Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BE2A6CEF41F11EF99847D5F762E951A.roa
File: 1BE2A6CEF41F11EF99847D5F762E951A.roa (raw, json)
Hash identifier: XCdvQPiguIVd2+5iY524N2LWqdmjpzmYKtS7u/Ti0a8=
Subject key identifier: F7:ED:A0:7D:4A:D6:F7:3B:F9:01:48:AB:48:86:07:D6:CD:6A:3B:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01617F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BE2A6CEF41F11EF99847D5F762E951A.roa
Signing time: Wed 26 Feb 2025 08:53:12 +0000
ROA not before: Wed 26 Feb 2025 08:53:08 +0000
ROA not after: Thu 19 Feb 2026 08:53:08 +0000
asID: 984
IP address blocks: 154.206.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90495 (0x1617f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 08:53:08 2025 GMT
Not After : Feb 19 08:53:08 2026 GMT
Subject: CN=67bed678-9572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cd:cf:ee:ae:20:80:3b:f3:01:85:e8:29:7a:
82:11:c6:f9:41:70:a9:57:16:48:81:31:d1:8e:c7:
5a:2e:a6:e7:2c:a9:b7:9e:20:9c:ba:75:7b:b2:11:
8f:ca:ae:18:db:56:64:3e:d4:1a:c6:91:01:9f:2b:
6d:ac:34:a1:34:a8:ab:e3:1f:b4:da:50:76:74:8e:
f6:07:e3:89:40:25:39:e1:f9:3e:c0:e4:27:df:3e:
0b:43:0a:1c:fa:b7:f0:78:45:fd:94:7c:b0:56:ff:
c4:f8:94:ea:41:39:91:b5:06:2a:d3:c7:2c:96:fb:
6a:ce:49:f6:37:6a:01:c6:87:4e:1c:3c:4a:db:64:
af:5e:e1:a9:6d:cf:06:0a:21:3d:4d:80:02:ce:3f:
21:bb:17:77:d0:7c:91:4b:b0:ed:fd:77:d5:1b:6b:
97:e5:6b:da:41:37:bb:03:64:a2:9e:0c:f3:78:f0:
3b:98:30:6a:44:ca:6d:1f:e2:d8:33:08:0c:10:0a:
ab:59:30:bf:d3:28:3c:66:aa:3e:bd:c8:2c:52:32:
89:d9:74:32:15:1d:b5:30:cd:bd:91:a6:cf:d5:fc:
0f:73:31:fe:81:6d:ae:7f:9f:73:f0:85:4d:d5:f7:
f7:2b:32:a1:23:6e:39:bb:46:30:a9:94:3e:2e:a7:
58:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:ED:A0:7D:4A:D6:F7:3B:F9:01:48:AB:48:86:07:D6:CD:6A:3B:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BE2A6CEF41F11EF99847D5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.221.0/24
Signature Algorithm: sha256WithRSAEncryption
09:0d:42:d3:44:74:a5:30:18:ae:9b:47:08:21:61:42:43:22:
ae:85:ab:fd:3d:e1:25:ce:75:fd:b1:8b:e7:91:89:44:98:12:
9f:82:76:d6:a7:5f:90:4f:fd:c2:33:ce:2c:b5:02:17:54:40:
3c:f7:f6:a7:dc:44:27:63:31:0d:ef:de:b5:d8:24:c7:25:75:
d9:05:76:71:4f:47:d4:5c:40:64:ed:71:b3:6d:9d:f5:b4:20:
3f:bc:86:33:ed:cb:67:b1:0e:36:90:42:6e:b0:c8:65:cf:38:
56:07:57:2a:22:4e:3f:90:5e:6d:8e:30:10:3d:92:f1:a1:80:
68:3c:e9:53:2e:f3:58:7c:a1:55:1c:69:02:f7:b0:a9:37:a6:
db:b9:8f:ca:09:08:91:7e:ee:8b:cc:f6:d6:b2:bc:53:29:f4:
2e:81:d2:f3:f5:a0:89:30:97:d1:a0:12:88:cb:b7:03:7e:23:
f5:4f:92:c5:94:1e:52:45:43:f3:17:46:ea:9a:aa:9b:5c:19:
34:6b:b9:22:c5:01:f0:48:e9:98:13:46:c8:0c:0c:5a:f9:8a:
36:e3:45:c3:1b:3e:52:e5:ba:bf:28:9c:f4:07:99:71:cd:93:
89:fd:c6:56:45:61:59:c0:b7:31:aa:35:8d:5e:23:eb:6f:70:
26:de:d3:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWF/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDg1MzA4WhcNMjYwMjE5MDg1MzA4WjAYMRYw
FAYDVQQDEw02N2JlZDY3OC05NTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3c3P7q4ggDvzAYXoKXqCEcb5QXCpVxZIgTHRjsdaLqbnLKm3niCcunV7
shGPyq4Y21ZkPtQaxpEBnyttrDShNKir4x+02lB2dI72B+OJQCU54fk+wOQn3z4L
Qwoc+rfweEX9lHywVv/E+JTqQTmRtQYq08cslvtqzkn2N2oBxodOHDxK22SvXuGp
bc8GCiE9TYACzj8huxd30HyRS7Dt/XfVG2uX5WvaQTe7A2SingzzePA7mDBqRMpt
H+LYMwgMEAqrWTC/0yg8Zqo+vcgsUjKJ2XQyFR21MM29kabP1fwPczH+gW2uf59z
8IVN1ff3KzKhI245u0YwqZQ+LqdY7wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPft
oH1K1vc7+QFIq0iGB9bNajuIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQkUyQTZDRUY0MUYxMUVGOTk4NDdENUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7dMA0GCSqGSIb3DQEB
CwUAA4IBAQAJDULTRHSlMBium0cIIWFCQyKuhav9PeElznX9sYvnkYlEmBKfgnbW
p1+QT/3CM84stQIXVEA89/an3EQnYzEN79612CTHJXXZBXZxT0fUXEBk7XGzbZ31
tCA/vIYz7ctnsQ42kEJusMhlzzhWB1cqIk4/kF5tjjAQPZLxoYBoPOlTLvNYfKFV
HGkC97CpN6bbuY/KCQiRfu6LzPbWsrxTKfQugdLz9aCJMJfRoBKIy7cDfiP1T5LF
lB5SRUPzF0bqmqqbXBk0a7kixQHwSOmYE0bIDAxa+Yo240XDGz5S5bq/KJz0B5lx
zZOJ/cZWRWFZwLcxqjWNXiPrb3Am3tO7
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:19 2025 by rpki-client