Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D352A78EC0DD11EFBD75A288762E951A.roa
File: D352A78EC0DD11EFBD75A288762E951A.roa (raw, json)
Hash identifier: SWjhy7WfMU2OohSD+PCL+JhrJ6yNmA5uUCgGWcQObWs=
Subject key identifier: BB:07:F6:77:D5:80:BC:43:20:B8:27:04:38:75:B6:97:4A:65:9E:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011EC2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D352A78EC0DD11EFBD75A288762E951A.roa
Signing time: Mon 23 Dec 2024 03:27:24 +0000
ROA not before: Mon 23 Dec 2024 03:27:20 +0000
ROA not after: Wed 10 Dec 2025 03:27:20 +0000
asID: 984
IP address blocks: 154.89.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73410 (0x11ec2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 03:27:20 2024 GMT
Not After : Dec 10 03:27:20 2025 GMT
Subject: CN=6768d89c-bd9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ef:af:15:16:71:b1:f2:63:f5:a5:12:42:db:
69:89:28:5f:82:63:37:fd:96:4f:2d:e2:1c:6b:9b:
f6:f4:33:d3:6a:45:b0:91:9b:0d:af:c0:9f:ff:ea:
b1:cf:46:f4:04:81:92:7a:a8:93:3f:32:4a:43:3b:
44:34:9c:e3:0a:78:d6:fc:c0:92:64:d0:6f:d9:d8:
50:45:4f:98:13:21:7f:bc:cf:db:73:86:b8:87:c2:
9d:2e:76:a5:9f:ac:9f:65:17:cb:52:35:76:c7:05:
28:19:c6:b7:78:58:08:d0:0a:6c:88:eb:2d:eb:72:
c9:5e:bc:db:08:8a:8f:3f:6a:14:68:d6:00:a6:29:
2d:8b:46:a2:82:ea:11:d1:a7:4a:f9:9a:30:b5:73:
cd:d9:f5:c4:b9:3b:2a:b3:e3:28:60:fe:09:76:14:
20:76:9f:1f:79:a4:ad:24:95:d1:99:33:61:e1:61:
f6:c5:ba:0a:c0:16:49:46:bd:ed:41:27:3a:f4:31:
b2:7d:2c:a7:f4:67:8c:a8:0c:a5:bc:19:39:44:3a:
f2:6a:a4:5c:d9:4d:4e:c9:84:d8:19:77:02:fb:25:
c1:ef:bd:ca:31:02:1b:84:1d:3c:65:0b:86:b2:2e:
84:7a:9a:c4:78:70:66:74:07:38:5b:be:f6:5f:6a:
26:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:07:F6:77:D5:80:BC:43:20:B8:27:04:38:75:B6:97:4A:65:9E:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D352A78EC0DD11EFBD75A288762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.191.0/24
Signature Algorithm: sha256WithRSAEncryption
99:48:a3:0b:df:90:2c:be:2d:82:65:94:65:3e:27:05:c8:d8:
47:5e:36:c9:cc:01:13:78:b4:7f:53:6d:15:57:83:88:7d:64:
69:aa:fa:52:2e:cf:04:5c:cc:ac:ee:e0:43:e8:f7:25:c0:bf:
ef:5f:f7:32:4e:0f:c4:cc:05:c4:84:3d:94:a5:37:71:ea:d3:
44:6b:f8:cf:de:d7:cf:16:c1:e7:b8:58:e6:da:99:57:9a:23:
d3:b8:7c:bf:f0:63:32:db:2c:47:6d:31:cb:9d:ec:b4:94:23:
c4:ba:dc:c8:1b:d0:ed:23:c4:a8:96:f9:ab:70:aa:eb:a2:26:
96:39:6a:9b:e2:b1:13:67:47:8d:27:8e:52:24:13:de:5e:07:
0e:43:c4:4d:ff:dc:95:89:e4:3d:29:aa:e7:17:7c:4f:cb:64:
f1:a1:b1:39:f3:ea:a7:9a:f6:b2:7d:81:f4:67:6d:d4:0d:f6:
af:9a:11:68:10:6e:0d:1c:26:df:8a:ec:f6:78:06:7e:7c:2a:
8c:60:50:59:f5:4e:a7:ad:79:73:10:bb:35:8f:2c:44:93:0c:
6b:a8:82:cd:18:ec:61:e4:8c:83:9b:33:60:ff:7e:d9:12:e6:
b1:ee:96:54:42:3a:06:ce:27:3e:89:a7:5e:76:96:f3:d0:d1:
65:46:29:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR7CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDMyNzIwWhcNMjUxMjEwMDMyNzIwWjAYMRYw
FAYDVQQDEw02NzY4ZDg5Yy1iZDlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs++vFRZxsfJj9aUSQttpiShfgmM3/ZZPLeIca5v29DPTakWwkZsNr8Cf
/+qxz0b0BIGSeqiTPzJKQztENJzjCnjW/MCSZNBv2dhQRU+YEyF/vM/bc4a4h8Kd
Lnaln6yfZRfLUjV2xwUoGca3eFgI0ApsiOst63LJXrzbCIqPP2oUaNYApikti0ai
guoR0adK+ZowtXPN2fXEuTsqs+MoYP4JdhQgdp8feaStJJXRmTNh4WH2xboKwBZJ
Rr3tQSc69DGyfSyn9GeMqAylvBk5RDryaqRc2U1OyYTYGXcC+yXB773KMQIbhB08
ZQuGsi6EeprEeHBmdAc4W772X2om6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLsH
9nfVgLxDILgnBDh1tpdKZZ7dMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzUyQTc4RUMwREQxMUVGQkQ3NUEyODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlm/MA0GCSqGSIb3DQEB
CwUAA4IBAQCZSKML35Asvi2CZZRlPicFyNhHXjbJzAETeLR/U20VV4OIfWRpqvpS
Ls8EXMys7uBD6PclwL/vX/cyTg/EzAXEhD2UpTdx6tNEa/jP3tfPFsHnuFjm2plX
miPTuHy/8GMy2yxHbTHLney0lCPEutzIG9DtI8SolvmrcKrroiaWOWqb4rETZ0eN
J45SJBPeXgcOQ8RN/9yVieQ9KarnF3xPy2TxobE58+qnmvayfYH0Z23UDfavmhFo
EG4NHCbfiuz2eAZ+fCqMYFBZ9U6nrXlzELs1jyxEkwxrqILNGOxh5IyDmzNg/37Z
Euax7pZUQjoGzic+iadedpbz0NFlRilw
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:26 2025 by rpki-client