:d6:2b:14:9a:65:87:65:f1:5f:91:79:
eb:d5:b8:39:8b:af:fa:87:22:20:08:38:88:5a:0f:
97:0f:95:a8:9f:e1:ac:73:a9:35:ee:ba:51:94:af:
48:97:cd:e5:71:9b:95:8c:b2:f1:44:41:00:0e:a0:
61:dc:66:3f:13:17:79:19:15:00:f5:0a:50:dd:83:
b4:28:94:38:fa:ff:c1:75:a6:f7:dc:11:a3:aa:23:
8e:95:f6:b0:3d:9b:5f:7f:5e:ec:08:64:7a:cf:1d:
fd:79:f5:54:12:80:01:52:d1:4a:f4:15:60:62:bb:
44:55:60:95:82:5b:38:84:86:6b:08:af:fb:ae:19:
1c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C4:69:2E:0A:F4:89:9E:B1:AE:C3:C2:4C:5F:4B:B2:0B:71:4E:5A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5FA0EC6C0E111EFB97D86A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.216.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:bd:0d:d6:ea:51:1a:ee:3f:73:a7:13:6e:96:bd:bc:e3:7b:
94:03:53:3d:bb:4f:86:f9:96:c5:d7:82:6d:fb:e4:be:72:bc:
97:d0:1b:7d:30:3c:33:dc:af:72:a3:be:e9:65:fb:53:d0:9e:
fd:48:e2:53:ef:74:44:ca:7d:d6:68:ff:d6:6f:69:b2:23:55:
64:0b:a1:02:33:dd:d0:58:cd:a2:5c:fb:31:0a:6e:59:6b:ce:
a6:e7:5d:a1:34:95:43:22:6d:d8:d6:e1:c9:c7:9d:a9:2c:24:
9e:2f:32:d1:81:82:bb:d1:8f:31:a9:43:8d:20:04:df:fb:35:
ed:23:21:00:13:b9:e0:22:54:dd:de:10:1c:1a:ae:d7:3e:57:
58:c6:08:0f:77:fe:94:8d:89:15:6e:43:36:74:95:c9:d9:79:
39:d7:6d:39:4d:ba:a9:08:0f:59:74:5e:54:dc:25:66:b2:ce:
83:e1:0f:f4:c5:47:ae:12:46:57:71:47:b9:c3:b3:da:79:25:
27:3c:d9:bf:1f:42:9e:c1:94:44:1a:0f:71:b4:86:cf:f2:8c:
76:ec:b8:dd:78:39:e4:ec:3f:f9:83:e5:8d:71:be:de:df:1a:
2e:b7:ed:29:99:3b:3e:3b:b2:dc:e6:b8:fd:c6:2a:2c:1c:19:
f1:22:12:e5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR70MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDM1NTA5WhcNMjUxMjEwMDM1NTA5WjAYMRYw
FAYDVQQDEw02NzY4ZGYyMC04MDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqGTtxelXDO1l91wDqGWmCIDb8TiKJcF4IgCWgxt+xiKlyYcS5XyPIezY
4m557Tf3HOhokEYkDLSBgAQcstUBvUYQd/zn84FKsvQUwKLdltEOkRB1ZMPkC7co
PG7dsiRGA1RRGWiWrJYdRwNAinzovIOI5HGJuZ5I+kiD1isUmmWHZfFfkXnr1bg5
i6/6hyIgCDiIWg+XD5Won+Gsc6k17rpRlK9Il83lcZuVjLLxREEADqBh3GY/Exd5
GRUA9QpQ3YO0KJQ4+v/Bdab33BGjqiOOlfawPZtff17sCGR6zx39efVUEoABUtFK
9BVgYrtEVWCVgls4hIZrCK/7rhkcrQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFPE
aS4K9Imesa7DwkxfS7ILcU5aMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNUZBMEVDNkMwRTExMUVGQjk3RDg2QTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnYMA0GCSqGSIb3DQEB
CwUAA4IBAQBtvQ3W6lEa7j9zpxNulr2843uUA1M9u0+G+ZbF14Jt++S+cryX0Bt9
MDwz3K9yo77pZftT0J79SOJT73REyn3WaP/Wb2myI1VkC6ECM93QWM2iXPsxCm5Z
a86m512hNJVDIm3Y1uHJx52pLCSeLzLRgYK70Y8xqUONIATf+zXtIyEAE7ngIlTd
3hAcGq7XPldYxggPd/6UjYkVbkM2dJXJ2Xk51205TbqpCA9ZdF5U3CVmss6D4Q/0
xUeuEkZXcUe5w7PaeSUnPNm/H0KewZREGg9xtIbP8ox27LjdeDnk7D/5g+WNcb7e
3xout+0pmTs+O7Lc5rj9xiosHBnxIhLl
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:44:27 2025 by rpki-client