Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C533591ACDE811EFB5C3D479762E951A.roa
File: C533591ACDE811EFB5C3D479762E951A.roa (raw, json)
Hash identifier: VP4djcn+UYIfHT5OToKPHvec3qq4HQDSra959z2b/n8=
Subject key identifier: 57:71:9B:33:1A:7E:EE:80:A7:F6:0D:BB:77:A3:C6:49:2F:EB:23:C9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0137F7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C533591ACDE811EFB5C3D479762E951A.roa
Signing time: Wed 08 Jan 2025 17:48:30 +0000
ROA not before: Wed 08 Jan 2025 17:48:26 +0000
ROA not after: Sat 03 Jan 2026 17:48:26 +0000
asID: 984
IP address blocks: 154.89.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79863 (0x137f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 17:48:26 2025 GMT
Not After : Jan 3 17:48:26 2026 GMT
Subject: CN=677eba6d-f6d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7e:84:dd:94:5c:c4:5c:41:3d:4b:76:94:07:
69:79:b9:86:4c:f0:40:77:2c:5f:7f:5f:0d:d1:a9:
a0:dd:a8:17:09:25:ca:ec:9a:cd:8c:e9:6e:b1:2c:
eb:52:37:66:94:43:48:65:40:1d:7f:58:a0:56:e6:
57:45:34:73:ea:87:89:e4:18:b9:c6:35:f9:26:d8:
a7:56:c5:dd:07:a2:20:25:e2:06:6d:e7:d4:b5:a4:
eb:2a:de:ed:c3:8d:94:b3:87:d3:33:f5:f9:7c:87:
f0:0a:ad:87:9b:ac:43:7b:f4:21:81:d3:4f:c2:30:
82:1c:d0:7b:74:a7:d5:f5:b3:10:45:10:b9:77:03:
5c:71:3d:9e:b2:28:94:a7:bb:38:9f:ca:b5:7f:37:
d1:7e:2f:f3:6a:36:59:98:9c:ed:de:f5:60:2f:cf:
46:4e:b7:8d:f0:bf:62:f8:df:82:ee:8b:45:fc:78:
df:4d:24:3b:7a:e4:8a:8f:56:55:17:16:84:b6:2c:
59:ed:b6:59:47:9d:c7:55:ac:99:d7:27:f2:1a:b2:
f7:ea:b7:a1:b1:e4:1d:1b:e7:aa:2a:c3:65:17:19:
14:f6:7f:cb:80:45:0d:3e:e9:7f:24:de:14:4e:88:
50:f1:c0:47:52:c5:41:6d:bb:51:91:ec:a4:18:20:
3b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:71:9B:33:1A:7E:EE:80:A7:F6:0D:BB:77:A3:C6:49:2F:EB:23:C9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C533591ACDE811EFB5C3D479762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.202.0/24
Signature Algorithm: sha256WithRSAEncryption
60:5a:77:c2:ef:4b:7f:6a:3c:a7:a5:82:a9:55:e6:4b:54:7c:
cd:f3:e6:76:af:67:29:cd:d8:78:dd:7a:a7:36:f9:37:44:d8:
31:67:f6:a6:bc:5e:5d:41:ce:65:74:6b:bd:ea:b9:c6:ac:8f:
4d:11:bb:60:d5:6a:2f:a9:f9:eb:f8:23:60:aa:f0:74:f5:7f:
d2:b0:9d:62:b8:78:72:36:5f:12:a1:47:9c:1a:aa:28:57:62:
24:74:34:50:92:d3:ce:7e:4f:12:ef:9b:8e:94:f0:dd:b4:fc:
dd:f2:02:b8:26:6f:2b:fb:94:04:de:c5:9c:89:5b:b4:43:2b:
a0:8f:f6:7a:5f:7f:bb:c9:e0:e0:c3:d0:11:fd:b4:32:e9:c3:
39:fa:53:b1:b9:d2:40:8c:6c:c3:07:67:46:55:1f:cb:fb:80:
23:d6:49:ed:b4:8b:dc:33:5c:b6:b7:a5:9d:a4:2c:a9:93:10:
3a:2f:7a:2b:a6:34:45:54:a1:a4:ab:e3:55:24:bc:a6:b2:81:
ba:b3:d6:6c:6d:75:5e:2b:4b:f4:18:62:d8:2f:f8:19:e0:f3:
72:2f:75:67:56:4a:75:38:77:05:13:08:8f:5f:4e:e3:9d:99:
db:ae:46:8f:1a:e8:30:55:db:93:4f:02:9b:7d:a9:6e:c0:2c:
28:b4:72:4f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATf3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTc0ODI2WhcNMjYwMTAzMTc0ODI2WjAYMRYw
FAYDVQQDEw02NzdlYmE2ZC1mNmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqX6E3ZRcxFxBPUt2lAdpebmGTPBAdyxff18N0amg3agXCSXK7JrNjOlu
sSzrUjdmlENIZUAdf1igVuZXRTRz6oeJ5Bi5xjX5JtinVsXdB6IgJeIGbefUtaTr
Kt7tw42Us4fTM/X5fIfwCq2Hm6xDe/QhgdNPwjCCHNB7dKfV9bMQRRC5dwNccT2e
siiUp7s4n8q1fzfRfi/zajZZmJzt3vVgL89GTreN8L9i+N+C7otF/HjfTSQ7euSK
j1ZVFxaEtixZ7bZZR53HVayZ1yfyGrL36rehseQdG+eqKsNlFxkU9n/LgEUNPul/
JN4UTohQ8cBHUsVBbbtRkeykGCA7wQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFdx
mzMafu6Ap/YNu3ejxkkv6yPJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNTMzNTkxQUNERTgxMUVGQjVDM0Q0Nzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnKMA0GCSqGSIb3DQEB
CwUAA4IBAQBgWnfC70t/ajynpYKpVeZLVHzN8+Z2r2cpzdh43XqnNvk3RNgxZ/am
vF5dQc5ldGu96rnGrI9NEbtg1Wovqfnr+CNgqvB09X/SsJ1iuHhyNl8SoUecGqoo
V2IkdDRQktPOfk8S75uOlPDdtPzd8gK4Jm8r+5QE3sWciVu0Qyugj/Z6X3+7yeDg
w9AR/bQy6cM5+lOxudJAjGzDB2dGVR/L+4Aj1knttIvcM1y2t6WdpCypkxA6L3or
pjRFVKGkq+NVJLymsoG6s9ZsbXVeK0v0GGLYL/gZ4PNyL3VnVkp1OHcFEwiPX07j
nZnbrkaPGugwVduTTwKbfaluwCwotHJP
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:19:21 2025 by rpki-client