Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AC53288C91F11EF9129457F762E951A.roa
File: 0AC53288C91F11EF9129457F762E951A.roa (raw, json)
Hash identifier: nuHcupw9odGlzV0O5twaBnyV0iTjOdijws44GT/g/yc=
Subject key identifier: F7:29:79:5C:D5:5C:46:78:43:B1:EC:EA:51:AB:0C:97:61:31:F2:99
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01331B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AC53288C91F11EF9129457F762E951A.roa
Signing time: Thu 02 Jan 2025 15:34:23 +0000
ROA not before: Thu 02 Jan 2025 15:34:20 +0000
ROA not after: Sat 13 Dec 2025 15:34:20 +0000
asID: 984
IP address blocks: 154.222.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78619 (0x1331b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 15:34:20 2025 GMT
Not After : Dec 13 15:34:20 2025 GMT
Subject: CN=6776b1ff-4662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:42:89:b7:8d:c5:e8:d7:a3:17:9e:84:f2:
16:e9:e6:3d:12:3a:6f:10:1b:00:a2:58:e2:f5:5f:
4b:11:90:7d:aa:89:32:a9:13:01:f4:91:ce:23:56:
b0:c9:3e:0e:55:19:9a:df:fe:c7:58:c3:ba:dc:25:
a8:a8:fc:96:9b:61:5b:72:6d:be:26:81:94:c2:aa:
67:ef:10:d6:1e:d5:5f:34:e2:c6:e4:cb:88:30:5d:
e1:86:3b:38:0a:0b:b2:f5:72:54:6f:1e:41:07:94:
d5:76:bd:d8:27:91:e3:0a:66:bd:7e:3b:7a:65:18:
41:9c:1e:30:60:a4:13:09:e6:33:2c:d6:32:55:65:
92:cc:f8:f5:2d:12:dd:2e:62:85:d1:bc:10:61:c0:
a0:89:db:2d:46:4b:2c:a3:ad:fb:21:1b:79:f5:b8:
c3:16:0a:a1:23:43:b8:03:bb:18:a7:e5:39:d5:35:
73:4e:49:05:cf:8d:31:f2:c4:03:70:04:cb:91:26:
59:1f:36:cf:ae:e1:7d:e5:4e:ab:a4:24:f0:ed:d4:
1b:fd:66:1f:fa:88:dd:c4:95:51:91:9d:01:a5:d7:
ab:fd:04:4a:c4:ff:0c:a3:39:92:5f:26:a0:f9:25:
d5:6a:dd:df:72:3e:26:a9:37:e3:cc:2c:65:66:b4:
dc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:29:79:5C:D5:5C:46:78:43:B1:EC:EA:51:AB:0C:97:61:31:F2:99
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AC53288C91F11EF9129457F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.82.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:e5:5a:8b:0a:e7:47:75:ff:df:14:27:cf:f0:0c:75:11:ab:
4d:db:5b:67:85:a9:64:0f:7a:2f:04:d7:ad:e2:01:77:5f:c7:
d1:e1:08:0d:bc:ad:d0:e7:5b:99:41:d4:39:5c:75:03:c5:3e:
aa:cc:88:9b:a8:77:c6:21:47:e6:54:18:5d:e9:02:27:54:2f:
03:6c:1b:83:91:82:fa:84:19:3d:14:e1:1b:c0:69:4f:b8:61:
58:63:f1:5d:43:82:fe:ed:68:5a:e6:7c:d9:7c:4d:b2:c9:62:
ef:1a:dd:f6:80:61:6f:3a:04:13:4d:5c:ce:d9:5e:8b:17:e6:
86:52:0e:4d:d4:b2:6b:8b:82:de:ed:cf:44:7f:97:24:2a:7c:
2b:c8:18:12:18:63:f5:c9:cf:e8:99:e7:60:0e:34:5e:c9:fd:
d0:6b:54:8b:3a:48:c8:d5:e5:52:68:a7:04:d3:36:90:76:9a:
bf:b1:9a:48:b9:b7:29:c7:30:7a:a9:17:86:b8:6c:9d:0d:b9:
30:52:29:9c:38:98:54:4f:8d:1a:eb:50:c9:f2:57:95:3e:75:
ae:ff:97:de:c8:40:02:0e:49:42:08:1a:b9:3a:5c:a2:74:a7:
37:30:b3:16:fb:37:00:fe:58:57:8b:64:32:d6:ba:3d:e9:a1:
3f:c9:8d:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATMbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTUzNDIwWhcNMjUxMjEzMTUzNDIwWjAYMRYw
FAYDVQQDEw02Nzc2YjFmZi00NjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqbVCibeNxejXoxeehPIW6eY9EjpvEBsAolji9V9LEZB9qokyqRMB9JHO
I1awyT4OVRma3/7HWMO63CWoqPyWm2Fbcm2+JoGUwqpn7xDWHtVfNOLG5MuIMF3h
hjs4Cguy9XJUbx5BB5TVdr3YJ5HjCma9fjt6ZRhBnB4wYKQTCeYzLNYyVWWSzPj1
LRLdLmKF0bwQYcCgidstRksso637IRt59bjDFgqhI0O4A7sYp+U51TVzTkkFz40x
8sQDcATLkSZZHzbPruF95U6rpCTw7dQb/WYf+ojdxJVRkZ0Bpder/QRKxP8MozmS
Xyag+SXVat3fcj4mqTfjzCxlZrTcTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPcp
eVzVXEZ4Q7Hs6lGrDJdhMfKZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQUM1MzI4OEM5MUYxMUVGOTEyOTQ1N0Y3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5SMA0GCSqGSIb3DQEB
CwUAA4IBAQCK5VqLCudHdf/fFCfP8Ax1EatN21tnhalkD3ovBNet4gF3X8fR4QgN
vK3Q51uZQdQ5XHUDxT6qzIibqHfGIUfmVBhd6QInVC8DbBuDkYL6hBk9FOEbwGlP
uGFYY/FdQ4L+7Wha5nzZfE2yyWLvGt32gGFvOgQTTVzO2V6LF+aGUg5N1LJri4Le
7c9Ef5ckKnwryBgSGGP1yc/omedgDjReyf3Qa1SLOkjI1eVSaKcE0zaQdpq/sZpI
ubcpxzB6qReGuGydDbkwUimcOJhUT40a61DJ8leVPnWu/5feyEACDklCCBq5Olyi
dKc3MLMW+zcA/lhXi2Qy1ro96aE/yY2M
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:34 2025 by rpki-client