Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12652D4ECDC111EF8528D37E762E951A.roa
File: 12652D4ECDC111EF8528D37E762E951A.roa (raw, json)
Hash identifier: Z2PS9woUX8OP2wYtshm6veS92KsS1Yqmiu1NSPwkUAw=
Subject key identifier: B1:20:1A:EA:8C:02:BF:64:E7:69:BF:A0:5D:38:16:2D:8C:A2:15:C4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013712
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12652D4ECDC111EF8528D37E762E951A.roa
Signing time: Wed 08 Jan 2025 13:04:19 +0000
ROA not before: Wed 08 Jan 2025 13:04:16 +0000
ROA not after: Tue 16 Dec 2025 13:04:16 +0000
asID: 984
IP address blocks: 154.200.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79634 (0x13712)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 13:04:16 2025 GMT
Not After : Dec 16 13:04:16 2025 GMT
Subject: CN=677e77d3-9d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8e:0b:69:a7:08:ff:a9:81:f1:f4:6a:bc:1d:
1b:fb:d6:92:ca:f8:58:68:b0:01:35:3e:c7:41:3d:
18:2d:12:79:d1:94:a3:9f:c3:58:68:83:fb:82:70:
c9:75:b8:e7:ca:08:c7:6e:b5:d4:cb:ac:d7:b8:74:
43:23:69:f9:ab:ca:ae:a2:bf:ed:4e:cc:84:6f:14:
2a:40:ea:78:b9:23:75:0c:a2:21:f1:d2:ac:98:71:
c5:82:0e:6e:8b:fc:03:66:b8:62:92:6e:4c:89:b0:
3f:1c:1b:96:10:85:92:34:02:d8:a8:46:70:38:8c:
e5:70:8c:84:87:6e:e8:fc:94:67:cc:d6:81:a8:f7:
ab:86:a7:0c:90:a1:b2:18:cd:24:d4:e6:8c:a4:0a:
75:31:2f:4f:2a:41:07:ea:91:9a:78:f4:c4:af:3b:
9d:26:d5:a8:b2:c3:f5:12:94:74:f3:2d:ef:26:96:
9c:28:58:2f:e9:1c:e1:00:1a:1a:30:58:34:4a:64:
0f:96:ca:9f:56:32:8a:97:8d:24:c8:e0:8b:ff:18:
02:0e:2a:ad:bb:f8:31:ba:ee:f1:54:b5:ab:31:40:
a7:26:6e:f6:65:37:a6:3d:af:33:19:07:b9:43:9a:
bb:fd:c6:40:48:4e:2d:ec:b7:56:9c:74:28:ef:26:
72:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:20:1A:EA:8C:02:BF:64:E7:69:BF:A0:5D:38:16:2D:8C:A2:15:C4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12652D4ECDC111EF8528D37E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.232.0/24
Signature Algorithm: sha256WithRSAEncryption
82:92:c5:c4:80:48:df:6f:8c:6a:f3:9b:61:fe:7b:a5:44:f8:
97:73:9c:5a:b5:e4:c9:27:5c:81:23:a3:91:c5:f5:a2:03:f8:
2e:fb:f7:06:1b:c9:d2:61:18:d5:9f:69:66:de:9e:dc:70:51:
43:23:04:bc:45:37:85:21:7b:7d:f9:76:5c:43:05:5d:13:fc:
71:8f:ea:f2:38:77:6d:aa:f1:ed:d4:69:5a:53:22:ea:35:b1:
33:df:01:a6:a3:3b:0f:52:54:06:b9:b6:64:0c:67:eb:75:a4:
35:c8:a4:99:73:61:d0:bc:85:e1:06:0a:c1:7a:0a:01:03:2a:
ca:44:dd:29:6b:d7:d0:60:63:62:58:67:6f:e6:7d:85:a4:b2:
ac:b7:d0:09:a0:09:e8:9d:6c:b7:b2:ed:a1:73:d4:e7:de:bb:
48:b6:a1:c8:dd:fb:a4:0f:d8:a0:4c:7c:69:12:79:b6:2a:c6:
84:b0:a6:d1:94:e5:c7:24:f0:31:db:53:97:cc:55:a7:08:73:
a6:d3:cb:f8:85:67:e3:6c:08:79:0d:ed:bf:91:df:77:f2:3f:
32:bf:e6:9a:16:f1:b9:cd:c4:42:fc:f5:4f:1f:08:8e:f5:93:
8b:78:71:e8:c5:b8:cb:fb:b2:d2:cf:2a:84:3a:d4:41:69:80:
c2:1a:62:66
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATcSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTMwNDE2WhcNMjUxMjE2MTMwNDE2WjAYMRYw
FAYDVQQDEw02NzdlNzdkMy05ZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuY4LaacI/6mB8fRqvB0b+9aSyvhYaLABNT7HQT0YLRJ50ZSjn8NYaIP7
gnDJdbjnygjHbrXUy6zXuHRDI2n5q8quor/tTsyEbxQqQOp4uSN1DKIh8dKsmHHF
gg5ui/wDZrhikm5MibA/HBuWEIWSNALYqEZwOIzlcIyEh27o/JRnzNaBqPerhqcM
kKGyGM0k1OaMpAp1MS9PKkEH6pGaePTErzudJtWossP1EpR08y3vJpacKFgv6Rzh
ABoaMFg0SmQPlsqfVjKKl40kyOCL/xgCDiqtu/gxuu7xVLWrMUCnJm72ZTemPa8z
GQe5Q5q7/cZASE4t7LdWnHQo7yZyRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLEg
GuqMAr9k52m/oF04Fi2MohXEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMjY1MkQ0RUNEQzExMUVGODUyOEQzN0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjoMA0GCSqGSIb3DQEB
CwUAA4IBAQCCksXEgEjfb4xq85th/nulRPiXc5xateTJJ1yBI6ORxfWiA/gu+/cG
G8nSYRjVn2lm3p7ccFFDIwS8RTeFIXt9+XZcQwVdE/xxj+ryOHdtqvHt1GlaUyLq
NbEz3wGmozsPUlQGubZkDGfrdaQ1yKSZc2HQvIXhBgrBegoBAyrKRN0pa9fQYGNi
WGdv5n2FpLKst9AJoAnonWy3su2hc9Tn3rtItqHI3fukD9igTHxpEnm2KsaEsKbR
lOXHJPAx21OXzFWnCHOm08v4hWfjbAh5De2/kd938j8yv+aaFvG5zcRC/PVPHwiO
9ZOLeHHoxbjL+7LSzyqEOtRBaYDCGmJm
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:34:16 2025 by rpki-client