Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8BCBC7CCDDC11EF9EEE0EAF762E951A.roa
File: C8BCBC7CCDDC11EF9EEE0EAF762E951A.roa (raw, json)
Hash identifier: SRgI6lk0zFkHxWU3i8jtfkidKiNhp7Yd2+xFJAznt1g=
Subject key identifier: 7F:39:08:37:8C:EE:49:4D:11:12:58:85:A4:72:6C:E2:A5:76:EA:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01379F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8BCBC7CCDDC11EF9EEE0EAF762E951A.roa
Signing time: Wed 08 Jan 2025 16:22:42 +0000
ROA not before: Wed 08 Jan 2025 16:22:38 +0000
ROA not after: Sat 03 Jan 2026 16:22:38 +0000
asID: 984
IP address blocks: 154.89.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79775 (0x1379f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 16:22:38 2025 GMT
Not After : Jan 3 16:22:38 2026 GMT
Subject: CN=677ea651-bfa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9d:94:bc:b3:26:be:ca:24:3c:52:ff:93:91:
f4:db:8a:c7:2a:f2:86:20:0f:58:2e:83:56:90:17:
ab:c2:b8:6e:4e:9f:a4:f6:a5:21:9c:1f:fc:78:03:
63:4e:00:ed:2d:9e:c9:93:19:97:e6:92:50:02:cf:
b5:18:c7:c4:de:45:86:17:c5:14:9e:78:a1:71:51:
47:03:65:15:df:4d:66:20:0e:f9:1a:6a:aa:21:24:
8a:b8:9c:ba:2c:c4:45:08:93:c4:b5:85:97:79:12:
0b:18:ee:f0:b5:86:f7:5e:cb:65:53:a4:2f:c7:6d:
27:38:ca:c4:f8:1e:c8:e0:61:8c:56:fb:cc:97:b0:
d0:d4:75:67:dc:a6:bb:e9:15:a8:ca:64:6e:ee:78:
34:2e:57:d2:9b:46:81:6d:8b:dd:fd:14:e8:d1:fc:
fe:e7:9d:1f:16:ad:b8:10:9e:15:7a:08:49:e4:3c:
29:cd:e0:03:83:0f:38:09:c6:15:67:f8:43:82:08:
8c:30:ae:00:56:61:88:0e:8e:e1:36:52:34:07:9c:
34:63:20:2e:08:f8:c4:88:8a:03:b8:b2:cf:d1:1e:
c2:d4:ce:ee:89:43:e7:a1:e6:a9:da:4c:83:f5:7b:
d0:89:5b:16:9d:78:d6:4b:dc:a6:c3:45:5e:12:ab:
22:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:39:08:37:8C:EE:49:4D:11:12:58:85:A4:72:6C:E2:A5:76:EA:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8BCBC7CCDDC11EF9EEE0EAF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.158.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:ae:17:75:d9:be:e6:56:92:6c:a0:ce:2a:a4:a6:5b:2c:cd:
e8:17:58:d6:80:b3:e4:88:89:12:b9:66:16:8b:32:33:27:05:
6f:f1:bc:41:cb:81:24:74:98:70:4e:55:5e:03:5e:ba:fc:29:
8e:14:df:94:ee:ba:f4:b0:81:78:33:b2:5a:c2:e9:d4:9d:aa:
f7:cc:6d:65:f0:69:c2:b0:d9:68:37:d9:d4:56:4f:4f:6b:3f:
a5:27:39:ad:4a:3b:98:96:5e:3c:29:6f:67:c4:6a:7f:9a:65:
23:c7:74:5a:0e:bf:5f:85:8a:2d:d6:33:22:53:bd:be:f0:4a:
de:fd:e7:4b:cd:bb:5b:12:1a:4c:41:60:79:0e:32:7e:10:e9:
db:f9:1b:f0:ad:2d:d1:1b:78:a0:fc:a9:37:9a:0c:5d:bb:b3:
8c:75:45:42:8c:69:a1:77:05:ef:13:58:dd:04:62:dd:83:94:
07:15:3e:7a:f3:06:20:83:88:00:8f:b0:80:ec:ab:1c:e9:b8:
4c:b7:0f:6c:37:c5:6d:5d:76:64:ae:62:a0:47:e3:83:0a:7e:
49:c6:0c:67:d1:4a:3e:6b:d4:03:a4:5e:e4:06:c8:3a:f3:a0:
b4:b1:12:58:b5:40:ba:04:74:4f:36:8f:4f:24:51:c6:9b:a3:
f9:11:80:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATefMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTYyMjM4WhcNMjYwMTAzMTYyMjM4WjAYMRYw
FAYDVQQDEw02NzdlYTY1MS1iZmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApp2UvLMmvsokPFL/k5H024rHKvKGIA9YLoNWkBerwrhuTp+k9qUhnB/8
eANjTgDtLZ7JkxmX5pJQAs+1GMfE3kWGF8UUnnihcVFHA2UV301mIA75GmqqISSK
uJy6LMRFCJPEtYWXeRILGO7wtYb3XstlU6Qvx20nOMrE+B7I4GGMVvvMl7DQ1HVn
3Ka76RWoymRu7ng0LlfSm0aBbYvd/RTo0fz+550fFq24EJ4VeghJ5DwpzeADgw84
CcYVZ/hDggiMMK4AVmGIDo7hNlI0B5w0YyAuCPjEiIoDuLLP0R7C1M7uiUPnoeap
2kyD9XvQiVsWnXjWS9ymw0VeEqsiMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH85
CDeM7klNERJYhaRybOKldup7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOEJDQkM3Q0NEREMxMUVGOUVFRTBFQUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmeMA0GCSqGSIb3DQEB
CwUAA4IBAQCnrhd12b7mVpJsoM4qpKZbLM3oF1jWgLPkiIkSuWYWizIzJwVv8bxB
y4EkdJhwTlVeA166/CmOFN+U7rr0sIF4M7JawunUnar3zG1l8GnCsNloN9nUVk9P
az+lJzmtSjuYll48KW9nxGp/mmUjx3RaDr9fhYot1jMiU72+8Ere/edLzbtbEhpM
QWB5DjJ+EOnb+RvwrS3RG3ig/Kk3mgxdu7OMdUVCjGmhdwXvE1jdBGLdg5QHFT56
8wYgg4gAj7CA7Ksc6bhMtw9sN8VtXXZkrmKgR+ODCn5Jxgxn0Uo+a9QDpF7kBsg6
86C0sRJYtUC6BHRPNo9PJFHGm6P5EYBC
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:05:27 2025 by rpki-client