Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E5FD98A2C0E311EFA0CD88B2762E951A.roa
File: E5FD98A2C0E311EFA0CD88B2762E951A.roa (raw, json)
Hash identifier: dw8O94Cnv3UWIc1Oa8e+jK9txksLz5QxgtBB35vTORs=
Subject key identifier: DA:3F:A2:3A:51:7E:B3:55:DA:B7:1B:69:1F:83:80:70:F5:96:CB:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F10
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E5FD98A2C0E311EFA0CD88B2762E951A.roa
Signing time: Mon 23 Dec 2024 04:10:52 +0000
ROA not before: Mon 23 Dec 2024 04:10:48 +0000
ROA not after: Wed 10 Dec 2025 04:10:48 +0000
asID: 984
IP address blocks: 154.89.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73488 (0x11f10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 04:10:48 2024 GMT
Not After : Dec 10 04:10:48 2025 GMT
Subject: CN=6768e2cc-a72e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c8:a9:a2:41:78:92:b9:bd:db:80:84:81:3e:
3f:ec:21:f4:c7:a5:28:9e:58:c4:01:3a:81:39:8a:
66:20:ea:ae:fd:e0:dc:85:59:83:09:52:a4:75:94:
82:3d:50:1b:36:66:5b:d2:e3:eb:29:ab:c1:54:50:
9e:6c:92:91:d8:e6:08:04:18:16:a6:45:9c:49:58:
17:9a:2b:70:1a:eb:4a:cf:6c:97:64:52:0d:b9:ee:
bd:38:4c:15:18:33:e2:c1:fc:0a:38:c7:86:0a:dd:
0a:82:31:ce:7e:c1:3c:44:a9:70:31:8d:48:2c:22:
84:66:43:fc:a9:8c:67:49:67:73:f8:af:e7:3d:af:
17:6e:58:5d:c5:e8:48:3a:9f:56:8c:7d:58:8c:59:
65:92:9a:c2:65:26:81:fa:b0:1f:fe:70:8b:d5:7f:
3d:0c:03:3f:d2:b5:90:44:31:fe:f5:68:1a:03:1d:
ea:ce:a7:d0:16:ca:aa:10:59:51:77:f2:1a:14:90:
40:05:56:a4:7c:34:bf:e0:e7:66:6d:c8:48:37:a9:
47:9a:72:80:e8:af:a6:e6:dc:a3:f2:0e:db:5c:5d:
e0:d0:4f:59:4f:d4:79:97:2e:2e:1d:1f:91:77:3e:
d2:21:8c:90:3f:70:dd:a1:d1:85:d0:e5:62:88:73:
00:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3F:A2:3A:51:7E:B3:55:DA:B7:1B:69:1F:83:80:70:F5:96:CB:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E5FD98A2C0E311EFA0CD88B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.247.0/24
Signature Algorithm: sha256WithRSAEncryption
51:d2:80:2e:94:8c:a3:31:72:70:36:ff:52:48:5e:05:4a:70:
44:21:cb:39:60:c4:8b:c1:8b:ab:39:fb:df:d2:b6:87:c4:db:
21:c7:37:b0:28:db:c6:d8:63:4e:6d:0a:cd:e8:90:b0:a2:46:
dc:bc:5b:c9:68:80:6a:e6:99:04:61:5b:3d:7e:08:bd:70:f8:
dd:94:1e:9e:bd:e6:cb:2b:4a:06:e7:a8:c7:7e:1d:77:2d:a7:
d0:d9:ca:fb:e4:fc:f4:4d:91:27:28:b6:7e:1d:48:82:b1:ba:
a9:b2:98:c0:45:71:b5:71:f6:e0:49:ce:2c:b8:57:ed:76:c1:
8d:e3:76:ba:0d:04:38:0b:51:cc:fe:7f:c5:22:18:87:fb:ce:
bc:6a:0e:ef:0e:cf:db:65:f9:a3:aa:17:60:4a:34:54:2e:03:
34:58:bd:04:62:eb:db:e8:43:a3:22:64:b5:a5:a7:fb:38:05:
b6:2e:5c:d2:ff:c4:3c:78:e7:2a:32:f5:22:52:36:79:2f:fb:
0b:8e:fb:85:5b:5f:02:1d:aa:f7:48:06:77:14:41:e3:72:4e:
bd:11:6c:9e:8b:cb:aa:3a:0e:3d:ba:fc:bb:1c:ed:1a:28:a9:
6f:50:49:d2:45:01:d3:be:60:94:56:ee:ca:55:27:bd:59:f5:
f7:1f:51:56
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR8QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDQxMDQ4WhcNMjUxMjEwMDQxMDQ4WjAYMRYw
FAYDVQQDEw02NzY4ZTJjYy1hNzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy8ipokF4krm924CEgT4/7CH0x6UonljEATqBOYpmIOqu/eDchVmDCVKk
dZSCPVAbNmZb0uPrKavBVFCebJKR2OYIBBgWpkWcSVgXmitwGutKz2yXZFINue69
OEwVGDPiwfwKOMeGCt0KgjHOfsE8RKlwMY1ILCKEZkP8qYxnSWdz+K/nPa8Xblhd
xehIOp9WjH1YjFllkprCZSaB+rAf/nCL1X89DAM/0rWQRDH+9WgaAx3qzqfQFsqq
EFlRd/IaFJBABVakfDS/4OdmbchIN6lHmnKA6K+m5tyj8g7bXF3g0E9ZT9R5ly4u
HR+Rdz7SIYyQP3DdodGF0OViiHMAAwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNo/
ojpRfrNV2rcbaR+DgHD1lsvaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNUZEOThBMkMwRTMxMUVGQTBDRDg4QjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmln3MA0GCSqGSIb3DQEB
CwUAA4IBAQBR0oAulIyjMXJwNv9SSF4FSnBEIcs5YMSLwYurOfvf0raHxNshxzew
KNvG2GNObQrN6JCwokbcvFvJaIBq5pkEYVs9fgi9cPjdlB6evebLK0oG56jHfh13
LafQ2cr75Pz0TZEnKLZ+HUiCsbqpspjARXG1cfbgSc4suFftdsGN43a6DQQ4C1HM
/n/FIhiH+868ag7vDs/bZfmjqhdgSjRULgM0WL0EYuvb6EOjImS1paf7OAW2LlzS
/8Q8eOcqMvUiUjZ5L/sLjvuFW18CHar3SAZ3FEHjck69EWyei8uqOg49uvy7HO0a
KKlvUEnSRQHTvmCUVu7KVSe9WfX3H1FW
-----END CERTIFICATE-----
Generated at Thu Apr 10 09:26:48 2025 by rpki-client