Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9FB4740C0D711EFB6007260762E951A.roa
File: D9FB4740C0D711EFB6007260762E951A.roa (raw, json)
Hash identifier: KVD0ARzL2hx49VHP70GbNcOqN8K4c190DPZDbm8qYrA=
Subject key identifier: 33:9B:9C:8F:5D:C4:5D:53:EE:67:B9:0D:BE:2A:79:04:F2:E1:D6:C3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E74
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9FB4740C0D711EFB6007260762E951A.roa
Signing time: Mon 23 Dec 2024 02:44:38 +0000
ROA not before: Mon 23 Dec 2024 02:44:34 +0000
ROA not after: Wed 10 Dec 2025 02:44:34 +0000
asID: 984
IP address blocks: 154.89.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73332 (0x11e74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 02:44:34 2024 GMT
Not After : Dec 10 02:44:34 2025 GMT
Subject: CN=6768ce96-be73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f6:51:2b:5d:c7:11:31:9b:1b:3b:1c:8d:79:
75:49:f9:a5:77:c7:c2:05:12:eb:63:42:15:47:2a:
51:0b:1a:92:fe:77:a2:45:18:75:aa:bf:54:17:07:
47:a3:a1:e6:62:f2:38:cd:68:3f:1a:de:e7:a5:f8:
54:d2:43:56:f0:9a:41:93:bc:92:ce:f7:c2:80:e8:
fc:16:31:e2:20:94:64:ee:2b:c8:03:26:5f:18:31:
1a:ac:db:73:ac:ea:4a:d2:e3:f2:aa:f7:48:4d:c9:
01:e8:3a:94:20:28:4b:e6:e3:ae:27:b0:4c:cf:6e:
75:54:ee:fb:ef:5b:ba:2a:f2:99:61:6c:de:4e:b4:
c3:50:83:28:14:15:a6:58:40:6f:9f:2e:45:c9:aa:
f4:3f:b9:c3:e8:a7:0c:a2:b4:30:56:f7:12:d3:05:
86:77:98:66:e3:76:ec:04:1f:b9:83:2c:34:a2:dc:
31:a4:3d:0a:b5:78:06:3d:83:f3:3a:ec:1e:3a:7d:
20:85:f0:3b:59:04:4d:94:eb:b0:a2:18:24:27:83:
d5:48:38:a0:6a:49:f0:65:c0:f3:c0:3e:07:4e:ae:
a0:d3:b9:9b:45:cc:e4:5b:dc:e1:59:34:2f:97:13:
47:8a:45:b4:5b:6f:1e:68:7e:42:ce:2c:83:60:16:
3c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9B:9C:8F:5D:C4:5D:53:EE:67:B9:0D:BE:2A:79:04:F2:E1:D6:C3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9FB4740C0D711EFB6007260762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.152.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a1:f3:ff:ad:39:e4:a0:86:cf:91:ce:c3:06:3a:db:79:44:
b2:43:34:3d:af:29:ca:b3:92:3f:a7:79:33:f7:25:12:69:ab:
0d:d4:8b:7f:94:98:5c:03:c4:e5:bb:09:ac:8c:31:42:65:32:
c4:89:f4:b0:27:bb:59:b3:de:8a:4d:fe:00:f1:b2:be:d7:67:
4a:79:cc:7d:63:7c:0d:3b:cd:06:e8:02:b0:0a:dd:ea:74:96:
65:13:a5:45:a1:8d:f6:df:b7:e5:ba:d8:64:de:bf:30:9c:80:
aa:27:f5:15:3e:a0:68:ea:02:d3:16:e9:ad:1a:57:fc:26:d7:
7f:db:e9:ac:6e:1b:57:3d:bc:4b:99:b4:b1:a8:03:e6:fd:1d:
6b:4a:fd:98:b9:23:fd:d3:35:3b:50:23:17:5e:83:ec:4e:12:
8e:41:3c:cd:38:38:9e:ff:6a:9e:df:51:c5:4d:fd:aa:e6:8b:
08:07:04:bf:25:70:82:4b:70:9c:f9:62:a1:fe:c6:8f:c5:8a:
26:02:94:55:6d:d1:44:6a:1f:1c:44:d1:51:0a:31:12:2b:41:
a2:35:8b:24:11:20:a4:81:53:8b:67:91:d4:3a:63:91:85:da:
e6:80:8a:4b:b5:92:a3:4c:55:3e:f2:b4:a0:92:87:f9:4a:ad:
13:d4:c1:ed
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR50MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDI0NDM0WhcNMjUxMjEwMDI0NDM0WjAYMRYw
FAYDVQQDEw02NzY4Y2U5Ni1iZTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwfZRK13HETGbGzscjXl1Sfmld8fCBRLrY0IVRypRCxqS/neiRRh1qr9U
FwdHo6HmYvI4zWg/Gt7npfhU0kNW8JpBk7ySzvfCgOj8FjHiIJRk7ivIAyZfGDEa
rNtzrOpK0uPyqvdITckB6DqUIChL5uOuJ7BMz251VO7771u6KvKZYWzeTrTDUIMo
FBWmWEBvny5Fyar0P7nD6KcMorQwVvcS0wWGd5hm43bsBB+5gyw0otwxpD0KtXgG
PYPzOuweOn0ghfA7WQRNlOuwohgkJ4PVSDigaknwZcDzwD4HTq6g07mbRczkW9zh
WTQvlxNHikW0W28eaH5CziyDYBY8rwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDOb
nI9dxF1T7me5Db4qeQTy4dbDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOUZCNDc0MEMwRDcxMUVGQjYwMDcyNjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmYMA0GCSqGSIb3DQEB
CwUAA4IBAQBBofP/rTnkoIbPkc7DBjrbeUSyQzQ9rynKs5I/p3kz9yUSaasN1It/
lJhcA8TluwmsjDFCZTLEifSwJ7tZs96KTf4A8bK+12dKecx9Y3wNO80G6AKwCt3q
dJZlE6VFoY3237fluthk3r8wnICqJ/UVPqBo6gLTFumtGlf8Jtd/2+msbhtXPbxL
mbSxqAPm/R1rSv2YuSP90zU7UCMXXoPsThKOQTzNODie/2qe31HFTf2q5osIBwS/
JXCCS3Cc+WKh/saPxYomApRVbdFEah8cRNFRCjESK0GiNYskESCkgVOLZ5HUOmOR
hdrmgIpLtZKjTFU+8rSgkof5Sq0T1MHt
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:17:15 2025 by rpki-client