Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0088FFE8CDB611EF8B9E2CBA762E951A.roa
File: 0088FFE8CDB611EF8B9E2CBA762E951A.roa (raw, json)
Hash identifier: pI7gkeZ5xbNKpRP57tN5noF6BOM1udzM7KKwD7klNd4=
Subject key identifier: 9E:A0:32:2A:65:1B:B5:14:98:B4:8B:A4:E6:6F:FB:15:F4:59:A2:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136B6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0088FFE8CDB611EF8B9E2CBA762E951A.roa
Signing time: Wed 08 Jan 2025 11:45:05 +0000
ROA not before: Wed 08 Jan 2025 11:45:01 +0000
ROA not after: Tue 16 Dec 2025 11:45:01 +0000
asID: 984
IP address blocks: 154.200.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79542 (0x136b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 11:45:01 2025 GMT
Not After : Dec 16 11:45:01 2025 GMT
Subject: CN=677e6541-83ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a1:ff:31:76:36:5a:38:27:c4:ac:36:7f:1c:
6c:c0:16:df:7f:0b:36:99:8c:4c:b0:ee:52:67:7c:
a0:c6:78:84:40:08:6f:49:1b:f2:8b:ab:1a:89:39:
fa:70:1b:7b:2a:1d:28:1d:7c:77:c4:57:33:76:80:
a8:b5:39:16:ba:26:65:b0:05:52:31:f4:47:e1:94:
1f:bc:c3:23:14:7f:3d:dc:1e:77:1e:10:29:cc:5f:
ad:0c:c0:db:8c:da:3d:f0:f6:6f:25:b9:04:75:96:
82:79:c0:4e:0d:30:26:5f:a2:d0:3f:cc:aa:ea:cf:
9a:37:3e:c0:33:3a:b5:39:02:f8:75:2c:4c:ae:40:
5d:62:7c:96:d4:2e:3c:a6:9f:e3:9e:5b:3d:c9:5c:
56:77:51:cc:a0:75:c2:6e:14:e6:58:66:a4:4a:34:
41:72:41:aa:c0:56:bd:f8:91:7e:2d:3b:0a:23:10:
5d:40:26:85:69:36:1a:96:a0:6f:1e:93:95:d4:be:
b7:97:18:d0:ae:14:9c:21:5d:65:83:b0:e0:90:f9:
66:09:a8:94:97:25:fd:be:f9:e1:fb:f9:a4:6c:d2:
a8:6e:73:09:d3:fd:56:60:18:ac:8c:0e:4d:39:7e:
04:11:ae:4e:73:f3:83:f0:90:46:a0:2a:86:6c:51:
a4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A0:32:2A:65:1B:B5:14:98:B4:8B:A4:E6:6F:FB:15:F4:59:A2:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0088FFE8CDB611EF8B9E2CBA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.139.0/24
Signature Algorithm: sha256WithRSAEncryption
65:d5:eb:ef:57:bd:c2:81:58:3d:19:22:2c:97:82:a5:c1:1f:
fa:b8:c9:93:3f:9a:99:2c:cc:31:bb:9f:0e:b2:a4:64:90:d4:
b1:98:02:16:e4:81:6d:26:1e:70:f5:92:8e:44:0e:01:ac:cd:
74:58:47:18:86:f7:31:62:87:00:a1:82:c9:89:10:81:6b:1f:
84:32:df:2d:af:56:5d:49:a8:3a:e7:7c:df:56:49:ec:7e:73:
1e:30:f8:8a:69:3a:a9:7a:a7:b7:f4:da:cc:59:76:30:cc:22:
1a:3f:14:f6:9a:32:a3:bd:5b:b0:44:49:98:b3:60:f1:3f:e8:
3c:b7:d6:8e:40:d2:18:c7:9c:bc:c0:7e:8e:9e:27:31:4c:27:
f3:21:69:21:7f:94:7d:f4:9f:7a:f2:3a:68:ba:42:3e:99:e0:
67:0f:cc:cd:6a:46:e3:e1:96:73:32:f3:fd:9d:f2:c8:b3:04:
ba:f8:3c:db:75:da:c6:2e:15:70:11:e0:1a:a1:4c:36:a5:b6:
39:4a:89:b3:d3:81:58:43:e6:6c:be:59:2c:13:bc:d9:77:f6:
5f:1a:41:5b:7e:39:10:9e:a2:e6:b2:89:b6:a2:71:de:46:96:
c1:5f:7c:25:56:95:1d:50:80:2b:5b:7f:8b:a5:ef:04:30:fe:
1e:0f:ca:c7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATa2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTE0NTAxWhcNMjUxMjE2MTE0NTAxWjAYMRYw
FAYDVQQDEw02NzdlNjU0MS04M2NhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw6H/MXY2WjgnxKw2fxxswBbffws2mYxMsO5SZ3ygxniEQAhvSRvyi6sa
iTn6cBt7Kh0oHXx3xFczdoCotTkWuiZlsAVSMfRH4ZQfvMMjFH893B53HhApzF+t
DMDbjNo98PZvJbkEdZaCecBODTAmX6LQP8yq6s+aNz7AMzq1OQL4dSxMrkBdYnyW
1C48pp/jnls9yVxWd1HMoHXCbhTmWGakSjRBckGqwFa9+JF+LTsKIxBdQCaFaTYa
lqBvHpOV1L63lxjQrhScIV1lg7DgkPlmCaiUlyX9vvnh+/mkbNKobnMJ0/1WYBis
jA5NOX4EEa5Oc/OD8JBGoCqGbFGk3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ6g
MiplG7UUmLSLpOZv+xX0WaKBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMDg4RkZFOENEQjYxMUVGOEI5RTJDQkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsiLMA0GCSqGSIb3DQEB
CwUAA4IBAQBl1evvV73CgVg9GSIsl4KlwR/6uMmTP5qZLMwxu58OsqRkkNSxmAIW
5IFtJh5w9ZKORA4BrM10WEcYhvcxYocAoYLJiRCBax+EMt8tr1ZdSag653zfVkns
fnMeMPiKaTqpeqe39NrMWXYwzCIaPxT2mjKjvVuwREmYs2DxP+g8t9aOQNIYx5y8
wH6OnicxTCfzIWkhf5R99J968jpoukI+meBnD8zNakbj4ZZzMvP9nfLIswS6+Dzb
ddrGLhVwEeAaoUw2pbY5Somz04FYQ+ZsvlksE7zZd/ZfGkFbfjkQnqLmsom2onHe
RpbBX3wlVpUdUIArW3+Lpe8EMP4eD8rH
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:52:56 2025 by rpki-client