Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/072080480FAA11F088556F67762E951A.roa
File: 072080480FAA11F088556F67762E951A.roa (raw, json)
Hash identifier: 6ETg0JssXijKAFF/3ixqPq8FlebHHdZU43Y55L5HJBU=
Subject key identifier: AE:74:C2:A1:F5:42:D1:FC:54:AD:38:3B:2C:1B:D3:11:0B:65:2B:49
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01774E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/072080480FAA11F088556F67762E951A.roa
Signing time: Wed 02 Apr 2025 10:05:39 +0000
ROA not before: Wed 02 Apr 2025 10:05:34 +0000
ROA not after: Mon 14 Apr 2025 10:05:34 +0000
asID: 5065
IP address blocks: 154.86.8.0/24 maxlen: 24
154.86.9.0/24 maxlen: 24
154.86.10.0/24 maxlen: 24
154.86.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96078 (0x1774e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Apr 2 10:05:34 2025 GMT
Not After : Apr 14 10:05:34 2025 GMT
Subject: CN=67ed0bf3-93c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cf:ea:0d:c0:73:c3:3c:cb:a6:22:93:51:8d:
f9:c8:4c:b6:5a:89:06:3c:ee:3b:27:1c:96:12:ec:
f6:b9:fc:f2:64:71:a2:ab:75:8f:28:ce:24:7a:91:
a4:c2:62:a3:bd:73:75:6c:a4:d6:75:ad:1b:1e:44:
b0:30:cf:9b:99:73:1d:a8:a3:c3:e6:af:ef:a2:37:
de:1a:a4:ea:c2:4c:a3:07:a4:9e:fc:41:b8:60:69:
30:13:eb:68:41:e0:33:22:c3:49:92:a5:e5:14:42:
98:ac:b1:5f:b3:a2:42:59:25:f9:ca:93:60:18:41:
68:6a:91:2a:5e:a0:4c:ad:0f:aa:79:5d:fa:58:dd:
12:70:03:a8:92:31:e3:68:c6:d4:98:00:49:e7:e7:
5e:c0:03:6b:f1:6b:fa:56:86:e2:a6:6d:46:06:d0:
74:00:4a:98:4e:ef:40:31:b7:59:01:bb:3f:c1:d5:
7b:e8:f2:96:79:fe:d5:da:07:71:5d:87:cc:39:e9:
27:bd:35:ca:9f:e5:04:b5:70:27:96:d5:77:45:f0:
48:6f:7a:f6:56:86:3d:97:84:b4:68:fb:35:42:c9:
4c:24:bf:0c:ff:d8:cf:a8:c1:ca:1c:60:65:d7:bb:
68:42:b9:95:e0:de:dc:16:88:c2:aa:75:f1:d9:c9:
a9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:74:C2:A1:F5:42:D1:FC:54:AD:38:3B:2C:1B:D3:11:0B:65:2B:49
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/072080480FAA11F088556F67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.8.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:fc:c5:18:c6:e3:53:dd:c5:2d:28:a3:6f:5e:d4:c0:cf:a9:
9a:98:6c:45:9e:0f:9d:3c:d9:d0:0f:fc:62:c0:47:24:01:48:
f4:9a:d1:0f:85:fc:15:96:bd:1a:03:bd:3c:2c:db:b0:54:e9:
a7:52:f5:15:df:5f:cc:dd:ec:5b:43:5c:72:58:d9:30:1a:ac:
c5:ac:65:3e:d9:52:ae:dd:c1:f0:f2:20:15:54:5b:a5:4a:1b:
8c:34:97:e3:8c:8e:b9:66:96:04:1d:ba:bd:09:cc:8b:82:94:
47:5c:5a:91:0a:c6:35:5a:44:32:58:32:81:09:0f:bd:7a:26:
75:2b:8c:45:39:73:0f:86:c4:38:73:d4:08:62:d8:ad:b8:2e:
cc:37:21:94:1a:94:7c:63:4d:7b:f2:f7:d1:1a:b2:6a:db:fb:
26:1c:ea:b4:10:a5:3e:e6:69:43:e8:1f:d3:0f:bc:28:8f:6a:
a3:3f:57:b7:2a:87:53:13:ff:2d:ba:8f:bb:4e:fc:39:29:92:
27:d8:be:c2:7f:75:3b:1e:be:25:68:8e:04:48:1a:6a:78:b8:
1b:0d:9d:5c:28:37:17:6f:91:2a:e9:d9:76:6e:0b:c7:55:46:
74:d5:55:f2:98:c6:80:bd:80:61:16:9b:55:dc:13:b2:82:e4:
1e:3b:72:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXdOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDAyMTAwNTM0WhcNMjUwNDE0MTAwNTM0WjAYMRYw
FAYDVQQDEw02N2VkMGJmMy05M2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3M/qDcBzwzzLpiKTUY35yEy2WokGPO47JxyWEuz2ufzyZHGiq3WPKM4k
epGkwmKjvXN1bKTWda0bHkSwMM+bmXMdqKPD5q/vojfeGqTqwkyjB6Se/EG4YGkw
E+toQeAzIsNJkqXlFEKYrLFfs6JCWSX5ypNgGEFoapEqXqBMrQ+qeV36WN0ScAOo
kjHjaMbUmABJ5+dewANr8Wv6Vobipm1GBtB0AEqYTu9AMbdZAbs/wdV76PKWef7V
2gdxXYfMOeknvTXKn+UEtXAnltV3RfBIb3r2VoY9l4S0aPs1QslMJL8M/9jPqMHK
HGBl17toQrmV4N7cFojCqnXx2cmpuQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK50
wqH1QtH8VK04Oywb0xELZStJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNzIwODA0ODBGQUExMUYwODg1NTZGNjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlYIMA0GCSqGSIb3DQEB
CwUAA4IBAQAd/MUYxuNT3cUtKKNvXtTAz6mamGxFng+dPNnQD/xiwEckAUj0mtEP
hfwVlr0aA708LNuwVOmnUvUV31/M3exbQ1xyWNkwGqzFrGU+2VKu3cHw8iAVVFul
ShuMNJfjjI65ZpYEHbq9CcyLgpRHXFqRCsY1WkQyWDKBCQ+9eiZ1K4xFOXMPhsQ4
c9QIYtituC7MNyGUGpR8Y0178vfRGrJq2/smHOq0EKU+5mlD6B/TD7woj2qjP1e3
KodTE/8tuo+7Tvw5KZIn2L7Cf3U7Hr4laI4ESBpqeLgbDZ1cKDcXb5Eq6dl2bgvH
VUZ01VXymMaAvYBhFptV3BOyguQeO3LK
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:05:54 2025 by rpki-client