Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E72B693EC0DE11EF9033D390762E951A.roa
File: E72B693EC0DE11EF9033D390762E951A.roa (raw, json)
Hash identifier: 6L29Eo0TQBEKJGUHW7K9ZbaVaHc2uDfQmVh5gwP9qOQ=
Subject key identifier: 9A:0F:0C:3F:94:17:88:D0:C9:99:9E:41:1A:44:D4:87:2A:A2:17:43
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011ED0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E72B693EC0DE11EF9033D390762E951A.roa
Signing time: Mon 23 Dec 2024 03:35:07 +0000
ROA not before: Mon 23 Dec 2024 03:35:03 +0000
ROA not after: Wed 10 Dec 2025 03:35:03 +0000
asID: 984
IP address blocks: 154.89.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73424 (0x11ed0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 03:35:03 2024 GMT
Not After : Dec 10 03:35:03 2025 GMT
Subject: CN=6768da6a-ebfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2c:3e:eb:09:03:03:1c:69:8b:88:52:2a:45:
b9:e7:7a:a1:3a:75:4d:e5:62:cc:79:29:b7:9e:39:
6b:01:89:cd:56:19:b6:64:24:34:8d:a3:0a:f1:23:
7c:7c:09:44:29:09:38:05:09:ea:46:3e:f4:d2:4b:
25:8a:e4:0e:fd:33:b1:a6:44:c1:02:88:f0:36:6d:
6c:3b:38:f0:55:6d:13:0d:49:96:7c:76:3c:53:a0:
8b:f3:35:75:2b:a0:1c:38:0b:f8:ee:79:68:80:c4:
82:00:b5:e5:da:21:09:0f:ff:8d:0b:8c:c8:65:92:
27:7e:d2:e9:4d:3b:12:36:19:5c:04:52:97:d2:d0:
e3:30:f1:b9:1b:d1:08:72:9c:68:8f:2d:80:ee:10:
15:03:34:65:e1:f6:e4:86:59:1e:36:fa:a3:35:f1:
1a:f3:54:37:fd:c0:36:24:d8:cf:05:dc:7b:0c:c2:
b5:b0:0b:9a:b9:7a:c8:1a:de:44:9d:a1:7e:7e:87:
fb:8c:b7:97:7e:8a:cb:27:90:02:b3:aa:51:be:c4:
97:32:bc:6f:6a:e7:f6:57:23:d6:43:6e:7a:a0:6c:
5a:1f:ef:53:e4:e7:b7:08:c5:2a:46:6f:df:60:38:
25:35:29:56:ea:0a:24:04:30:f4:06:0f:88:f8:bd:
5c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:0F:0C:3F:94:17:88:D0:C9:99:9E:41:1A:44:D4:87:2A:A2:17:43
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E72B693EC0DE11EF9033D390762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.198.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:2f:65:5e:c4:62:5c:60:da:ff:9f:ed:ef:c8:fe:a9:02:c9:
bd:96:8f:2e:61:b6:9a:1c:2c:ff:ba:55:9f:c8:eb:16:36:d5:
63:e5:e0:2c:67:ce:0a:83:9c:aa:fd:89:79:ae:a2:44:dd:2a:
54:6d:4b:d9:7b:b9:3b:4a:ea:0a:46:df:0c:67:89:d3:84:a0:
a3:7e:48:cb:8c:42:69:0c:d9:72:bb:68:bd:0c:15:ff:38:bb:
40:af:49:28:9f:0d:ed:88:1e:ea:35:74:bc:a3:b2:3a:34:b0:
0a:12:0d:49:05:26:37:02:52:c9:7e:6e:23:5a:82:33:43:ab:
49:c6:da:85:e2:70:af:c3:ac:39:aa:7c:86:7d:61:a6:56:84:
c5:20:42:f3:71:e1:7d:11:45:21:56:e2:75:46:b3:b2:f4:8c:
85:ef:31:8d:4e:82:69:f3:89:2c:54:07:34:84:ce:ca:01:e8:
ad:ac:aa:ab:3f:e4:35:c4:a7:cd:fe:93:b9:5b:19:d1:22:d7:
bc:58:45:69:9e:a3:6b:7a:c2:a3:bb:c1:d4:3c:ed:af:1e:28:
7d:ee:42:5a:15:c9:48:28:cc:5e:55:df:86:37:3d:95:62:06:
56:af:97:28:b5:06:19:64:73:c2:df:5b:07:ad:12:93:23:12:
cd:e1:c6:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR7QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDMzNTAzWhcNMjUxMjEwMDMzNTAzWjAYMRYw
FAYDVQQDEw02NzY4ZGE2YS1lYmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzCw+6wkDAxxpi4hSKkW553qhOnVN5WLMeSm3njlrAYnNVhm2ZCQ0jaMK
8SN8fAlEKQk4BQnqRj700ksliuQO/TOxpkTBAojwNm1sOzjwVW0TDUmWfHY8U6CL
8zV1K6AcOAv47nlogMSCALXl2iEJD/+NC4zIZZInftLpTTsSNhlcBFKX0tDjMPG5
G9EIcpxojy2A7hAVAzRl4fbkhlkeNvqjNfEa81Q3/cA2JNjPBdx7DMK1sAuauXrI
Gt5EnaF+fof7jLeXforLJ5ACs6pRvsSXMrxvauf2VyPWQ256oGxaH+9T5Oe3CMUq
Rm/fYDglNSlW6gokBDD0Bg+I+L1cxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJoP
DD+UF4jQyZmeQRpE1IcqohdDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNzJCNjkzRUMwREUxMUVGOTAzM0QzOTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnGMA0GCSqGSIb3DQEB
CwUAA4IBAQBqL2VexGJcYNr/n+3vyP6pAsm9lo8uYbaaHCz/ulWfyOsWNtVj5eAs
Z84Kg5yq/Yl5rqJE3SpUbUvZe7k7SuoKRt8MZ4nThKCjfkjLjEJpDNlyu2i9DBX/
OLtAr0konw3tiB7qNXS8o7I6NLAKEg1JBSY3AlLJfm4jWoIzQ6tJxtqF4nCvw6w5
qnyGfWGmVoTFIELzceF9EUUhVuJ1RrOy9IyF7zGNToJp84ksVAc0hM7KAeitrKqr
P+Q1xKfN/pO5WxnRIte8WEVpnqNresKju8HUPO2vHih97kJaFclIKMxeVd+GNz2V
YgZWr5cotQYZZHPC31sHrRKTIxLN4cZ4
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:58 2025 by rpki-client