Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C205ED7AC19F11EF81995D4E762E951A.roa
File: C205ED7AC19F11EF81995D4E762E951A.roa (raw, json)
Hash identifier: 894BIlwavtCbZNdOfGh+EcH7mOLpx0WZh3ocy5x4ZYA=
Subject key identifier: 45:26:78:13:34:B8:0F:75:75:30:37:FC:10:34:C3:CD:5C:B2:43:CF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0120A3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C205ED7AC19F11EF81995D4E762E951A.roa
Signing time: Tue 24 Dec 2024 02:35:37 +0000
ROA not before: Tue 24 Dec 2024 02:35:33 +0000
ROA not after: Wed 10 Dec 2025 02:35:33 +0000
asID: 984
IP address blocks: 154.90.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73891 (0x120a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 02:35:33 2024 GMT
Not After : Dec 10 02:35:33 2025 GMT
Subject: CN=676a1df9-d82e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:7e:42:84:25:86:69:25:1c:2d:f3:c0:13:
08:f7:4d:2d:25:dc:a6:73:94:80:6b:6f:c8:14:53:
e2:21:4f:8c:76:27:bc:05:c7:a7:e1:95:15:39:67:
9f:f2:ba:4b:4c:f3:33:80:8a:6b:4a:1b:4a:70:97:
8f:83:ac:68:f6:de:c5:a5:4c:85:ad:5b:55:e7:59:
59:14:5e:4b:c1:a0:db:5b:9e:2c:6f:f8:f2:55:06:
6b:94:4d:7f:16:8b:0f:82:50:08:d5:54:11:52:bc:
ec:d9:89:c3:bd:74:6c:c5:38:ce:29:02:58:dd:60:
05:b5:ce:53:5c:2d:9b:ff:63:8d:e8:fe:c0:da:a6:
27:be:89:49:e5:8f:ee:50:cd:a6:70:9f:c5:d4:98:
ce:6c:2f:05:6c:08:dc:96:a5:e9:9f:20:a9:90:90:
3b:25:2c:94:c8:7d:c6:57:91:4f:de:5a:f1:aa:42:
7e:1b:4e:98:2f:ed:0c:a3:dd:46:a1:a4:02:92:f7:
ee:c7:81:b8:67:0b:db:bd:11:6e:e8:c5:66:f9:e2:
28:e1:c5:ab:03:5d:21:e4:59:69:8b:51:dd:28:24:
91:45:65:39:cb:14:c1:77:ac:83:9a:28:31:e5:c3:
92:25:f7:9f:7d:fc:bc:8f:ec:59:f4:7b:53:d4:be:
0e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:26:78:13:34:B8:0F:75:75:30:37:FC:10:34:C3:CD:5C:B2:43:CF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C205ED7AC19F11EF81995D4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.237.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:c6:ac:21:82:4e:cb:6a:d4:76:46:a2:d3:f8:fc:ed:06:1a:
f6:3e:30:86:3a:e9:24:1f:ae:b6:0a:f8:21:ea:55:2d:3b:45:
04:8c:e7:2b:e2:40:6a:12:47:0d:b0:25:53:0d:91:d3:e4:d8:
00:ab:13:b3:79:2e:3c:00:86:84:3c:a3:9b:97:1d:c3:3d:78:
74:f3:5f:52:1a:ae:6b:2c:51:1e:23:12:97:6d:5e:5f:23:e6:
cc:8e:2a:a2:fa:ca:32:5f:65:d2:bf:32:3f:8a:90:92:32:bf:
75:b7:22:05:e2:61:db:05:5f:b3:89:2d:6b:25:f0:d0:11:01:
48:a9:fe:cf:6f:60:cd:23:48:e0:c7:f0:99:8b:23:c9:de:26:
b7:26:93:5c:99:c2:4d:2d:bb:f5:e6:31:93:7f:d6:b5:ab:a0:
18:e9:b8:39:5d:b3:4e:27:38:97:60:6e:86:48:14:88:c6:4f:
11:d0:db:8b:80:cc:24:be:77:70:29:83:e5:cf:43:7a:2d:bf:
55:c5:36:96:66:a1:0a:0b:b2:f0:bc:46:19:91:80:16:77:b8:
57:bf:ef:16:40:a6:6e:20:62:2a:48:b0:89:ae:3c:2a:df:c3:
15:b3:d0:e9:e4:83:25:37:a0:ad:64:9b:2e:30:f4:2e:7b:eb:
3a:17:b5:7d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASCjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDIzNTMzWhcNMjUxMjEwMDIzNTMzWjAYMRYw
FAYDVQQDEw02NzZhMWRmOS1kODJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt55+QoQlhmklHC3zwBMI900tJdymc5SAa2/IFFPiIU+Mdie8Bcen4ZUV
OWef8rpLTPMzgIprShtKcJePg6xo9t7FpUyFrVtV51lZFF5LwaDbW54sb/jyVQZr
lE1/FosPglAI1VQRUrzs2YnDvXRsxTjOKQJY3WAFtc5TXC2b/2ON6P7A2qYnvolJ
5Y/uUM2mcJ/F1JjObC8FbAjclqXpnyCpkJA7JSyUyH3GV5FP3lrxqkJ+G06YL+0M
o91GoaQCkvfux4G4ZwvbvRFu6MVm+eIo4cWrA10h5Flpi1HdKCSRRWU5yxTBd6yD
migx5cOSJfefffy8j+xZ9HtT1L4O6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEUm
eBM0uA91dTA3/BA0w81cskPPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMjA1RUQ3QUMxOUYxMUVGODE5OTVENEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlrtMA0GCSqGSIb3DQEB
CwUAA4IBAQDAxqwhgk7LatR2RqLT+PztBhr2PjCGOukkH662Cvgh6lUtO0UEjOcr
4kBqEkcNsCVTDZHT5NgAqxOzeS48AIaEPKOblx3DPXh0819SGq5rLFEeIxKXbV5f
I+bMjiqi+soyX2XSvzI/ipCSMr91tyIF4mHbBV+ziS1rJfDQEQFIqf7Pb2DNI0jg
x/CZiyPJ3ia3JpNcmcJNLbv15jGTf9a1q6AY6bg5XbNOJziXYG6GSBSIxk8R0NuL
gMwkvndwKYPlz0N6Lb9VxTaWZqEKC7LwvEYZkYAWd7hXv+8WQKZuIGIqSLCJrjwq
38MVs9Dp5IMlN6CtZJsuMPQue+s6F7V9
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:18:53 2025 by rpki-client