Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FB4D3D2E2D911EF804D5367762E951A.roa
File: 1FB4D3D2E2D911EF804D5367762E951A.roa (raw, json)
Hash identifier: bwyRj4tmuFI2H6rvf5/L/eqCDjeoV6aEUFsz5r0dQT8=
Subject key identifier: BE:E3:CB:C5:AE:4D:8A:BB:89:28:25:5A:7B:22:17:0E:15:87:9D:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0150D0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FB4D3D2E2D911EF804D5367762E951A.roa
Signing time: Tue 04 Feb 2025 09:19:24 +0000
ROA not before: Tue 04 Feb 2025 09:19:20 +0000
ROA not after: Wed 30 Apr 2025 09:19:20 +0000
asID: 18229
IP address blocks: 154.210.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86224 (0x150d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 09:19:20 2025 GMT
Not After : Apr 30 09:19:20 2025 GMT
Subject: CN=67a1db9c-06e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e0:82:14:a5:27:66:94:0d:24:6f:d0:56:29:
1a:ce:f6:66:2c:68:58:ab:29:39:21:0f:71:93:ed:
f3:e3:f1:da:bd:33:4b:14:7d:8b:b8:20:e3:ae:a0:
0d:99:ba:51:d1:39:d8:b7:9e:97:f9:c8:39:ca:01:
de:48:91:d7:d0:db:42:45:5b:ed:dc:0f:78:75:95:
d1:0f:84:03:12:f5:cc:96:09:2e:73:36:27:2c:47:
1a:43:f3:9e:d1:49:73:f0:12:62:65:e7:3b:00:14:
46:c0:01:09:ba:8f:fd:fe:57:c7:37:40:33:ee:84:
5b:a0:ff:f9:69:c6:de:7f:72:6d:51:33:47:d3:7b:
00:e4:52:0f:aa:ec:f1:ed:11:6d:37:b5:6e:33:46:
f9:f1:0d:1c:f5:0e:5c:04:16:10:27:f9:37:43:94:
3c:15:93:18:a3:7b:04:a6:d5:00:87:bc:be:90:89:
54:b8:02:ba:ae:74:fa:4d:01:1f:a8:4a:db:8e:1c:
58:ba:54:f5:d6:18:2d:e2:ae:c1:e2:10:b6:b9:8c:
a0:60:18:be:ed:9a:21:d3:7f:05:0a:f9:5e:2a:36:
55:c7:ae:bd:fb:54:26:13:d3:2d:c1:0d:10:02:b4:
c9:41:b1:64:ef:0a:53:b3:cc:50:c3:d6:99:7e:cd:
00:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E3:CB:C5:AE:4D:8A:BB:89:28:25:5A:7B:22:17:0E:15:87:9D:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FB4D3D2E2D911EF804D5367762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.159.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:48:c4:30:5b:56:fe:e9:7b:f2:58:0d:77:b4:c5:f6:e1:7f:
f5:97:ba:51:0e:c6:7d:94:0c:2b:04:a5:53:2e:89:ae:86:8b:
df:dd:3a:41:ea:af:35:b1:58:68:9d:51:cd:2e:c5:c0:e3:39:
87:5e:89:35:88:94:3e:df:4f:39:c5:85:60:57:85:ac:a5:6a:
6d:8e:91:3b:50:8e:aa:ca:19:9d:45:0a:1e:cc:fd:0f:5f:c3:
73:3b:d0:60:72:97:2c:a1:cf:c0:c9:00:dc:2d:69:a3:61:3d:
e0:cd:60:d1:15:d5:51:3f:7b:a8:2f:72:d6:41:4f:02:dd:02:
9c:7f:2e:58:94:e4:ef:67:60:45:50:dd:96:90:af:b3:cd:21:
1e:0c:40:17:6a:f5:01:c4:a3:79:6e:50:27:30:1f:07:05:80:
e0:15:72:1e:91:18:4e:28:5f:68:fc:83:33:50:9e:64:5a:cd:
9c:b3:ff:ae:89:85:6c:5a:8e:69:95:d8:40:3d:c3:7c:9e:d7:
3f:0e:99:e6:8e:1f:11:e7:84:e4:6e:3f:99:24:81:a8:e5:5a:
6a:00:87:7a:fa:9a:04:57:28:cd:62:eb:93:3e:cf:09:84:45:
df:cd:d2:77:a8:d4:1a:eb:d4:bc:42:80:2f:53:57:1c:15:4a:
99:7a:bd:6b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVDQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDkxOTIwWhcNMjUwNDMwMDkxOTIwWjAYMRYw
FAYDVQQDEw02N2ExZGI5Yy0wNmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqOCCFKUnZpQNJG/QVikazvZmLGhYqyk5IQ9xk+3z4/HavTNLFH2LuCDj
rqANmbpR0TnYt56X+cg5ygHeSJHX0NtCRVvt3A94dZXRD4QDEvXMlgkuczYnLEca
Q/Oe0Ulz8BJiZec7ABRGwAEJuo/9/lfHN0Az7oRboP/5acbef3JtUTNH03sA5FIP
quzx7RFtN7VuM0b58Q0c9Q5cBBYQJ/k3Q5Q8FZMYo3sEptUAh7y+kIlUuAK6rnT6
TQEfqErbjhxYulT11hgt4q7B4hC2uYygYBi+7Zoh038FCvleKjZVx669+1QmE9Mt
wQ0QArTJQbFk7wpTs8xQw9aZfs0AXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL7j
y8WuTYq7iSglWnsiFw4Vh52CMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRkI0RDNEMkUyRDkxMUVGODA0RDUzNjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKfMA0GCSqGSIb3DQEB
CwUAA4IBAQBcSMQwW1b+6XvyWA13tMX24X/1l7pRDsZ9lAwrBKVTLomuhovf3TpB
6q81sVhonVHNLsXA4zmHXok1iJQ+3085xYVgV4WspWptjpE7UI6qyhmdRQoezP0P
X8NzO9Bgcpcsoc/AyQDcLWmjYT3gzWDRFdVRP3uoL3LWQU8C3QKcfy5YlOTvZ2BF
UN2WkK+zzSEeDEAXavUBxKN5blAnMB8HBYDgFXIekRhOKF9o/IMzUJ5kWs2cs/+u
iYVsWo5pldhAPcN8ntc/Dpnmjh8R54Tkbj+ZJIGo5VpqAId6+poEVyjNYuuTPs8J
hEXfzdJ3qNQa69S8QoAvU1ccFUqZer1r
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:41 2025 by rpki-client