Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE5F67B0C0F111EF927E7489762E951A.roa
File: EE5F67B0C0F111EF927E7489762E951A.roa (raw, json)
Hash identifier: cz+zJSs9DPK3efnM1Vvbldpqqfb6ZswcSqo8jnbVrHo=
Subject key identifier: 1D:B9:B0:35:F5:39:1A:E5:32:DD:4C:09:9D:6B:C5:35:AD:17:21:50
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F68
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE5F67B0C0F111EF927E7489762E951A.roa
Signing time: Mon 23 Dec 2024 05:51:19 +0000
ROA not before: Mon 23 Dec 2024 05:51:15 +0000
ROA not after: Wed 10 Dec 2025 05:51:15 +0000
asID: 984
IP address blocks: 154.90.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73576 (0x11f68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 05:51:15 2024 GMT
Not After : Dec 10 05:51:15 2025 GMT
Subject: CN=6768fa57-e21d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:40:de:e2:c4:d7:90:1c:82:10:83:d3:f3:8a:
d4:3e:69:8b:25:ec:92:64:40:d1:03:45:8c:05:98:
7a:85:0f:f7:72:7b:48:36:ae:80:60:95:fd:a6:e8:
08:02:bf:96:33:7a:7a:37:c9:95:d2:cd:49:dc:5f:
6a:2e:0b:ec:bf:f2:2e:6d:1b:99:ee:81:4c:28:b7:
95:27:a0:d0:ca:89:10:52:cb:40:71:fe:a6:3a:cc:
ce:e8:0e:69:f3:ea:7c:43:7b:0a:b3:a6:7b:bf:0b:
7a:45:8f:61:6b:b8:0e:04:76:ee:52:a3:bd:4f:e8:
22:e1:97:99:17:a8:33:3e:f6:e9:64:33:78:fa:3a:
23:e2:30:b4:ae:d9:11:e0:d0:98:b0:de:af:c4:2c:
73:40:28:f1:5a:f5:0b:f7:8b:5c:f8:db:26:b9:4d:
cb:05:02:4b:29:fb:97:9c:ee:c5:8b:5b:89:8e:86:
b9:98:6f:c2:99:2d:0b:ed:96:53:50:c1:f1:f7:02:
2d:e8:1f:a9:a0:5a:81:77:3b:6d:aa:4f:59:f8:4a:
bc:6f:13:7b:61:e9:db:6f:30:40:de:56:73:58:59:
1b:47:f7:44:0c:30:45:6e:61:4b:46:d5:da:87:99:
b6:f1:ea:65:b7:b8:d3:1c:72:9e:50:25:f0:65:42:
84:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B9:B0:35:F5:39:1A:E5:32:DD:4C:09:9D:6B:C5:35:AD:17:21:50
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE5F67B0C0F111EF927E7489762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.106.0/24
Signature Algorithm: sha256WithRSAEncryption
47:01:5a:47:a0:84:16:b0:09:29:7f:91:60:4e:76:5f:c7:c9:
b7:a2:e3:57:dc:69:77:a9:cb:c3:12:d4:62:6a:19:20:17:6c:
61:06:1c:10:f7:db:27:76:51:12:94:08:97:a3:89:ce:e0:ea:
51:4d:ad:d6:5a:7f:09:9a:9e:9a:d4:e8:11:b9:d0:82:f3:09:
b4:16:49:1e:ca:65:74:15:2d:39:03:f6:d9:fb:8b:1e:8b:cf:
ad:d3:e1:f7:9c:d5:ae:38:e7:7d:91:b2:d7:2a:1f:4f:db:4c:
8b:3c:df:5a:68:a3:83:64:da:90:5a:60:c7:8d:68:8a:7e:91:
3f:42:00:51:26:20:92:f4:9c:e7:34:19:75:71:0e:52:d6:8b:
46:a9:f5:bb:78:4d:c1:0a:b9:b4:55:6d:b3:af:cd:23:e6:e9:
16:6c:3a:39:7f:3e:c0:a6:ba:d5:4c:40:6d:cc:45:6a:8c:81:
9f:fa:b3:be:5e:be:35:26:45:df:5b:d1:b1:09:cf:3a:e2:2f:
e8:e4:2b:62:15:01:77:56:c6:5a:c1:ba:76:5f:8e:dc:92:26:
ef:c3:22:27:80:08:c9:2e:6f:6d:7b:bd:e0:93:f5:60:67:ad:
9c:f6:f6:d5:33:15:94:a1:a7:7f:91:72:ed:f9:e1:d0:ad:01:
71:0d:4c:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR9oMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDU1MTE1WhcNMjUxMjEwMDU1MTE1WjAYMRYw
FAYDVQQDEw02NzY4ZmE1Ny1lMjFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUDe4sTXkByCEIPT84rUPmmLJeySZEDRA0WMBZh6hQ/3cntINq6AYJX9
pugIAr+WM3p6N8mV0s1J3F9qLgvsv/IubRuZ7oFMKLeVJ6DQyokQUstAcf6mOszO
6A5p8+p8Q3sKs6Z7vwt6RY9ha7gOBHbuUqO9T+gi4ZeZF6gzPvbpZDN4+joj4jC0
rtkR4NCYsN6vxCxzQCjxWvUL94tc+NsmuU3LBQJLKfuXnO7Fi1uJjoa5mG/CmS0L
7ZZTUMHx9wIt6B+poFqBdzttqk9Z+Eq8bxN7YenbbzBA3lZzWFkbR/dEDDBFbmFL
RtXah5m28eplt7jTHHKeUCXwZUKEPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB25
sDX1ORrlMt1MCZ1rxTWtFyFQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRTVGNjdCMEMwRjExMUVGOTI3RTc0ODk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlpqMA0GCSqGSIb3DQEB
CwUAA4IBAQBHAVpHoIQWsAkpf5FgTnZfx8m3ouNX3Gl3qcvDEtRiahkgF2xhBhwQ
99sndlESlAiXo4nO4OpRTa3WWn8Jmp6a1OgRudCC8wm0FkkeymV0FS05A/bZ+4se
i8+t0+H3nNWuOOd9kbLXKh9P20yLPN9aaKODZNqQWmDHjWiKfpE/QgBRJiCS9Jzn
NBl1cQ5S1otGqfW7eE3BCrm0VW2zr80j5ukWbDo5fz7AprrVTEBtzEVqjIGf+rO+
Xr41JkXfW9GxCc864i/o5CtiFQF3VsZawbp2X47ckibvwyIngAjJLm9te73gk/Vg
Z62c9vbVMxWUoad/kXLt+eHQrQFxDUzi
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:06 2025 by rpki-client