Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C6C2AC4C93711EFA8A12896762E951A.roa
File: 1C6C2AC4C93711EFA8A12896762E951A.roa (raw, json)
Hash identifier: D3bSDv36ff5vfU7PV6ggvkZcIb/PRaUWHljsFyQcgpg=
Subject key identifier: 62:6E:84:30:9C:9E:83:01:76:17:76:BA:5D:97:70:4B:F3:40:E9:15
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0133DB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C6C2AC4C93711EFA8A12896762E951A.roa
Signing time: Thu 02 Jan 2025 18:26:41 +0000
ROA not before: Thu 02 Jan 2025 18:26:37 +0000
ROA not after: Sat 13 Dec 2025 18:26:37 +0000
asID: 984
IP address blocks: 154.222.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78811 (0x133db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 18:26:37 2025 GMT
Not After : Dec 13 18:26:37 2025 GMT
Subject: CN=6776da61-1fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:df:f3:32:e7:f8:2f:97:9e:59:94:b4:95:77:
d6:0b:58:25:be:fc:db:47:a0:b5:73:03:64:b9:9d:
9c:19:da:32:08:86:f2:d9:b6:6c:00:09:11:a9:42:
fb:b0:4c:33:13:4b:d5:9c:e6:df:2e:69:40:9d:5b:
c3:4a:03:54:d7:7b:b0:80:70:5c:18:22:ca:fa:d3:
87:86:51:6c:0a:fe:4b:73:1f:2c:fe:80:c5:71:40:
a2:6f:d2:88:18:a5:07:52:36:7d:27:19:4e:4d:48:
6c:1a:4a:f7:bf:e8:e2:bb:55:72:6d:7d:66:5d:6d:
38:7d:c3:95:74:c5:a0:4c:d5:64:ff:78:d7:9c:79:
3c:22:1d:64:57:14:30:5d:9e:50:0e:80:07:d6:66:
55:37:dd:41:3f:a0:1f:e7:83:b9:55:27:de:53:5b:
08:d9:bc:da:e0:08:51:69:3d:1b:ff:3d:65:9c:82:
c9:af:23:3b:b8:ed:c0:31:0c:cd:c8:a8:3c:ed:1c:
bd:b1:58:29:85:53:5c:e2:6e:10:00:8b:7b:8b:68:
e2:17:82:85:86:ee:c5:1a:b7:1a:3c:33:71:df:6e:
a5:6a:15:0c:a6:3a:19:cb:98:68:6a:9a:87:b6:9f:
fb:7d:14:73:d7:a1:6b:cc:4e:bc:d8:fe:c5:89:4b:
0a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6E:84:30:9C:9E:83:01:76:17:76:BA:5D:97:70:4B:F3:40:E9:15
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C6C2AC4C93711EFA8A12896762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.189.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:53:b1:71:58:dc:cb:e3:22:b3:20:fc:16:6c:07:95:55:5d:
fe:bf:e8:80:bb:ce:db:67:55:95:ca:5f:67:6a:7e:3b:33:60:
9b:cc:9b:f5:e4:25:a6:ea:c6:e0:1b:20:6b:2c:8b:2b:cc:e2:
8b:ee:da:cc:e4:f1:4c:43:bf:1d:13:14:01:d2:fb:ec:af:ac:
f6:e5:b8:c1:2a:0d:f4:6e:79:6b:64:cf:80:ca:5e:dc:d5:2c:
82:7e:88:c3:c1:f8:30:93:9a:0c:09:34:e7:78:0e:e0:0a:50:
53:02:19:43:61:20:d5:bf:2c:ab:10:bb:29:85:61:17:3d:e6:
7c:78:b3:06:8c:a0:02:c0:82:a8:4e:1a:fd:6c:0a:3d:15:72:
0a:b6:71:35:5b:2d:9d:79:7b:d8:c0:11:56:46:25:5f:1a:ad:
06:7b:16:84:7b:08:fa:8c:86:28:96:cb:a6:82:ea:18:80:4e:
9d:2e:9d:68:1d:85:87:e9:5f:f3:26:dc:b2:88:af:bf:60:4c:
2e:92:d3:9e:ef:55:bc:d2:76:9a:ee:27:8f:68:f0:33:cd:77:
93:a0:0a:c9:b6:9a:ad:d5:a6:68:f2:7d:7e:73:f6:19:77:56:
3f:64:bb:5b:08:42:cf:79:b6:86:c9:5f:7f:a8:1d:97:06:e0:
a9:d2:cb:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATPbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTgyNjM3WhcNMjUxMjEzMTgyNjM3WjAYMRYw
FAYDVQQDEw02Nzc2ZGE2MS0xZmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxt/zMuf4L5eeWZS0lXfWC1glvvzbR6C1cwNkuZ2cGdoyCIby2bZsAAkR
qUL7sEwzE0vVnObfLmlAnVvDSgNU13uwgHBcGCLK+tOHhlFsCv5Lcx8s/oDFcUCi
b9KIGKUHUjZ9JxlOTUhsGkr3v+jiu1VybX1mXW04fcOVdMWgTNVk/3jXnHk8Ih1k
VxQwXZ5QDoAH1mZVN91BP6Af54O5VSfeU1sI2bza4AhRaT0b/z1lnILJryM7uO3A
MQzNyKg87Ry9sVgphVNc4m4QAIt7i2jiF4KFhu7FGrcaPDNx326lahUMpjoZy5ho
apqHtp/7fRRz16FrzE682P7FiUsKDQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGJu
hDCcnoMBdhd2ul2XcEvzQOkVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQzZDMkFDNEM5MzcxMUVGQThBMTI4OTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt69MA0GCSqGSIb3DQEB
CwUAA4IBAQAfU7FxWNzL4yKzIPwWbAeVVV3+v+iAu87bZ1WVyl9nan47M2CbzJv1
5CWm6sbgGyBrLIsrzOKL7trM5PFMQ78dExQB0vvsr6z25bjBKg30bnlrZM+Ayl7c
1SyCfojDwfgwk5oMCTTneA7gClBTAhlDYSDVvyyrELsphWEXPeZ8eLMGjKACwIKo
Thr9bAo9FXIKtnE1Wy2deXvYwBFWRiVfGq0GexaEewj6jIYolsumguoYgE6dLp1o
HYWH6V/zJtyyiK+/YEwuktOe71W80naa7iePaPAzzXeToArJtpqt1aZo8n1+c/YZ
d1Y/ZLtbCELPebaGyV9/qB2XBuCp0su7
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:59:45 2025 by rpki-client