Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1105D7B0D2DE11EF8B67F75F762E951A.roa
File: 1105D7B0D2DE11EF8B67F75F762E951A.roa (raw, json)
Hash identifier: kRET4nyMnDq14PeHn6cGpYb6byIOOgo+fMT2VlxCBaE=
Subject key identifier: 44:9A:F9:DA:3E:99:1E:20:8A:C0:42:08:B1:03:66:59:31:2E:40:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B76
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1105D7B0D2DE11EF8B67F75F762E951A.roa
Signing time: Wed 15 Jan 2025 01:14:28 +0000
ROA not before: Wed 15 Jan 2025 01:14:25 +0000
ROA not after: Fri 12 Dec 2025 01:14:25 +0000
asID: 984
IP address blocks: 154.218.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80758 (0x13b76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 01:14:25 2025 GMT
Not After : Dec 12 01:14:25 2025 GMT
Subject: CN=67870bf4-7ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:01:e7:e1:fc:b2:2e:4b:6a:21:32:ed:e9:07:
82:56:57:d5:5b:c6:2a:4a:a0:d4:08:cc:cd:9e:a3:
5c:5a:c4:88:c1:b6:93:8b:9f:17:6d:c6:19:86:8d:
3f:e8:16:98:5d:78:a4:38:ba:5f:36:76:f6:39:32:
17:41:ca:39:ee:b6:39:d8:59:09:3b:e1:e1:e2:f4:
62:0e:b1:25:25:33:31:dc:c5:63:73:ed:cd:a1:18:
e5:f5:ed:5b:95:09:96:ad:f4:0d:6a:6d:b8:de:c7:
b9:a9:0f:45:71:a6:ef:22:ef:54:7f:98:4c:fa:f7:
16:0e:e2:dc:ec:4b:8a:3d:4a:44:71:6c:82:b8:60:
d1:97:75:7b:b0:62:2a:63:87:81:4e:59:d3:ec:89:
ba:4f:52:8e:47:5f:b1:18:0c:3d:31:67:7f:e0:04:
48:8f:ba:e0:a1:e0:42:b8:06:fc:2a:91:48:ea:1f:
f4:96:a7:d2:7e:53:0c:55:56:80:23:1c:63:61:7a:
47:cb:6f:09:95:6b:cf:f7:16:1e:6c:7e:57:2f:d3:
4e:f7:b9:c2:52:9a:f8:fe:08:b3:61:6a:7f:c9:a4:
83:85:9f:45:9b:54:d6:71:9a:aa:69:8c:5e:22:27:
de:c5:3c:f1:f8:14:0a:78:24:39:d8:e5:09:db:ab:
74:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9A:F9:DA:3E:99:1E:20:8A:C0:42:08:B1:03:66:59:31:2E:40:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1105D7B0D2DE11EF8B67F75F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.58.0/24
Signature Algorithm: sha256WithRSAEncryption
04:14:84:51:75:68:72:3f:29:7c:78:62:f8:05:04:ab:a5:b9:
ad:16:85:77:8c:27:26:75:7c:64:28:de:90:2a:9f:eb:b2:87:
c7:d8:72:af:73:d4:0f:fe:dd:e7:31:f4:20:08:0e:1f:9b:f9:
f2:53:c4:8e:e6:c3:cd:5d:27:24:37:71:f5:d9:fd:4a:a3:8f:
5e:0e:88:f5:e0:3b:16:ea:1b:23:69:6b:46:a5:9f:e3:00:6e:
1e:92:c5:11:05:d3:da:1f:3d:09:1f:c8:27:51:2f:00:ab:26:
f7:37:c4:2e:c7:c0:d9:57:0a:c2:ed:60:b7:93:87:6a:66:12:
9c:46:8b:84:be:9d:a5:da:85:2b:ed:3c:bf:12:e2:5d:27:2b:
b2:ee:13:0f:85:f7:76:b4:92:16:ee:71:d0:99:a1:c3:a7:6e:
03:65:f4:7f:76:d0:57:dc:44:5d:5f:30:47:8d:64:b4:0d:e7:
55:88:b3:50:9c:d2:9d:ab:12:58:09:d9:f3:ab:e5:7a:26:ac:
49:5c:0b:a1:d3:7b:d3:f3:22:d1:c2:1a:8a:53:67:9b:7c:5e:
25:09:56:bb:77:45:0f:f6:aa:95:b2:22:21:04:28:59:98:46:
97:33:bd:c3:3c:d4:44:31:66:db:f9:0a:f3:1d:71:fd:af:cd:
9b:27:37:b5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATt2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDExNDI1WhcNMjUxMjEyMDExNDI1WjAYMRYw
FAYDVQQDEw02Nzg3MGJmNC03YWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzgHn4fyyLktqITLt6QeCVlfVW8YqSqDUCMzNnqNcWsSIwbaTi58XbcYZ
ho0/6BaYXXikOLpfNnb2OTIXQco57rY52FkJO+Hh4vRiDrElJTMx3MVjc+3NoRjl
9e1blQmWrfQNam243se5qQ9FcabvIu9Uf5hM+vcWDuLc7EuKPUpEcWyCuGDRl3V7
sGIqY4eBTlnT7Im6T1KOR1+xGAw9MWd/4ARIj7rgoeBCuAb8KpFI6h/0lqfSflMM
VVaAIxxjYXpHy28JlWvP9xYebH5XL9NO97nCUpr4/gizYWp/yaSDhZ9Fm1TWcZqq
aYxeIifexTzx+BQKeCQ52OUJ26t0ZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFESa
+do+mR4gisBCCLEDZlkxLkD4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMTA1RDdCMEQyREUxMUVGOEI2N0Y3NUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmto6MA0GCSqGSIb3DQEB
CwUAA4IBAQAEFIRRdWhyPyl8eGL4BQSrpbmtFoV3jCcmdXxkKN6QKp/rsofH2HKv
c9QP/t3nMfQgCA4fm/nyU8SO5sPNXSckN3H12f1Ko49eDoj14DsW6hsjaWtGpZ/j
AG4eksURBdPaHz0JH8gnUS8Aqyb3N8Qux8DZVwrC7WC3k4dqZhKcRouEvp2l2oUr
7Ty/EuJdJyuy7hMPhfd2tJIW7nHQmaHDp24DZfR/dtBX3ERdXzBHjWS0DedViLNQ
nNKdqxJYCdnzq+V6JqxJXAuh03vT8yLRwhqKU2ebfF4lCVa7d0UP9qqVsiIhBChZ
mEaXM73DPNREMWbb+QrzHXH9r82bJze1
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:37:19 2025 by rpki-client