Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0967904EDFEE11EF9469B6B7762E951A.roa
File: 0967904EDFEE11EF9469B6B7762E951A.roa (raw, json)
Hash identifier: x+F+yrx/K/Hub+QDlicfOXY4Vt9E6u8y0hMUsCj5Iec=
Subject key identifier: EC:CB:9B:81:CC:E7:82:35:FF:47:6D:90:00:C4:42:42:37:BD:EE:44
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014E0F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0967904EDFEE11EF9469B6B7762E951A.roa
Signing time: Fri 31 Jan 2025 16:11:32 +0000
ROA not before: Fri 31 Jan 2025 16:11:29 +0000
ROA not after: Sat 03 Jan 2026 16:11:29 +0000
asID: 40065
IP address blocks: 154.88.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85519 (0x14e0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 31 16:11:29 2025 GMT
Not After : Jan 3 16:11:29 2026 GMT
Subject: CN=679cf634-afc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ab:7d:2a:df:ca:36:28:cd:24:dd:88:63:1d:
a6:42:60:ca:7c:7d:51:68:13:bb:75:88:28:95:02:
f6:c3:9c:98:da:f7:c0:5d:f4:a5:d0:2a:59:d3:13:
4f:cc:e5:23:f1:6b:45:88:a4:54:20:09:21:e9:31:
9e:a8:60:6f:83:90:81:2e:60:cb:fc:6b:38:d8:5f:
71:eb:20:57:8e:9d:dd:67:5c:53:a5:b0:57:7b:84:
8a:41:06:1d:32:9f:1d:64:87:d1:78:07:02:35:c0:
27:10:c2:03:62:a1:a5:29:09:16:2e:6e:42:ce:32:
9e:5a:23:a8:d5:5d:06:82:5e:f1:e9:70:6c:dd:12:
c8:99:ce:4a:db:ab:36:42:f4:11:15:18:93:af:83:
66:f3:a5:06:f2:14:f9:b9:48:70:e1:ee:57:13:5a:
9d:81:1b:2c:b0:9d:79:d2:9f:d1:d3:a8:d2:73:9f:
63:bd:e5:76:49:a7:17:15:29:d5:cf:de:bc:23:e1:
08:48:e8:2b:fd:6d:9a:73:3b:94:16:21:c1:a3:22:
be:ab:ef:37:14:24:3d:e0:72:b6:8d:6d:04:1c:14:
b7:69:aa:be:3a:50:a4:02:7b:5b:5f:5e:c9:21:e5:
96:07:5b:ae:8d:0e:ef:33:6f:ba:92:84:c9:fb:5c:
b7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CB:9B:81:CC:E7:82:35:FF:47:6D:90:00:C4:42:42:37:BD:EE:44
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0967904EDFEE11EF9469B6B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.12.0/22
Signature Algorithm: sha256WithRSAEncryption
d5:fc:0d:b6:98:7e:06:0d:6e:3c:42:0c:72:0d:2d:1f:c2:78:
78:85:db:72:14:7b:18:70:83:8e:83:3e:7e:08:8a:e2:e2:e1:
20:df:b2:00:73:78:4d:e4:24:83:2c:e1:80:a3:88:c2:9d:01:
df:14:34:60:43:3b:98:72:1e:05:84:71:49:12:77:77:7e:18:
06:48:81:4d:8e:64:94:fc:48:12:1a:5e:fa:02:f5:47:bd:b3:
7e:3f:10:65:b0:7e:20:2c:ea:32:98:3c:04:f1:d4:df:0a:ac:
dd:ea:9d:74:ce:37:71:0f:a4:4d:d8:42:4e:2e:e0:7c:9a:69:
f1:43:10:0f:7f:1d:a1:3b:50:37:c5:e9:55:8a:4c:39:1f:ac:
42:d1:a9:14:0a:3e:54:28:76:fe:c4:4e:89:02:06:d8:d0:ef:
30:97:b7:13:4a:9d:10:bf:8b:1d:6c:b2:c5:1f:c9:89:c4:a1:
82:2f:84:30:58:82:65:48:bb:32:d9:65:ac:3f:28:4d:c5:b4:
f7:82:c6:68:be:d3:f5:8c:10:15:89:4c:2e:4c:e3:6a:87:96:
3b:bb:66:e9:15:58:29:0b:d5:05:2e:99:33:f2:b4:bf:1f:7f:
01:8b:67:0b:ed:c8:b4:07:e3:2c:93:85:8a:b1:1b:3f:9a:32:
fe:9e:97:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU4PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTYxMTI5WhcNMjYwMTAzMTYxMTI5WjAYMRYw
FAYDVQQDEw02NzljZjYzNC1hZmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv6t9Kt/KNijNJN2IYx2mQmDKfH1RaBO7dYgolQL2w5yY2vfAXfSl0CpZ
0xNPzOUj8WtFiKRUIAkh6TGeqGBvg5CBLmDL/Gs42F9x6yBXjp3dZ1xTpbBXe4SK
QQYdMp8dZIfReAcCNcAnEMIDYqGlKQkWLm5CzjKeWiOo1V0Ggl7x6XBs3RLImc5K
26s2QvQRFRiTr4Nm86UG8hT5uUhw4e5XE1qdgRsssJ150p/R06jSc59jveV2SacX
FSnVz968I+EISOgr/W2aczuUFiHBoyK+q+83FCQ94HK2jW0EHBS3aaq+OlCkAntb
X17JIeWWB1uujQ7vM2+6koTJ+1y3DQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOzL
m4HM54I1/0dtkADEQkI3ve5EMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOTY3OTA0RURGRUUxMUVGOTQ2OUI2Qjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlgMMA0GCSqGSIb3DQEB
CwUAA4IBAQDV/A22mH4GDW48QgxyDS0fwnh4hdtyFHsYcIOOgz5+CIri4uEg37IA
c3hN5CSDLOGAo4jCnQHfFDRgQzuYch4FhHFJEnd3fhgGSIFNjmSU/EgSGl76AvVH
vbN+PxBlsH4gLOoymDwE8dTfCqzd6p10zjdxD6RN2EJOLuB8mmnxQxAPfx2hO1A3
xelVikw5H6xC0akUCj5UKHb+xE6JAgbY0O8wl7cTSp0Qv4sdbLLFH8mJxKGCL4Qw
WIJlSLsy2WWsPyhNxbT3gsZovtP1jBAViUwuTONqh5Y7u2bpFVgpC9UFLpkz8rS/
H38Bi2cL7ci0B+Msk4WKsRs/mjL+npeo
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:22:21 2025 by rpki-client