Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C5198D54C0D811EF8EA2FF67762E951A.roa
File: C5198D54C0D811EF8EA2FF67762E951A.roa (raw, json)
Hash identifier: gNfBqrV8xrQ+1yw8SgVbpgKXs0FkYIwKtiyIn3WBcZ0=
Subject key identifier: B0:C0:7E:22:90:05:BF:A1:1D:3F:21:B5:3A:50:FE:71:9B:8F:E8:3B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E80
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C5198D54C0D811EF8EA2FF67762E951A.roa
Signing time: Mon 23 Dec 2024 02:51:12 +0000
ROA not before: Mon 23 Dec 2024 02:51:09 +0000
ROA not after: Wed 10 Dec 2025 02:51:09 +0000
asID: 984
IP address blocks: 154.89.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73344 (0x11e80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 02:51:09 2024 GMT
Not After : Dec 10 02:51:09 2025 GMT
Subject: CN=6768d020-b48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ab:b8:9a:17:30:0c:44:cc:81:64:b7:d7:ed:
e6:72:fd:83:c5:99:d4:71:40:2f:52:46:a4:28:05:
e9:37:eb:60:d1:a3:b3:06:ca:60:e1:e9:96:90:96:
59:8a:06:27:e7:15:e5:b9:49:37:b1:7e:22:8f:bc:
83:19:c4:88:82:8e:be:df:9b:dc:a1:4d:a0:e7:47:
22:a9:a5:80:3c:64:60:ec:9a:cb:ec:4b:c6:3f:d8:
8e:3c:9f:f0:de:7f:c1:bd:4d:2a:4b:25:45:55:6a:
40:1f:ce:f6:87:38:06:26:62:1f:3e:75:0a:ca:02:
4b:74:d8:f9:e2:f9:f7:98:76:2d:23:b4:ef:e0:60:
9d:2e:50:7c:7f:30:45:18:69:8a:02:77:6a:56:db:
8c:da:d0:26:b5:72:99:34:3c:a1:2a:51:c5:4d:98:
1c:af:51:00:ee:a3:09:0e:1d:08:d9:e9:40:31:41:
63:ab:e4:31:37:1b:3e:d2:b9:72:f6:6e:49:b3:b4:
8a:21:22:4d:e2:45:3d:ba:07:e1:b0:7c:31:e6:b9:
c0:56:7d:99:cf:6f:50:29:b2:67:3b:63:98:9f:21:
29:44:47:09:db:7d:70:df:de:21:76:1b:18:06:50:
d2:b7:64:5b:a4:a4:34:3f:a1:f7:53:b4:0f:c4:c7:
54:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C0:7E:22:90:05:BF:A1:1D:3F:21:B5:3A:50:FE:71:9B:8F:E8:3B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C5198D54C0D811EF8EA2FF67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.158.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:38:4c:b6:6d:cf:06:52:06:2f:4a:4e:1a:f0:c1:8d:7a:ab:
4b:95:0b:af:8d:5b:d8:34:eb:cd:85:33:a6:15:22:28:76:d4:
6e:df:62:21:1e:86:fa:47:42:a6:c1:cc:e6:9f:a2:3c:61:22:
c2:1e:2b:bc:21:03:9c:88:00:8e:b5:e5:1a:5c:5e:66:c3:bb:
e5:4c:1e:b3:48:53:25:80:73:7d:52:0b:1e:42:85:0c:f3:ea:
7c:f9:45:df:02:4a:21:32:fb:f1:8f:cd:db:25:1a:3f:0b:a2:
cc:ae:b7:d3:fd:98:1e:a7:4b:19:1d:ed:84:43:3a:74:51:c8:
d4:34:3f:b0:22:af:9e:a1:70:c8:e5:5a:b8:ca:60:02:d1:0b:
5c:9f:97:89:62:15:8f:c3:f4:18:81:a8:a7:4d:5a:20:46:2c:
e8:0b:71:2a:c7:26:16:b1:26:3e:2c:51:19:c4:ce:f8:77:4d:
a8:27:fa:21:20:b7:13:8d:40:99:da:69:36:ca:84:e9:c0:cf:
5f:9e:45:51:bb:63:44:00:75:41:89:9f:c5:cf:70:94:63:83:
d4:78:78:c7:d2:bc:20:6d:49:65:88:a2:85:ef:be:43:1b:30:
dc:64:14:ca:bd:8f:0e:40:14:b7:dc:db:04:a0:5d:bf:0c:8e:
bf:9d:b5:4f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR6AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDI1MTA5WhcNMjUxMjEwMDI1MTA5WjAYMRYw
FAYDVQQDEw02NzY4ZDAyMC1iNDhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuau4mhcwDETMgWS31+3mcv2DxZnUcUAvUkakKAXpN+tg0aOzBspg4emW
kJZZigYn5xXluUk3sX4ij7yDGcSIgo6+35vcoU2g50ciqaWAPGRg7JrL7EvGP9iO
PJ/w3n/BvU0qSyVFVWpAH872hzgGJmIfPnUKygJLdNj54vn3mHYtI7Tv4GCdLlB8
fzBFGGmKAndqVtuM2tAmtXKZNDyhKlHFTZgcr1EA7qMJDh0I2elAMUFjq+QxNxs+
0rly9m5Js7SKISJN4kU9ugfhsHwx5rnAVn2Zz29QKbJnO2OYnyEpREcJ231w394h
dhsYBlDSt2RbpKQ0P6H3U7QPxMdUFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLDA
fiKQBb+hHT8htTpQ/nGbj+g7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNTE5OEQ1NEMwRDgxMUVGOEVBMkZGNjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmeMA0GCSqGSIb3DQEB
CwUAA4IBAQBeOEy2bc8GUgYvSk4a8MGNeqtLlQuvjVvYNOvNhTOmFSIodtRu32Ih
Hob6R0Kmwczmn6I8YSLCHiu8IQOciACOteUaXF5mw7vlTB6zSFMlgHN9UgseQoUM
8+p8+UXfAkohMvvxj83bJRo/C6LMrrfT/Zgep0sZHe2EQzp0UcjUND+wIq+eoXDI
5Vq4ymAC0Qtcn5eJYhWPw/QYgainTVogRizoC3EqxyYWsSY+LFEZxM74d02oJ/oh
ILcTjUCZ2mk2yoTpwM9fnkVRu2NEAHVBiZ/Fz3CUY4PUeHjH0rwgbUlliKKF775D
GzDcZBTKvY8OQBS33NsEoF2/DI6/nbVP
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:46:24 2025 by rpki-client