Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4A02E62C1A011EF9BE01E56762E951A.roa
File: E4A02E62C1A011EF9BE01E56762E951A.roa (raw, json)
Hash identifier: CEY6qGsGDtLlWPGSoHvwcf2tQM9jPmZRMo9exvW2lOw=
Subject key identifier: 8B:0E:8B:8D:A7:02:E8:1C:D0:07:6C:6E:4E:10:97:1B:69:41:09:66
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0120B1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4A02E62C1A011EF9BE01E56762E951A.roa
Signing time: Tue 24 Dec 2024 02:43:45 +0000
ROA not before: Tue 24 Dec 2024 02:43:41 +0000
ROA not after: Wed 10 Dec 2025 02:43:41 +0000
asID: 984
IP address blocks: 154.90.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73905 (0x120b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 02:43:41 2024 GMT
Not After : Dec 10 02:43:41 2025 GMT
Subject: CN=676a1fe1-7196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:16:ca:03:af:92:a5:45:01:1a:3d:9e:70:e2:
f9:bc:e5:8b:cd:00:52:0a:43:c1:20:a7:41:5f:29:
a1:1e:06:eb:27:64:22:3a:b7:e4:28:de:7b:2e:32:
e0:87:01:c5:ea:19:4a:14:b9:c1:09:ea:21:42:3c:
84:25:b4:b0:b4:88:4c:90:dd:6f:23:9c:2a:96:ae:
1a:5c:33:11:b2:8b:3f:e1:07:93:86:83:96:b1:2a:
a8:2b:b1:fa:3c:50:de:b9:92:98:e0:7a:ce:ad:0a:
b6:b0:a7:34:c5:7a:3d:ba:21:3a:63:85:b4:0b:18:
56:49:e1:39:b0:81:fd:f1:75:ec:c2:77:c5:f7:0d:
0f:af:e5:70:90:96:23:42:5b:84:20:66:bd:a0:59:
d6:f2:81:3c:a3:e2:b2:31:6c:6f:b7:ba:da:41:43:
b4:11:13:ed:65:8d:87:96:15:5d:ef:2e:b5:71:8a:
31:da:af:7c:59:c4:ad:91:66:16:be:1a:9b:cb:5b:
1a:80:af:37:d6:3a:a5:14:85:74:9b:6d:e3:a0:eb:
23:9c:b3:9d:9b:19:a0:76:12:ec:59:69:7e:1c:0c:
4b:72:53:b5:17:9a:fd:64:aa:86:df:05:aa:c3:d1:
64:89:ca:ae:73:0a:f9:c1:3f:03:49:c3:26:ca:de:
c0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:0E:8B:8D:A7:02:E8:1C:D0:07:6C:6E:4E:10:97:1B:69:41:09:66
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4A02E62C1A011EF9BE01E56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.244.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:55:0c:cf:a5:f9:01:49:db:b0:b3:96:89:0c:96:b6:b7:60:
1e:f2:52:21:2b:90:38:09:3f:26:86:1d:25:9d:12:a4:dd:e5:
47:4f:e9:35:77:2f:a0:0d:2e:05:f2:3e:06:ea:a1:8f:e9:02:
2c:66:5b:c1:cd:55:72:af:4b:c2:81:7a:34:83:20:a6:e5:25:
d4:af:02:d7:d6:e7:6d:af:44:ed:14:8e:10:1f:64:1b:32:ef:
8f:c3:0f:d6:bc:33:f6:1f:d9:5c:3e:fb:a6:d2:79:69:b7:17:
c0:1d:dd:3c:15:39:47:db:20:12:46:92:ca:fc:bc:9e:96:2a:
30:54:13:d1:fc:d8:57:6f:ad:fc:f3:74:e8:d0:a0:ba:96:c3:
88:ab:63:ea:65:9a:49:0f:a7:2b:03:5e:28:d2:a2:c8:04:f2:
13:6c:35:d3:c7:80:36:a7:93:82:c5:f6:ca:a3:d5:3e:22:6a:
da:e5:4b:92:a4:b0:23:f1:6b:95:94:94:6c:dd:c3:7f:b9:8b:
4f:63:f6:8f:7f:73:a0:fe:ac:cc:90:4a:71:84:5a:c1:c3:c0:
b4:f3:35:0f:89:26:90:22:93:ba:18:db:83:dc:f8:7c:05:06:
64:31:e3:bd:c3:0a:82:10:56:fc:7e:ad:43:82:49:16:1f:5e:
d1:be:3b:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASCxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDI0MzQxWhcNMjUxMjEwMDI0MzQxWjAYMRYw
FAYDVQQDEw02NzZhMWZlMS03MTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwRbKA6+SpUUBGj2ecOL5vOWLzQBSCkPBIKdBXymhHgbrJ2QiOrfkKN57
LjLghwHF6hlKFLnBCeohQjyEJbSwtIhMkN1vI5wqlq4aXDMRsos/4QeThoOWsSqo
K7H6PFDeuZKY4HrOrQq2sKc0xXo9uiE6Y4W0CxhWSeE5sIH98XXswnfF9w0Pr+Vw
kJYjQluEIGa9oFnW8oE8o+KyMWxvt7raQUO0ERPtZY2HlhVd7y61cYox2q98WcSt
kWYWvhqby1sagK831jqlFIV0m23joOsjnLOdmxmgdhLsWWl+HAxLclO1F5r9ZKqG
3wWqw9Fkicqucwr5wT8DScMmyt7ANwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIsO
i42nAugc0Adsbk4QlxtpQQlmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNEEwMkU2MkMxQTAxMUVGOUJFMDFFNTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlr0MA0GCSqGSIb3DQEB
CwUAA4IBAQCMVQzPpfkBSduws5aJDJa2t2Ae8lIhK5A4CT8mhh0lnRKk3eVHT+k1
dy+gDS4F8j4G6qGP6QIsZlvBzVVyr0vCgXo0gyCm5SXUrwLX1udtr0TtFI4QH2Qb
Mu+Pww/WvDP2H9lcPvum0nlptxfAHd08FTlH2yASRpLK/LyeliowVBPR/NhXb638
83To0KC6lsOIq2PqZZpJD6crA14o0qLIBPITbDXTx4A2p5OCxfbKo9U+Imra5UuS
pLAj8WuVlJRs3cN/uYtPY/aPf3Og/qzMkEpxhFrBw8C08zUPiSaQIpO6GNuD3Ph8
BQZkMeO9wwqCEFb8fq1DgkkWH17RvjuG
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:19 2025 by rpki-client