Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09EF4810CDC211EF8A114585762E951A.roa
File: 09EF4810CDC211EF8A114585762E951A.roa (raw, json)
Hash identifier: vwNVOIzruoVUda+o7mW1HWcAEKLOtvaZfTf5cvYqRoc=
Subject key identifier: 65:FD:D8:98:2A:9B:0D:62:AF:E1:50:8C:77:E8:30:BF:01:CF:BE:5E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01371A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09EF4810CDC211EF8A114585762E951A.roa
Signing time: Wed 08 Jan 2025 13:11:15 +0000
ROA not before: Wed 08 Jan 2025 13:11:11 +0000
ROA not after: Tue 16 Dec 2025 13:11:11 +0000
asID: 984
IP address blocks: 154.200.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79642 (0x1371a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 13:11:11 2025 GMT
Not After : Dec 16 13:11:11 2025 GMT
Subject: CN=677e7972-95ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1d:59:41:4d:5f:93:58:fe:2c:30:d6:eb:ae:
8d:04:ed:57:06:88:bb:9a:dd:e2:b8:8f:91:54:9d:
52:ca:8e:7b:2f:7a:d5:8d:84:89:63:62:01:b0:62:
5a:58:86:50:c7:53:77:3c:3e:dd:6d:5c:77:55:56:
cd:0a:c3:22:3c:38:5f:c2:85:3a:d4:65:eb:81:9d:
25:a1:2a:bd:9a:d6:87:ab:d4:3d:c0:05:9d:87:72:
9b:20:7c:15:2b:79:ad:07:38:3d:49:5c:5d:36:53:
12:ef:75:e2:31:46:bf:7f:3b:14:5c:7a:0f:70:c2:
d2:5a:67:aa:e6:55:18:62:a0:43:35:90:aa:42:2b:
2f:f0:50:85:ea:17:0f:73:cc:ad:17:0a:5b:ba:8c:
06:5e:e3:ea:33:64:e9:da:29:1a:b6:69:af:ae:15:
5b:b0:0e:05:08:1e:db:a0:e4:c4:7f:ea:41:29:df:
52:db:c9:a2:9e:01:ab:09:6d:ef:b9:79:51:0e:ba:
91:22:4b:57:5b:c4:ae:5d:b9:bc:fb:33:ab:23:9c:
e0:b9:04:0b:be:a2:7c:3c:24:ac:23:f6:e9:95:83:
04:71:8b:e0:89:3e:ac:44:22:05:3d:18:cc:7f:c6:
0d:57:31:06:98:67:d6:e4:6a:c6:6e:f1:9b:e2:ae:
6f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FD:D8:98:2A:9B:0D:62:AF:E1:50:8C:77:E8:30:BF:01:CF:BE:5E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09EF4810CDC211EF8A114585762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.236.0/24
Signature Algorithm: sha256WithRSAEncryption
49:32:44:a0:b3:f1:af:ef:ad:ab:ea:7b:ac:fb:6c:5a:ea:7f:
42:ce:65:fb:e6:21:bf:67:cc:96:ed:de:32:65:43:e0:e0:7a:
88:b6:a9:8b:ea:62:2f:c5:57:20:80:ab:4a:05:f3:e7:a0:85:
09:fd:31:9e:7f:78:0b:5f:be:b5:f3:bb:ba:09:38:40:a0:bf:
68:0c:79:9e:a1:15:95:67:e7:e8:e4:16:dd:fa:a3:88:a3:a9:
74:2c:8d:94:10:cb:e2:94:fd:53:59:4f:0b:96:d9:23:f6:56:
d9:33:29:2c:61:48:21:dd:20:0d:23:6d:85:f5:67:1d:07:76:
cd:e3:30:6a:f3:c2:a2:44:80:d5:1b:32:c6:3c:d7:a8:82:10:
77:ac:e6:25:c5:8a:f6:5c:6c:52:78:52:eb:f3:81:0e:03:0b:
d4:d3:a1:a2:68:4f:7f:08:f2:b9:64:52:93:e3:94:49:d3:25:
ca:e0:cb:59:00:f1:81:6d:4c:25:b6:a8:67:fe:29:b8:37:70:
62:ed:8e:ac:5c:6b:21:4b:09:dc:c4:43:90:9b:42:c5:9a:ee:
bf:d4:ef:17:e7:ea:2f:09:17:50:4b:a2:7d:1b:3c:b8:71:40:
01:e6:88:49:8a:83:ba:18:a1:56:b4:ca:59:f8:39:88:c4:e8:
bb:75:5f:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATcaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTMxMTExWhcNMjUxMjE2MTMxMTExWjAYMRYw
FAYDVQQDEw02NzdlNzk3Mi05NWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApB1ZQU1fk1j+LDDW666NBO1XBoi7mt3iuI+RVJ1Syo57L3rVjYSJY2IB
sGJaWIZQx1N3PD7dbVx3VVbNCsMiPDhfwoU61GXrgZ0loSq9mtaHq9Q9wAWdh3Kb
IHwVK3mtBzg9SVxdNlMS73XiMUa/fzsUXHoPcMLSWmeq5lUYYqBDNZCqQisv8FCF
6hcPc8ytFwpbuowGXuPqM2Tp2ikatmmvrhVbsA4FCB7boOTEf+pBKd9S28mingGr
CW3vuXlRDrqRIktXW8SuXbm8+zOrI5zguQQLvqJ8PCSsI/bplYMEcYvgiT6sRCIF
PRjMf8YNVzEGmGfW5GrGbvGb4q5vwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGX9
2Jgqmw1ir+FQjHfoML8Bz75eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOUVGNDgxMENEQzIxMUVGOEExMTQ1ODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjsMA0GCSqGSIb3DQEB
CwUAA4IBAQBJMkSgs/Gv762r6nus+2xa6n9CzmX75iG/Z8yW7d4yZUPg4HqItqmL
6mIvxVcggKtKBfPnoIUJ/TGef3gLX76187u6CThAoL9oDHmeoRWVZ+fo5Bbd+qOI
o6l0LI2UEMvilP1TWU8Lltkj9lbZMyksYUgh3SANI22F9WcdB3bN4zBq88KiRIDV
GzLGPNeoghB3rOYlxYr2XGxSeFLr84EOAwvU06GiaE9/CPK5ZFKT45RJ0yXK4MtZ
APGBbUwltqhn/im4N3Bi7Y6sXGshSwncxEOQm0LFmu6/1O8X5+ovCRdQS6J9Gzy4
cUAB5ohJioO6GKFWtMpZ+DmIxOi7dV9b
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:38 2025 by rpki-client