Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DF646A0F2DF11EF9F497256762E951A.roa
File: 1DF646A0F2DF11EF9F497256762E951A.roa (raw, json)
Hash identifier: JuHxwFTba6m8iRQlYui7qcZlHhS1LtwCY/DPKU6pCDY=
Subject key identifier: 8D:52:CD:C9:B0:47:EF:24:A9:D7:18:D7:20:38:F4:49:26:20:C9:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015CAD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DF646A0F2DF11EF9F497256762E951A.roa
Signing time: Mon 24 Feb 2025 18:42:37 +0000
ROA not before: Mon 24 Feb 2025 18:42:33 +0000
ROA not after: Mon 07 Apr 2025 18:42:33 +0000
asID: 138915
IP address blocks: 154.223.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89261 (0x15cad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 24 18:42:33 2025 GMT
Not After : Apr 7 18:42:33 2025 GMT
Subject: CN=67bcbd9c-bbc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:63:6b:39:27:83:59:8b:3e:d5:06:72:df:5d:
51:6d:e8:5e:16:0b:09:8f:d0:28:dd:f7:cb:02:53:
b5:ff:49:6b:b6:2c:89:75:8c:36:dc:43:6a:28:d9:
01:3c:e1:e9:b2:23:63:45:8e:94:65:98:aa:81:d2:
f7:d9:9f:5a:98:c2:40:d0:92:39:ed:7e:c3:62:88:
99:b6:8d:37:a5:07:51:b2:b7:4c:38:9f:b2:5b:a5:
9a:f9:6b:9c:61:36:77:13:00:f5:2b:82:c5:30:7a:
0a:be:36:b4:32:fc:91:86:3a:ba:b4:d2:ba:e3:e8:
80:1f:43:1f:b0:3b:5a:81:56:04:6e:85:90:14:58:
ae:a3:1a:5c:84:1d:be:9e:6b:cb:de:e1:2f:7e:26:
06:cc:a5:cd:dc:37:ed:55:58:f5:1b:3e:6a:f9:1c:
b3:c8:28:0e:ae:30:30:2a:89:64:11:34:29:fd:4b:
2a:45:19:2f:04:80:4c:a6:c4:3e:27:45:ad:26:00:
29:e2:79:a0:e0:c2:6e:cc:5b:ff:bf:8c:f3:f9:bf:
64:b9:72:40:4b:c3:a9:34:cd:ae:1d:08:56:d7:78:
ea:90:ce:c4:b4:db:91:e1:ff:21:fe:53:e3:76:55:
28:df:41:c3:9c:f3:2d:a2:6c:b9:2d:a0:20:21:e1:
8a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:52:CD:C9:B0:47:EF:24:A9:D7:18:D7:20:38:F4:49:26:20:C9:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DF646A0F2DF11EF9F497256762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.66.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:e2:19:7f:37:42:95:3d:51:6c:c7:77:d4:8b:5e:ed:93:b0:
10:8c:a4:65:11:19:84:ca:39:12:ae:c7:72:b0:23:a2:90:57:
a3:26:04:a8:70:0b:50:72:eb:2e:8f:74:b3:11:39:d0:76:34:
24:c4:1c:21:8b:f8:b6:45:db:39:e7:7c:0c:59:26:65:cc:91:
8a:5b:1a:f8:db:81:e2:88:45:68:7a:00:2c:00:c7:a0:69:48:
35:b2:1a:42:05:7c:81:02:1c:55:35:e6:38:a4:03:5b:70:cd:
f5:16:f2:14:1b:3b:a1:2e:ce:33:b5:55:7e:46:43:3c:1e:8c:
89:1b:98:2c:a7:46:6d:54:89:fd:6b:90:38:de:ea:05:68:47:
5a:e4:3f:fc:e3:d9:81:5f:75:e2:ac:27:38:7f:e2:15:5f:b6:
47:68:21:bb:71:56:cc:e3:a1:d8:53:bb:14:c3:43:b2:72:3c:
9e:6c:1c:4b:7e:16:dd:a1:5b:2e:f2:13:81:bc:df:9a:68:5f:
54:08:ab:f6:58:24:3a:0d:5a:36:4f:1b:e3:73:be:48:d1:57:
25:1f:8b:2e:17:3f:8c:92:92:9a:f9:6e:af:99:90:22:78:d5:
b7:66:03:9a:c8:07:b9:2d:4d:e2:a0:30:3e:07:df:7f:10:d4:
2b:29:de:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVytMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTg0MjMzWhcNMjUwNDA3MTg0MjMzWjAYMRYw
FAYDVQQDEw02N2JjYmQ5Yy1iYmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArmNrOSeDWYs+1QZy311RbeheFgsJj9Ao3ffLAlO1/0lrtiyJdYw23ENq
KNkBPOHpsiNjRY6UZZiqgdL32Z9amMJA0JI57X7DYoiZto03pQdRsrdMOJ+yW6Wa
+WucYTZ3EwD1K4LFMHoKvja0MvyRhjq6tNK64+iAH0MfsDtagVYEboWQFFiuoxpc
hB2+nmvL3uEvfiYGzKXN3DftVVj1Gz5q+RyzyCgOrjAwKolkETQp/UsqRRkvBIBM
psQ+J0WtJgAp4nmg4MJuzFv/v4zz+b9kuXJAS8OpNM2uHQhW13jqkM7EtNuR4f8h
/lPjdlUo30HDnPMtomy5LaAgIeGK2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI1S
zcmwR+8kqdcY1yA49EkmIMnRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xREY2NDZBMEYyREYxMUVGOUY0OTcyNTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt9CMA0GCSqGSIb3DQEB
CwUAA4IBAQBK4hl/N0KVPVFsx3fUi17tk7AQjKRlERmEyjkSrsdysCOikFejJgSo
cAtQcusuj3SzETnQdjQkxBwhi/i2Rds553wMWSZlzJGKWxr424HiiEVoegAsAMeg
aUg1shpCBXyBAhxVNeY4pANbcM31FvIUGzuhLs4ztVV+RkM8HoyJG5gsp0ZtVIn9
a5A43uoFaEda5D/849mBX3XirCc4f+IVX7ZHaCG7cVbM46HYU7sUw0OycjyebBxL
fhbdoVsu8hOBvN+aaF9UCKv2WCQ6DVo2Txvjc75I0VclH4suFz+MkpKa+W6vmZAi
eNW3ZgOayAe5LU3ioDA+B99/ENQrKd5C
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:16:58 2025 by rpki-client