Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE50C87AC19D11EFBD02EABD762E951A.roa
File: EE50C87AC19D11EFBD02EABD762E951A.roa (raw, json)
Hash identifier: J5R7Y9lXVo1b+/k9swbekAOBn/bzpbrWuGWXrp8YQKc=
Subject key identifier: C5:99:8A:DD:9F:3E:66:2B:B4:E9:EE:36:D7:24:C5:75:59:B2:00:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01208D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE50C87AC19D11EFBD02EABD762E951A.roa
Signing time: Tue 24 Dec 2024 02:22:32 +0000
ROA not before: Tue 24 Dec 2024 02:22:29 +0000
ROA not after: Wed 10 Dec 2025 02:22:29 +0000
asID: 984
IP address blocks: 154.90.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73869 (0x1208d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 02:22:29 2024 GMT
Not After : Dec 10 02:22:29 2025 GMT
Subject: CN=676a1ae8-56bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fc:e0:59:d2:66:8d:e3:7c:48:b4:d7:db:9d:
7c:9b:14:72:66:1b:92:c9:af:87:f7:be:f8:9e:5a:
5f:54:ba:77:f9:42:89:f0:ce:67:53:f3:ed:23:a4:
0c:e7:64:b3:b9:70:7d:22:02:e3:4e:34:7a:2a:68:
38:4c:1d:54:84:90:7b:d1:77:65:83:b5:ff:04:6c:
62:e4:0a:1d:26:8c:29:e3:9d:49:8c:95:39:01:30:
29:18:d9:50:ce:60:11:88:8b:99:7d:29:d1:aa:92:
e7:51:3f:93:b8:00:ec:3e:d8:e5:0b:30:b5:9a:95:
20:28:28:c6:6c:20:6b:51:3b:35:54:1c:72:7e:06:
d5:9c:4f:2a:e1:10:58:74:32:af:bb:83:31:0c:d5:
20:d2:02:ed:dd:62:fe:23:07:92:66:d7:e0:3a:55:
68:67:ad:b6:81:24:42:59:0d:d0:2f:a8:07:4d:58:
6a:51:1f:be:e8:dc:43:7f:6f:d7:88:10:a6:d4:d3:
42:3e:2c:3d:22:a6:c2:13:33:40:75:9d:90:5d:64:
d6:ad:d3:57:e1:ec:18:62:b7:43:6d:b6:dc:57:60:
c6:08:dd:04:03:fd:2b:23:c1:00:b5:e3:46:60:73:
c3:5e:e8:67:71:bd:cd:fd:c4:a3:50:56:75:01:dc:
e0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:99:8A:DD:9F:3E:66:2B:B4:E9:EE:36:D7:24:C5:75:59:B2:00:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE50C87AC19D11EFBD02EABD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.226.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:40:08:27:a7:dd:c8:47:2e:8b:c4:c4:7d:d1:22:dc:5f:1f:
67:b0:58:6f:6d:d1:ac:39:09:f8:39:2f:43:81:ca:cf:d8:0b:
ed:cd:d3:42:d0:4f:60:75:d3:87:f6:d4:d8:a6:6d:4f:e0:11:
dd:c3:53:f3:c5:38:49:cb:b7:b6:04:73:ad:bb:10:09:d0:35:
ba:0e:23:76:f1:8f:7e:28:7d:a9:58:cf:5d:c1:bc:cf:d8:2e:
11:30:42:f5:8a:1c:30:9d:17:a2:87:93:45:d0:0f:fb:0d:f7:
e0:c1:d2:f8:34:e5:45:95:71:03:5b:21:68:08:26:f9:80:d5:
60:5d:f6:e1:36:36:cb:e6:86:90:fc:68:86:fc:a3:a3:b6:bd:
ce:28:03:ac:24:e4:bf:0e:f7:f1:72:48:85:9d:d6:db:42:63:
f7:d1:a7:af:ac:d7:f8:f0:b5:ae:a1:eb:e6:6a:3b:78:fa:00:
fe:f7:0b:c8:0f:73:9a:fb:33:e9:df:0d:c6:14:9a:c6:e6:3a:
39:65:1a:07:7e:25:92:3c:8d:64:08:a0:ff:2c:97:8c:0d:20:
17:4e:21:d1:a0:7e:97:69:0a:73:90:c2:bb:11:b8:18:a2:15:
80:60:f0:7a:04:34:af:e4:d9:6b:81:fa:ac:44:c7:b6:44:6f:
40:01:d8:50
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASCNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDIyMjI5WhcNMjUxMjEwMDIyMjI5WjAYMRYw
FAYDVQQDEw02NzZhMWFlOC01NmJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxvzgWdJmjeN8SLTX2518mxRyZhuSya+H9774nlpfVLp3+UKJ8M5nU/Pt
I6QM52SzuXB9IgLjTjR6Kmg4TB1UhJB70Xdlg7X/BGxi5AodJowp451JjJU5ATAp
GNlQzmARiIuZfSnRqpLnUT+TuADsPtjlCzC1mpUgKCjGbCBrUTs1VBxyfgbVnE8q
4RBYdDKvu4MxDNUg0gLt3WL+IweSZtfgOlVoZ622gSRCWQ3QL6gHTVhqUR++6NxD
f2/XiBCm1NNCPiw9IqbCEzNAdZ2QXWTWrdNX4ewYYrdDbbbcV2DGCN0EA/0rI8EA
teNGYHPDXuhncb3N/cSjUFZ1AdzgHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMWZ
it2fPmYrtOnuNtckxXVZsgC4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRTUwQzg3QUMxOUQxMUVGQkQwMkVBQkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlriMA0GCSqGSIb3DQEB
CwUAA4IBAQAMQAgnp93IRy6LxMR90SLcXx9nsFhvbdGsOQn4OS9DgcrP2AvtzdNC
0E9gddOH9tTYpm1P4BHdw1PzxThJy7e2BHOtuxAJ0DW6DiN28Y9+KH2pWM9dwbzP
2C4RMEL1ihwwnReih5NF0A/7DffgwdL4NOVFlXEDWyFoCCb5gNVgXfbhNjbL5oaQ
/GiG/KOjtr3OKAOsJOS/DvfxckiFndbbQmP30aevrNf48LWuoevmajt4+gD+9wvI
D3Oa+zPp3w3GFJrG5jo5ZRoHfiWSPI1kCKD/LJeMDSAXTiHRoH6XaQpzkMK7EbgY
ohWAYPB6BDSv5NlrgfqsRMe2RG9AAdhQ
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:50 2025 by rpki-client