Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FAB668C8C0CA11EF8290CC80762E951A.roa
File: FAB668C8C0CA11EF8290CC80762E951A.roa (raw, json)
Hash identifier: Z4mQLfSzT8o2TTLwTXc0BdDy+vBslJ7grSMoacDJTOA=
Subject key identifier: AF:EF:2C:D8:11:C5:D6:92:5F:32:DE:84:E7:88:E3:9D:0E:41:72:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011DF8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FAB668C8C0CA11EF8290CC80762E951A.roa
Signing time: Mon 23 Dec 2024 01:12:30 +0000
ROA not before: Mon 23 Dec 2024 01:12:26 +0000
ROA not after: Wed 10 Dec 2025 01:12:26 +0000
asID: 984
IP address blocks: 154.82.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73208 (0x11df8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 01:12:26 2024 GMT
Not After : Dec 10 01:12:26 2025 GMT
Subject: CN=6768b8fd-6df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:16:93:44:01:f3:e2:48:f0:36:1c:20:10:9f:
0d:da:2f:7c:71:11:c8:6f:e8:eb:c2:14:cd:c5:49:
30:7f:a3:9e:fd:55:bb:01:ed:dc:3f:06:0d:9c:45:
2f:45:d5:8b:ee:4a:cf:c9:e7:b5:a8:a0:4e:1f:45:
90:40:b2:f8:9c:20:ad:1a:d0:73:c8:75:ad:c6:1f:
a1:8b:b1:33:5b:3b:6d:6a:40:4f:8c:db:e3:77:ea:
b2:93:90:d4:2f:c0:2e:50:0b:c4:54:04:04:09:00:
45:02:9c:fb:b6:5c:48:4a:08:e8:99:9c:4f:67:3e:
e4:f2:f0:40:70:43:9b:6a:1e:d5:42:5a:25:2c:ca:
be:36:3a:4f:9a:63:f8:5b:03:9e:d4:cb:f3:1a:ff:
76:20:8f:65:50:36:ba:20:b7:5f:7c:1f:92:12:83:
82:33:a2:2d:5a:8d:6e:b0:ad:5f:c1:66:0f:0c:9a:
f1:82:68:3c:0f:f5:11:e6:90:b4:f1:f6:eb:d2:2f:
59:57:69:30:a3:a4:39:84:43:cf:20:75:58:9a:52:
1b:f9:67:2f:d0:50:d9:eb:a9:20:06:dc:2d:d5:67:
ec:da:d3:40:19:b5:92:50:47:57:12:e7:78:fa:15:
aa:c9:ea:e8:68:f3:e0:a2:ef:45:55:22:8a:7d:f0:
ec:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EF:2C:D8:11:C5:D6:92:5F:32:DE:84:E7:88:E3:9D:0E:41:72:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FAB668C8C0CA11EF8290CC80762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.239.0/24
Signature Algorithm: sha256WithRSAEncryption
41:22:49:86:35:90:ea:83:40:99:65:48:27:a5:46:26:ff:7b:
5b:41:ea:4f:27:de:33:5d:cf:d4:c4:8a:55:d9:c5:4a:94:2b:
1c:84:57:66:f0:d7:66:04:c7:67:e2:ac:d7:b9:f8:24:bf:97:
9f:65:c8:15:04:8a:62:83:1b:77:da:9a:be:19:29:e7:1e:57:
d5:8d:98:39:47:9c:5e:12:7e:45:79:e5:ae:55:23:8b:5a:8c:
bf:fe:6d:a6:77:78:3a:6f:94:a1:1f:32:c1:03:bd:d3:36:5a:
f6:52:32:fa:01:d6:90:4a:08:28:13:64:9a:df:83:a8:38:27:
c5:c3:60:96:87:41:d9:9a:90:ad:e5:0c:60:a9:31:8d:b8:24:
fa:5c:39:fe:7e:3e:a0:6f:18:a8:28:34:db:87:d3:01:b2:64:
fe:e1:83:25:08:33:97:3e:dd:2f:4b:d6:30:a1:a3:3f:c2:a3:
70:8c:1d:82:e2:98:11:2f:6d:59:6c:e1:0b:fe:d3:30:5e:47:
1f:6b:0d:5b:4e:a8:2f:23:de:7b:6b:83:3b:40:c4:a7:8a:c7:
68:af:5c:9b:41:ba:0c:54:98:67:c5:25:06:90:ea:c9:a1:37:
e5:88:39:05:99:02:83:6f:e6:48:8d:9f:bd:77:8f:d7:51:70:
e3:eb:2c:a7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR34MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDExMjI2WhcNMjUxMjEwMDExMjI2WjAYMRYw
FAYDVQQDEw02NzY4YjhmZC02ZGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqBaTRAHz4kjwNhwgEJ8N2i98cRHIb+jrwhTNxUkwf6Oe/VW7Ae3cPwYN
nEUvRdWL7krPyee1qKBOH0WQQLL4nCCtGtBzyHWtxh+hi7EzWzttakBPjNvjd+qy
k5DUL8AuUAvEVAQECQBFApz7tlxISgjomZxPZz7k8vBAcEObah7VQlolLMq+NjpP
mmP4WwOe1MvzGv92II9lUDa6ILdffB+SEoOCM6ItWo1usK1fwWYPDJrxgmg8D/UR
5pC08fbr0i9ZV2kwo6Q5hEPPIHVYmlIb+Wcv0FDZ66kgBtwt1Wfs2tNAGbWSUEdX
Eud4+hWqyeroaPPgou9FVSKKffDs1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK/v
LNgRxdaSXzLehOeI450OQXK6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQUI2NjhDOEMwQ0ExMUVGODI5MENDODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLvMA0GCSqGSIb3DQEB
CwUAA4IBAQBBIkmGNZDqg0CZZUgnpUYm/3tbQepPJ94zXc/UxIpV2cVKlCschFdm
8NdmBMdn4qzXufgkv5efZcgVBIpigxt32pq+GSnnHlfVjZg5R5xeEn5FeeWuVSOL
Woy//m2md3g6b5ShHzLBA73TNlr2UjL6AdaQSggoE2Sa34OoOCfFw2CWh0HZmpCt
5QxgqTGNuCT6XDn+fj6gbxioKDTbh9MBsmT+4YMlCDOXPt0vS9YwoaM/wqNwjB2C
4pgRL21ZbOEL/tMwXkcfaw1bTqgvI957a4M7QMSnisdor1ybQboMVJhnxSUGkOrJ
oTfliDkFmQKDb+ZIjZ+9d4/XUXDj6yyn
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:16:54 2025 by rpki-client