Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B99526CF43411EFA92B9471762E951A.roa
File: 0B99526CF43411EFA92B9471762E951A.roa (raw, json)
Hash identifier: lC5WVDeIPlmo/JE741Z7Bx5sUw2EaBmUk4hIstfNOY4=
Subject key identifier: DC:69:B5:63:DB:CF:75:F1:AB:0D:EC:D3:1B:48:75:F0:66:5C:0E:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01628E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B99526CF43411EFA92B9471762E951A.roa
Signing time: Wed 26 Feb 2025 11:23:04 +0000
ROA not before: Wed 26 Feb 2025 11:23:00 +0000
ROA not after: Fri 20 Feb 2026 11:23:00 +0000
asID: 984
IP address blocks: 154.199.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90766 (0x1628e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:23:00 2025 GMT
Not After : Feb 20 11:23:00 2026 GMT
Subject: CN=67bef998-f5c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5f:a0:01:ba:8e:f6:f6:cc:d1:71:35:94:96:
7f:e4:b8:1c:6a:5e:e3:82:6f:18:79:8e:65:6c:0e:
03:89:55:7c:15:c5:ce:12:7e:c7:fd:da:35:42:78:
5d:09:ff:23:8d:ef:3e:cd:2e:15:2e:d5:f1:06:5c:
83:1a:e2:89:1a:1f:c6:c7:60:eb:9d:55:bd:90:ee:
a8:b8:c5:32:33:23:e4:5b:8b:24:ff:7e:82:63:80:
94:de:60:dc:26:36:04:47:c1:bd:63:bd:56:fe:94:
c3:95:78:be:33:fd:3b:5f:68:0b:c1:c8:04:6b:61:
d3:d4:55:94:a4:82:9b:62:17:20:e5:45:69:28:e3:
dc:07:b7:91:90:a3:4b:d9:e0:75:7d:87:76:9b:22:
29:e5:37:38:3e:2e:84:f3:52:fd:f1:9a:2b:02:29:
93:ce:95:2d:93:75:0e:78:dc:a3:fa:14:5a:8a:3c:
fd:8d:be:7e:38:ca:dd:92:04:56:7b:37:c4:1c:7c:
f1:eb:41:68:06:c3:72:6f:85:26:4b:3f:16:57:cf:
96:87:8b:c2:a6:86:82:13:eb:72:db:50:f7:d3:f7:
bf:95:83:fc:86:13:0a:a0:41:b2:13:31:c2:0b:41:
5a:42:37:49:67:0d:bf:eb:94:d4:44:24:d7:0e:f2:
0b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:69:B5:63:DB:CF:75:F1:AB:0D:EC:D3:1B:48:75:F0:66:5C:0E:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B99526CF43411EFA92B9471762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.130.0/24
Signature Algorithm: sha256WithRSAEncryption
06:8e:fe:66:b1:b3:b0:2c:8d:34:e4:f5:2e:30:0b:ec:56:5e:
24:06:0c:2c:18:33:28:0a:be:16:94:56:6b:e7:37:b6:67:04:
78:1a:81:2b:ad:ed:e1:4f:54:18:45:0b:1a:66:62:19:6e:83:
fc:ab:83:d6:c5:25:f8:a7:91:e8:f2:e2:53:8c:51:52:f1:c9:
fc:16:87:e7:40:f8:8a:32:dd:ea:b5:b1:60:1d:bb:e8:e3:47:
59:ad:88:6d:1f:f2:dc:52:15:c0:67:6c:ce:5b:f3:1d:40:a8:
b8:13:d6:66:52:29:ed:bf:2f:d2:3a:da:1f:9a:6f:e4:eb:9a:
43:17:dd:95:2a:31:3a:3f:7b:e8:b0:20:46:27:0e:72:9a:1c:
29:af:0c:45:a7:a0:7a:7d:a7:7d:08:f7:a8:af:2e:c0:a1:62:
01:f8:4d:f7:ec:3f:20:14:07:f1:3b:46:29:73:fc:53:12:bd:
b4:d6:55:8c:bf:78:28:07:c3:09:05:8d:56:7d:8b:b2:9d:41:
d3:11:3a:d0:eb:31:e7:2c:7b:22:25:ff:ce:60:1d:d6:2d:b3:
85:e4:a5:4a:8d:8d:d0:4f:e9:8e:67:2a:c0:9b:be:55:0a:70:
80:6e:6c:58:b1:61:f0:44:74:22:9f:3d:33:01:6b:ae:a7:8b:
86:16:05:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWKOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTEyMzAwWhcNMjYwMjIwMTEyMzAwWjAYMRYw
FAYDVQQDEw02N2JlZjk5OC1mNWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4F+gAbqO9vbM0XE1lJZ/5Lgcal7jgm8YeY5lbA4DiVV8FcXOEn7H/do1
QnhdCf8jje8+zS4VLtXxBlyDGuKJGh/Gx2DrnVW9kO6ouMUyMyPkW4sk/36CY4CU
3mDcJjYER8G9Y71W/pTDlXi+M/07X2gLwcgEa2HT1FWUpIKbYhcg5UVpKOPcB7eR
kKNL2eB1fYd2myIp5Tc4Pi6E81L98ZorAimTzpUtk3UOeNyj+hRaijz9jb5+OMrd
kgRWezfEHHzx60FoBsNyb4UmSz8WV8+Wh4vCpoaCE+ty21D30/e/lYP8hhMKoEGy
EzHCC0FaQjdJZw2/65TURCTXDvILHQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNxp
tWPbz3Xxqw3s0xtIdfBmXA73MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQjk5NTI2Q0Y0MzQxMUVGQTkyQjk0NzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmseCMA0GCSqGSIb3DQEB
CwUAA4IBAQAGjv5msbOwLI005PUuMAvsVl4kBgwsGDMoCr4WlFZr5ze2ZwR4GoEr
re3hT1QYRQsaZmIZboP8q4PWxSX4p5Ho8uJTjFFS8cn8FofnQPiKMt3qtbFgHbvo
40dZrYhtH/LcUhXAZ2zOW/MdQKi4E9ZmUintvy/SOtofmm/k65pDF92VKjE6P3vo
sCBGJw5ymhwprwxFp6B6fad9CPeory7AoWIB+E337D8gFAfxO0Ypc/xTEr201lWM
v3goB8MJBY1WfYuynUHTETrQ6zHnLHsiJf/OYB3WLbOF5KVKjY3QT+mOZyrAm75V
CnCAbmxYsWHwRHQinz0zAWuup4uGFgUE
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:52 2025 by rpki-client