Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E96CE42F43611EFA247AC80762E951A.roa
File: 1E96CE42F43611EFA247AC80762E951A.roa (raw, json)
Hash identifier: 3atrDgdmU0dhOgZAZWX+BruBCijfhY8QPADcLdrExGE=
Subject key identifier: B5:25:43:6D:06:D1:2C:13:00:B4:A5:D4:D4:0E:B5:72:B4:6E:C9:09
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0162AA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E96CE42F43611EFA247AC80762E951A.roa
Signing time: Wed 26 Feb 2025 11:37:55 +0000
ROA not before: Wed 26 Feb 2025 11:37:50 +0000
ROA not after: Thu 19 Feb 2026 11:37:50 +0000
asID: 984
IP address blocks: 154.207.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90794 (0x162aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:37:50 2025 GMT
Not After : Feb 19 11:37:50 2026 GMT
Subject: CN=67befd13-8b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:30:a6:43:70:79:7c:17:ad:37:1a:14:ee:26:
70:50:96:80:70:43:75:e1:ce:47:cd:5a:a5:63:24:
8d:e4:19:c9:1d:e9:3a:ae:bd:99:6c:86:03:13:36:
86:c6:49:5b:2c:f5:51:86:3e:12:09:75:00:0d:6e:
3a:34:53:85:2a:8f:b7:cf:52:23:86:ad:dd:f6:60:
00:d9:e3:b8:4a:58:22:b9:e1:c2:ff:c4:e8:c2:d0:
0b:d3:04:ca:f2:5f:75:45:ef:82:73:7c:7b:44:1a:
d0:2d:f1:c2:fd:05:b6:7f:db:c7:da:67:b2:52:81:
aa:9b:d0:d8:cc:3e:42:95:f1:91:11:34:25:08:da:
a7:29:79:d5:b9:7b:bc:2a:ad:17:62:9a:27:38:ac:
ac:40:c3:a9:4a:a7:d7:11:b4:0f:ed:16:d4:05:0a:
e8:26:1a:90:74:49:33:46:1e:b5:de:cb:6a:af:ce:
a1:64:75:18:c2:87:ed:84:ff:cc:33:d2:98:fd:fc:
6b:8a:c3:6f:f2:8d:90:17:d4:3f:86:43:5b:19:7f:
30:1d:ea:2b:1b:4d:76:02:4f:4b:b3:d8:16:8d:94:
09:c9:64:a8:ac:2a:20:a0:40:63:69:af:f8:eb:4f:
56:54:b1:5b:88:eb:33:2e:f4:c3:15:2a:d5:06:1d:
e8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:25:43:6D:06:D1:2C:13:00:B4:A5:D4:D4:0E:B5:72:B4:6E:C9:09
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E96CE42F43611EFA247AC80762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.97.0/24
Signature Algorithm: sha256WithRSAEncryption
17:8e:a7:c6:09:37:ff:5b:8b:ef:ad:98:c3:e1:24:45:0b:f4:
eb:e7:8c:d2:9f:40:d1:52:09:a8:98:a5:fa:88:c9:9e:39:07:
da:4b:e9:84:2f:e5:f6:ed:b8:98:32:66:ce:8c:f6:11:81:4b:
76:81:64:59:43:91:d1:0c:98:93:a8:35:ed:4c:8e:05:7f:a3:
dc:6f:b6:c9:f2:35:84:1e:99:f4:8c:b4:7b:a2:ee:6c:10:9e:
da:1e:5d:86:63:01:bd:fc:79:34:56:9e:ac:0f:67:e1:9d:9b:
a2:9e:28:9f:45:ed:9e:46:24:8e:30:d7:9b:ab:20:d8:9e:75:
b2:e2:03:63:7c:f1:70:72:51:25:b8:d5:1c:3a:5d:81:ba:e2:
15:06:6d:fd:4a:d3:93:0b:b9:00:11:9a:cc:0d:47:c6:2b:37:
10:3e:71:88:c6:bd:04:94:f5:cb:d2:a7:a7:27:43:99:5c:3b:
11:5f:99:fe:9b:ed:1b:a7:56:98:0d:5f:f5:5e:81:33:b9:25:
f1:3e:32:5f:81:17:54:d7:7f:fa:c8:ad:8d:67:93:a0:5c:26:
f2:5d:0e:f2:8c:d2:f6:44:73:79:64:db:d8:22:65:ba:fb:1d:
7d:7d:c1:52:12:fb:72:7f:6d:98:f6:3c:4c:d8:95:f4:f5:a8:
8f:4e:95:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWKqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTEzNzUwWhcNMjYwMjE5MTEzNzUwWjAYMRYw
FAYDVQQDEw02N2JlZmQxMy04YjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3TCmQ3B5fBetNxoU7iZwUJaAcEN14c5HzVqlYySN5BnJHek6rr2ZbIYD
EzaGxklbLPVRhj4SCXUADW46NFOFKo+3z1Ijhq3d9mAA2eO4SlgiueHC/8TowtAL
0wTK8l91Re+Cc3x7RBrQLfHC/QW2f9vH2meyUoGqm9DYzD5ClfGRETQlCNqnKXnV
uXu8Kq0XYponOKysQMOpSqfXEbQP7RbUBQroJhqQdEkzRh613stqr86hZHUYwoft
hP/MM9KY/fxrisNv8o2QF9Q/hkNbGX8wHeorG012Ak9Ls9gWjZQJyWSorCogoEBj
aa/4609WVLFbiOszLvTDFSrVBh3o3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLUl
Q20G0SwTALSl1NQOtXK0bskJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRTk2Q0U0MkY0MzYxMUVGQTI0N0FDODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms9hMA0GCSqGSIb3DQEB
CwUAA4IBAQAXjqfGCTf/W4vvrZjD4SRFC/Tr54zSn0DRUgmomKX6iMmeOQfaS+mE
L+X27biYMmbOjPYRgUt2gWRZQ5HRDJiTqDXtTI4Ff6Pcb7bJ8jWEHpn0jLR7ou5s
EJ7aHl2GYwG9/Hk0Vp6sD2fhnZuiniifRe2eRiSOMNebqyDYnnWy4gNjfPFwclEl
uNUcOl2BuuIVBm39StOTC7kAEZrMDUfGKzcQPnGIxr0ElPXL0qenJ0OZXDsRX5n+
m+0bp1aYDV/1XoEzuSXxPjJfgRdU13/6yK2NZ5OgXCbyXQ7yjNL2RHN5ZNvYImW6
+x19fcFSEvtyf22Y9jxM2JX09aiPTpWk
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:22 2025 by rpki-client