Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1013D5B8E2D411EFA1980C47762E951A.roa
File: 1013D5B8E2D411EFA1980C47762E951A.roa (raw, json)
Hash identifier: fEqRM83qIlW+4TNf1knxiQGmcIUHFmLfJ/tTRvcPyAc=
Subject key identifier: CE:4A:11:26:44:AC:09:A6:60:C6:A3:20:07:E2:04:B8:57:13:33:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0150B2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1013D5B8E2D411EFA1980C47762E951A.roa
Signing time: Tue 04 Feb 2025 08:43:10 +0000
ROA not before: Tue 04 Feb 2025 08:43:07 +0000
ROA not after: Wed 30 Apr 2025 08:43:07 +0000
asID: 18229
IP address blocks: 154.210.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86194 (0x150b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 08:43:07 2025 GMT
Not After : Apr 30 08:43:07 2025 GMT
Subject: CN=67a1d31e-79c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:91:6d:35:4e:2b:61:18:95:7a:8d:b9:dc:17:
76:4c:e9:e4:a2:bc:f0:55:ae:b5:d3:bb:ed:ce:9b:
13:a7:51:2c:1b:23:07:3f:fa:c8:ef:ff:7f:ce:ef:
72:23:f8:94:ae:01:b8:23:fa:d4:b4:c5:76:a4:67:
e8:be:c9:b9:be:0b:46:38:00:fb:61:f8:39:8b:19:
81:eb:ac:1b:b2:5f:4e:ac:02:c2:b9:1e:95:cc:ce:
31:dc:2d:cb:a8:f5:84:e9:b8:ca:2f:51:c8:35:c5:
8d:7a:fa:f4:96:87:c5:62:de:6c:53:9e:07:f2:67:
dc:6e:ca:25:a0:95:ff:be:0b:4f:78:f4:9a:2f:ed:
8a:a2:ae:23:cb:06:8f:ad:5a:14:f1:b9:7a:85:64:
c5:8a:4d:dc:70:00:2f:94:f4:77:1e:6f:c2:a0:dc:
cb:b2:c0:93:43:29:fa:13:51:03:be:23:f6:89:c3:
1e:3e:2c:77:7d:ed:17:37:03:5a:5b:80:33:73:20:
8a:31:54:e5:de:8f:50:e0:a8:13:03:8d:40:ca:40:
d5:d4:89:9f:7a:57:13:e1:ec:20:9c:25:74:2d:a7:
99:b8:bb:3f:c1:c8:72:e0:43:3e:d7:db:f1:27:45:
76:96:c6:9c:a1:af:71:8d:20:65:47:37:03:5b:f0:
7e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4A:11:26:44:AC:09:A6:60:C6:A3:20:07:E2:04:B8:57:13:33:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1013D5B8E2D411EFA1980C47762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.206.0/24
Signature Algorithm: sha256WithRSAEncryption
13:d9:48:a1:78:13:c4:fd:57:52:84:39:5f:3f:ec:85:0f:94:
fb:30:9c:4c:87:6c:e3:d1:6d:79:2d:6c:09:b4:60:33:bb:db:
9d:76:85:0e:48:13:c6:0b:dd:9d:8c:2d:ac:73:17:bf:9b:0b:
86:e4:31:2c:85:83:87:df:20:65:d2:5c:ed:7c:11:94:80:f1:
0f:ba:82:03:18:b7:a1:0f:39:a5:c4:6d:64:e4:fe:ea:cd:47:
28:72:d3:05:88:55:22:a2:0e:a0:98:a3:af:fd:95:71:df:c2:
9a:5c:2d:35:3f:08:6b:ef:bc:76:29:96:75:84:b4:03:c9:f0:
c4:ba:28:a3:79:a7:f9:00:9c:aa:39:ac:af:5c:a0:2d:87:c2:
e7:15:73:97:33:91:0c:8a:ca:87:7d:6c:3d:b5:a6:24:2c:83:
ac:13:07:28:c9:79:4f:d7:df:27:50:a6:28:f7:57:02:ff:5a:
b2:2d:87:a6:87:5e:3c:35:87:d2:b1:c8:4b:18:ab:a6:4f:c1:
0a:ff:2a:09:75:29:ef:d6:1e:6b:e4:49:5a:16:7e:53:05:de:
8f:f0:7f:1d:59:a1:e6:ba:af:18:98:78:68:44:5f:23:50:58:
76:88:84:45:13:ce:3a:b6:79:ac:0f:55:d3:1d:f3:0b:43:dd:
3d:1a:f8:18
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVCyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDg0MzA3WhcNMjUwNDMwMDg0MzA3WjAYMRYw
FAYDVQQDEw02N2ExZDMxZS03OWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzpFtNU4rYRiVeo253Bd2TOnkorzwVa6107vtzpsTp1EsGyMHP/rI7/9/
zu9yI/iUrgG4I/rUtMV2pGfovsm5vgtGOAD7Yfg5ixmB66wbsl9OrALCuR6VzM4x
3C3LqPWE6bjKL1HINcWNevr0lofFYt5sU54H8mfcbsoloJX/vgtPePSaL+2Koq4j
ywaPrVoU8bl6hWTFik3ccAAvlPR3Hm/CoNzLssCTQyn6E1EDviP2icMePix3fe0X
NwNaW4AzcyCKMVTl3o9Q4KgTA41AykDV1ImfelcT4ewgnCV0LaeZuLs/wchy4EM+
19vxJ0V2lsacoa9xjSBlRzcDW/B+MwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM5K
ESZErAmmYMajIAfiBLhXEzOBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMDEzRDVCOEUyRDQxMUVGQTE5ODBDNDc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLOMA0GCSqGSIb3DQEB
CwUAA4IBAQAT2UiheBPE/VdShDlfP+yFD5T7MJxMh2zj0W15LWwJtGAzu9uddoUO
SBPGC92djC2scxe/mwuG5DEshYOH3yBl0lztfBGUgPEPuoIDGLehDzmlxG1k5P7q
zUcoctMFiFUiog6gmKOv/ZVx38KaXC01Pwhr77x2KZZ1hLQDyfDEuiijeaf5AJyq
OayvXKAth8LnFXOXM5EMisqHfWw9taYkLIOsEwcoyXlP198nUKYo91cC/1qyLYem
h148NYfSschLGKumT8EK/yoJdSnv1h5r5ElaFn5TBd6P8H8dWaHmuq8YmHhoRF8j
UFh2iIRFE846tnmsD1XTHfMLQ909GvgY
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:28 2025 by rpki-client