Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9063218CDE311EF918DDF5B762E951A.roa
File: E9063218CDE311EF918DDF5B762E951A.roa (raw, json)
Hash identifier: V3qje1nfYaa7aP7dOVZuvqmqkUUIIMzuY3Jp4ePFelU=
Subject key identifier: 0C:D8:56:80:C8:4D:9F:41:B2:86:8E:4F:C2:34:0A:CC:11:69:5F:5E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0137D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9063218CDE311EF918DDF5B762E951A.roa
Signing time: Wed 08 Jan 2025 17:13:42 +0000
ROA not before: Wed 08 Jan 2025 17:13:39 +0000
ROA not after: Sat 03 Jan 2026 17:13:39 +0000
asID: 984
IP address blocks: 154.89.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79829 (0x137d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 17:13:39 2025 GMT
Not After : Jan 3 17:13:39 2026 GMT
Subject: CN=677eb246-b5ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9a:f9:54:22:53:0c:4e:38:43:33:c6:93:02:
90:71:5e:43:e7:16:15:73:f4:b9:80:94:57:1c:f5:
97:1d:72:78:37:34:a0:6a:e7:c6:3e:92:6b:12:64:
24:83:49:58:4d:2d:cf:c5:aa:1f:d1:f7:3a:7c:43:
ea:86:da:06:2b:ba:ff:05:32:98:2b:12:d0:df:2f:
78:79:4f:6f:80:c1:a7:3b:ab:e7:46:e0:5c:75:72:
15:c1:24:18:84:1b:e5:7b:fb:6e:cd:1c:40:ed:2d:
a6:6f:ec:82:78:d2:b8:89:fb:9d:7e:66:ed:9d:4b:
dc:7f:e3:f0:36:63:c0:13:c7:63:af:8c:22:78:55:
7f:87:04:22:7a:fb:27:fc:07:15:30:a2:fd:88:c8:
84:d2:3c:e9:95:2d:be:0d:a3:c8:91:ff:55:db:3d:
71:1a:47:66:56:ae:c4:2a:aa:bc:54:3f:3c:a5:2a:
66:df:a4:5c:60:bf:29:b6:aa:3c:59:13:bd:1d:c8:
15:65:aa:14:9d:be:17:ee:ef:87:64:aa:32:c7:15:
93:8b:51:51:39:36:c7:c1:88:8c:50:95:1f:29:13:
6f:bc:67:e2:21:bd:57:40:8d:b8:61:e8:be:20:4d:
8e:78:88:ba:3a:e8:ab:75:4a:09:36:c2:32:2f:93:
9a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:D8:56:80:C8:4D:9F:41:B2:86:8E:4F:C2:34:0A:CC:11:69:5F:5E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9063218CDE311EF918DDF5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.185.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:7e:6d:d8:f3:69:bc:1a:c6:d6:37:20:cb:b9:3f:3f:34:7f:
f4:9b:17:66:ef:ca:e2:18:fd:b9:cf:40:78:f3:5f:99:38:19:
14:ea:9a:b7:cb:0c:d2:a3:1d:cb:05:9f:56:76:fd:fe:99:a4:
fa:ae:79:e4:db:36:12:24:ac:3f:69:00:7f:b2:97:7c:d7:9a:
ce:19:e0:4c:97:a9:18:52:c9:59:2c:3a:8a:aa:05:8b:d8:5d:
50:92:83:b7:32:63:cc:56:48:49:fe:7e:3b:77:cc:7a:c6:3c:
f0:8d:2c:e4:5b:db:8d:0f:35:a7:f7:d3:1e:51:0e:dd:b8:a0:
36:d0:26:01:13:81:0a:6c:62:f6:95:96:12:04:63:d1:c4:a6:
52:d1:cb:b9:1d:4f:29:05:2a:2c:d3:65:a5:b3:19:14:34:70:
be:a7:0e:65:69:c3:ac:b2:cf:f2:9d:be:b9:16:48:d2:39:b9:
8f:f3:f7:15:6f:0d:42:ad:e8:0b:9e:12:48:94:4b:05:40:e7:
fe:f7:c1:44:59:f7:29:fc:72:1c:8b:cb:73:a7:c4:45:ab:b4:
f0:28:64:30:6e:06:52:e0:1e:50:0c:6c:71:a5:14:8a:83:f0:
9b:34:7f:17:83:d3:a0:8c:bc:18:59:0c:1b:d3:07:ef:f1:03:
3e:c6:e6:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATfVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTcxMzM5WhcNMjYwMTAzMTcxMzM5WjAYMRYw
FAYDVQQDEw02NzdlYjI0Ni1iNWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA15r5VCJTDE44QzPGkwKQcV5D5xYVc/S5gJRXHPWXHXJ4NzSgaufGPpJr
EmQkg0lYTS3Pxaof0fc6fEPqhtoGK7r/BTKYKxLQ3y94eU9vgMGnO6vnRuBcdXIV
wSQYhBvle/tuzRxA7S2mb+yCeNK4ifudfmbtnUvcf+PwNmPAE8djr4wieFV/hwQi
evsn/AcVMKL9iMiE0jzplS2+DaPIkf9V2z1xGkdmVq7EKqq8VD88pSpm36RcYL8p
tqo8WRO9HcgVZaoUnb4X7u+HZKoyxxWTi1FROTbHwYiMUJUfKRNvvGfiIb1XQI24
Yei+IE2OeIi6OuirdUoJNsIyL5OahQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAzY
VoDITZ9BsoaOT8I0CswRaV9eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOTA2MzIxOENERTMxMUVGOTE4RERGNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlm5MA0GCSqGSIb3DQEB
CwUAA4IBAQAtfm3Y82m8GsbWNyDLuT8/NH/0mxdm78riGP25z0B481+ZOBkU6pq3
ywzSox3LBZ9Wdv3+maT6rnnk2zYSJKw/aQB/spd815rOGeBMl6kYUslZLDqKqgWL
2F1QkoO3MmPMVkhJ/n47d8x6xjzwjSzkW9uNDzWn99MeUQ7duKA20CYBE4EKbGL2
lZYSBGPRxKZS0cu5HU8pBSos02WlsxkUNHC+pw5lacOsss/ynb65FkjSObmP8/cV
bw1CregLnhJIlEsFQOf+98FEWfcp/HIci8tzp8RFq7TwKGQwbgZS4B5QDGxxpRSK
g/CbNH8Xg9OgjLwYWQwb0wfv8QM+xual
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:32:22 2025 by rpki-client