Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0735012CDEA11EFAF92C586762E951A.roa
File: D0735012CDEA11EFAF92C586762E951A.roa (raw, json)
Hash identifier: rT3CUmBMluPXnmaT79eOS1DlZBDycHU5d1jdos1FNAI=
Subject key identifier: B4:79:23:F3:58:F4:F1:C6:19:80:8A:12:39:E3:A9:AE:B5:2C:E1:D3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013807
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0735012CDEA11EFAF92C586762E951A.roa
Signing time: Wed 08 Jan 2025 18:03:08 +0000
ROA not before: Wed 08 Jan 2025 18:03:04 +0000
ROA not after: Sat 03 Jan 2026 18:03:04 +0000
asID: 984
IP address blocks: 154.89.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79879 (0x13807)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 18:03:04 2025 GMT
Not After : Jan 3 18:03:04 2026 GMT
Subject: CN=677ebddb-3989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ea:fe:1e:4a:64:63:11:b7:30:a0:08:dc:b9:
7e:95:41:af:b7:36:f4:c7:ca:25:95:1c:1a:da:b2:
95:dd:98:9a:43:68:4b:b8:9b:77:38:0a:dd:e8:8b:
99:6b:b7:42:58:c3:4a:53:f3:e0:1f:84:f0:4f:bc:
c6:39:2d:d6:fe:1a:41:fd:b8:e9:1b:7c:d0:28:84:
a2:67:9b:d9:2a:81:01:84:5c:ad:c7:9b:db:e4:5c:
89:db:32:f8:43:58:f6:c0:f5:98:c2:c2:81:ba:1d:
25:20:16:a3:a1:94:cd:e0:14:62:01:ac:80:05:ad:
23:fb:1b:b3:fc:0d:ae:1f:8a:2e:17:46:8f:94:3b:
c5:18:6a:14:50:9c:1b:ec:05:d0:0d:c3:09:9c:45:
1a:55:34:fe:9d:94:ec:64:e9:25:16:b4:89:e0:c3:
81:05:01:ae:14:3f:72:dd:6d:47:87:09:83:ff:b4:
24:5a:45:2a:7b:93:cd:60:7f:9e:40:6b:99:ef:23:
2e:76:08:97:8a:2a:92:02:5c:09:32:4a:dc:7a:4e:
de:99:4a:26:a7:94:4c:4f:6b:23:d7:f9:23:01:22:
51:43:59:f0:3c:1d:48:73:fd:1c:65:cc:09:bd:63:
0a:3c:a3:ab:f6:4f:4a:b1:79:08:52:e7:30:9a:94:
92:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:79:23:F3:58:F4:F1:C6:19:80:8A:12:39:E3:A9:AE:B5:2C:E1:D3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0735012CDEA11EFAF92C586762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.210.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:94:f3:0c:03:43:9a:61:62:1c:67:08:5a:8b:48:79:2f:31:
1e:ce:e0:a0:38:b2:2b:7f:12:38:83:5a:17:ae:c5:06:ec:2c:
23:40:81:6a:82:13:42:6d:1e:80:cc:5c:c5:7e:c5:71:f7:0a:
6c:42:59:26:1c:7c:4c:d7:c2:31:7e:97:33:02:9d:b7:60:dd:
a5:bb:41:5c:94:6f:18:9f:91:8f:7f:1e:df:d5:2f:1f:99:66:
f6:de:3a:69:a5:64:c8:4b:7d:7c:71:b7:af:20:b3:1e:5d:42:
61:4d:d3:22:08:ce:e5:32:89:e5:52:ee:14:26:70:67:a8:cf:
19:d7:8e:4a:c0:bf:cd:2a:ab:92:66:ac:33:93:5e:28:b9:dc:
49:97:38:ea:dd:61:d9:ff:6b:07:cb:ad:70:d7:63:ac:55:13:
f8:e7:d1:5c:24:ac:0c:83:4a:be:93:b3:27:bc:35:bf:7c:c3:
a0:80:81:4b:fa:6f:e4:bd:ff:8b:f0:69:8f:48:94:9f:59:f6:
d1:5c:4d:b2:ef:c5:e4:f0:30:7a:bb:b4:23:18:7d:d9:92:d8:
53:d1:cc:aa:ea:ac:1b:25:ae:89:2f:f7:cc:28:b3:4f:4e:7c:
5c:5c:6f:06:78:e4:69:1d:cf:22:1f:c4:76:5c:1e:c3:0a:f5:
dd:de:58:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATgHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTgwMzA0WhcNMjYwMTAzMTgwMzA0WjAYMRYw
FAYDVQQDEw02NzdlYmRkYi0zOTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxer+HkpkYxG3MKAI3Ll+lUGvtzb0x8ollRwa2rKV3ZiaQ2hLuJt3OArd
6IuZa7dCWMNKU/PgH4TwT7zGOS3W/hpB/bjpG3zQKISiZ5vZKoEBhFytx5vb5FyJ
2zL4Q1j2wPWYwsKBuh0lIBajoZTN4BRiAayABa0j+xuz/A2uH4ouF0aPlDvFGGoU
UJwb7AXQDcMJnEUaVTT+nZTsZOklFrSJ4MOBBQGuFD9y3W1HhwmD/7QkWkUqe5PN
YH+eQGuZ7yMudgiXiiqSAlwJMkrcek7emUomp5RMT2sj1/kjASJRQ1nwPB1Ic/0c
ZcwJvWMKPKOr9k9KsXkIUucwmpSS+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLR5
I/NY9PHGGYCKEjnjqa61LOHTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMDczNTAxMkNERUExMUVGQUY5MkM1ODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnSMA0GCSqGSIb3DQEB
CwUAA4IBAQBblPMMA0OaYWIcZwhai0h5LzEezuCgOLIrfxI4g1oXrsUG7CwjQIFq
ghNCbR6AzFzFfsVx9wpsQlkmHHxM18IxfpczAp23YN2lu0FclG8Yn5GPfx7f1S8f
mWb23jpppWTIS318cbevILMeXUJhTdMiCM7lMonlUu4UJnBnqM8Z145KwL/NKquS
Zqwzk14oudxJlzjq3WHZ/2sHy61w12OsVRP459FcJKwMg0q+k7MnvDW/fMOggIFL
+m/kvf+L8GmPSJSfWfbRXE2y78Xk8DB6u7QjGH3ZkthT0cyq6qwbJa6JL/fMKLNP
TnxcXG8GeORpHc8iH8R2XB7DCvXd3lgw
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:03:59 2025 by rpki-client