Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1301B0FAF44111EFBE19084C762E951A.roa
File: 1301B0FAF44111EFBE19084C762E951A.roa (raw, json)
Hash identifier: LKK0cwQModAp31QZH+aluvFtb3ypbHyf9v7a9+hvgLc=
Subject key identifier: 59:6F:E6:03:51:DE:25:7B:B2:D5:64:16:49:BF:F0:CE:CC:5B:41:F0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016365
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1301B0FAF44111EFBE19084C762E951A.roa
Signing time: Wed 26 Feb 2025 12:56:20 +0000
ROA not before: Wed 26 Feb 2025 12:56:16 +0000
ROA not after: Fri 20 Feb 2026 12:56:16 +0000
asID: 984
IP address blocks: 154.83.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90981 (0x16365)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:56:16 2025 GMT
Not After : Feb 20 12:56:16 2026 GMT
Subject: CN=67bf0f74-b28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f8:ae:01:9e:81:25:38:d1:b1:0b:ed:d3:6e:
d8:02:00:50:25:95:22:81:fd:e6:05:2e:79:2c:f3:
e6:1b:82:08:25:0f:07:53:35:a3:dd:1f:61:7f:5a:
2a:3c:26:57:58:5d:80:cf:94:10:41:58:eb:4a:c4:
f2:15:f8:0e:a4:07:3f:16:6f:3c:f3:73:23:d8:34:
67:95:84:47:4f:6f:72:1a:04:bf:51:93:5c:eb:d3:
d2:8f:64:68:d5:4b:60:e7:f8:69:a8:22:38:9a:ac:
13:06:7b:90:31:f0:76:59:09:42:f4:32:e4:5e:d0:
62:a4:57:46:30:ac:41:f1:d5:c1:33:15:41:68:41:
ad:1e:c3:b1:e1:d2:01:ef:9c:e5:f7:e2:80:ec:14:
4d:ce:80:ab:0d:58:51:28:a2:99:0b:7d:f9:50:47:
0c:f9:8b:3a:05:fb:55:3f:7e:84:4c:d2:73:0c:b9:
86:3c:f2:47:1c:1d:2f:6b:4d:9f:c8:f8:eb:ce:1d:
33:52:3b:a6:c9:6e:f1:d5:95:2a:45:78:a1:63:5b:
b7:17:83:8c:75:f2:9b:62:e1:6a:bd:18:c8:dd:4a:
88:8c:97:12:8b:c0:3c:a0:c1:2c:c3:bb:98:1f:79:
83:1c:f9:5a:2f:09:9a:a6:10:e9:1c:6a:a3:09:1e:
17:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:6F:E6:03:51:DE:25:7B:B2:D5:64:16:49:BF:F0:CE:CC:5B:41:F0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1301B0FAF44111EFBE19084C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.150.0/24
Signature Algorithm: sha256WithRSAEncryption
28:0b:03:e3:e1:61:f0:6b:0d:16:0b:87:28:92:b9:55:cb:f4:
06:1c:61:e3:02:b3:68:d5:dc:c5:de:dd:c2:f4:7c:46:56:71:
73:2c:2c:52:be:e8:43:9b:6d:9f:00:58:8d:7c:17:9e:61:cc:
56:1f:bc:71:03:cf:1e:cd:32:61:59:6e:cc:fe:1a:3c:e1:6e:
aa:93:90:ef:f5:c9:41:b2:70:7c:c2:f2:73:45:ee:ce:39:8b:
cb:80:3a:72:e3:e5:1d:a4:0e:d0:38:e7:b2:d3:12:a9:9b:98:
ab:6f:7f:da:dc:c8:b3:5c:be:48:ab:0b:39:38:83:25:ad:3e:
ce:a7:b4:ed:af:fe:eb:91:b8:50:25:3f:b2:02:fa:ed:37:56:
7a:9d:0e:47:85:b9:1f:ae:69:81:08:6b:75:fa:7c:16:be:3f:
34:13:4b:fd:5a:92:65:d4:14:65:55:6d:4c:3e:f2:9a:94:99:
2f:95:0a:21:57:3e:d2:2e:cc:8f:11:73:b2:39:64:00:37:b0:
39:29:b3:75:91:2e:e0:ba:67:59:a6:23:ac:4a:83:b4:69:0f:
e9:36:87:a1:3d:15:9a:83:bb:d9:0a:55:48:24:a2:3e:b2:d7:
e4:c7:dd:c1:91:2f:96:2d:36:9a:c7:85:ac:af:f5:a7:c2:10:
53:49:17:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWNlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTI1NjE2WhcNMjYwMjIwMTI1NjE2WjAYMRYw
FAYDVQQDEw02N2JmMGY3NC1iMjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyfiuAZ6BJTjRsQvt027YAgBQJZUigf3mBS55LPPmG4IIJQ8HUzWj3R9h
f1oqPCZXWF2Az5QQQVjrSsTyFfgOpAc/Fm8883Mj2DRnlYRHT29yGgS/UZNc69PS
j2Ro1Utg5/hpqCI4mqwTBnuQMfB2WQlC9DLkXtBipFdGMKxB8dXBMxVBaEGtHsOx
4dIB75zl9+KA7BRNzoCrDVhRKKKZC335UEcM+Ys6BftVP36ETNJzDLmGPPJHHB0v
a02fyPjrzh0zUjumyW7x1ZUqRXihY1u3F4OMdfKbYuFqvRjI3UqIjJcSi8A8oMEs
w7uYH3mDHPlaLwmaphDpHGqjCR4XewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFlv
5gNR3iV7stVkFkm/8M7MW0HwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMzAxQjBGQUY0NDExMUVGQkUxOTA4NEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOWMA0GCSqGSIb3DQEB
CwUAA4IBAQAoCwPj4WHwaw0WC4cokrlVy/QGHGHjArNo1dzF3t3C9HxGVnFzLCxS
vuhDm22fAFiNfBeeYcxWH7xxA88ezTJhWW7M/ho84W6qk5Dv9clBsnB8wvJzRe7O
OYvLgDpy4+UdpA7QOOey0xKpm5irb3/a3MizXL5Iqws5OIMlrT7Op7Ttr/7rkbhQ
JT+yAvrtN1Z6nQ5HhbkfrmmBCGt1+nwWvj80E0v9WpJl1BRlVW1MPvKalJkvlQoh
Vz7SLsyPEXOyOWQAN7A5KbN1kS7gumdZpiOsSoO0aQ/pNoehPRWag7vZClVIJKI+
stfkx93BkS+WLTaax4Wsr/WnwhBTSRee
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:56 2025 by rpki-client