Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20E17670F45411EFA3685F55762E951A.roa
File: 20E17670F45411EFA3685F55762E951A.roa (raw, json)
Hash identifier: 58t6b/0qQn1dl6zME96b/tXH9cRejtYDOC3ZOnZXbYI=
Subject key identifier: 4D:6E:04:D2:08:46:6F:91:F9:3F:C8:2B:BE:D7:A3:37:50:58:5C:9D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0164B2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20E17670F45411EFA3685F55762E951A.roa
Signing time: Wed 26 Feb 2025 15:12:44 +0000
ROA not before: Wed 26 Feb 2025 15:12:40 +0000
ROA not after: Thu 19 Feb 2026 15:12:40 +0000
asID: 984
IP address blocks: 154.210.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91314 (0x164b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 15:12:40 2025 GMT
Not After : Feb 19 15:12:40 2026 GMT
Subject: CN=67bf2f6c-51a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:31:0e:1e:04:33:ee:cf:21:d5:33:69:0f:39:
6d:f2:8f:f1:0e:82:92:10:0c:cc:c1:12:bf:71:24:
53:82:4c:84:26:e6:55:a5:7b:5c:45:ce:c1:f8:4e:
60:8f:50:d6:5d:6b:7d:d5:72:ee:7b:bb:5d:8e:02:
a0:fc:5a:ac:c4:2f:2b:1d:4d:14:e3:48:23:1b:66:
ff:1d:b1:98:0c:15:bf:db:a9:6d:3c:e6:ac:33:9c:
4f:02:cb:df:8d:ad:45:8a:d0:28:5a:51:d9:1f:1d:
eb:47:eb:17:6a:6c:78:c0:36:6d:60:3c:65:b5:3a:
25:bc:6a:e5:88:13:72:91:d2:db:c6:78:e7:d9:c4:
c6:95:7e:7f:24:fd:33:8f:03:e8:69:ce:48:67:c7:
92:36:9d:17:0b:24:ce:4f:55:4e:90:4f:bd:b8:40:
6d:0e:cf:c9:e7:03:65:35:50:15:7f:dd:58:79:52:
2a:4d:b5:a9:af:70:14:9b:05:e5:9f:42:3e:ec:3b:
5f:92:94:69:34:6f:e1:3b:3d:ec:c3:35:22:89:1e:
42:90:9c:95:49:0c:73:07:2e:f2:cd:fd:e1:64:d6:
7d:d9:1a:e3:bb:4e:44:b1:17:f2:82:64:c5:84:78:
6f:6a:e3:cc:5a:b0:65:a8:d5:f8:69:99:7f:b2:05:
52:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6E:04:D2:08:46:6F:91:F9:3F:C8:2B:BE:D7:A3:37:50:58:5C:9D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20E17670F45411EFA3685F55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.85.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:bc:28:d5:01:ab:82:b5:6c:8e:84:12:58:de:43:39:9d:50:
ab:ab:cb:8d:2e:0b:df:06:aa:4b:5c:d4:9c:c1:b1:dd:08:78:
a9:da:55:f9:32:b1:3b:f3:9b:6e:ff:ee:8d:bc:fa:8e:04:2e:
c1:35:9d:25:8f:4a:90:87:d7:3e:33:31:1f:b0:c7:ac:fa:d5:
a8:f6:9a:49:3f:2d:b4:78:16:73:54:f8:20:d9:0c:0a:4b:62:
0a:17:6b:82:45:ab:90:04:f0:7e:47:32:9b:20:8e:b0:59:72:
cc:9e:61:5e:5b:dd:5e:f1:2b:87:11:90:83:55:83:b8:b0:23:
32:d7:2f:a4:6d:a1:ed:6b:b3:9c:7d:10:db:08:8b:36:63:d9:
1c:18:e7:f6:ea:26:80:50:7f:ba:76:45:a3:df:4d:b7:8a:bc:
7e:15:9b:6c:31:33:aa:e2:e8:dd:3d:1a:8d:e7:af:7f:11:e0:
36:4c:1c:2f:b3:3d:b1:a0:17:20:90:bb:fb:b8:70:75:76:bc:
82:3c:a9:2f:0c:5f:e8:b4:94:b2:36:82:df:a8:89:dd:02:83:
9d:e8:7d:e5:2c:ff:5f:83:c8:c5:c2:1a:59:c1:1e:2b:28:28:
3d:0b:0d:8f:ac:64:83:fc:d3:71:ef:56:ce:ac:d7:47:6d:46:
cf:6b:25:6b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWSyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTUxMjQwWhcNMjYwMjE5MTUxMjQwWjAYMRYw
FAYDVQQDEw02N2JmMmY2Yy01MWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvzEOHgQz7s8h1TNpDzlt8o/xDoKSEAzMwRK/cSRTgkyEJuZVpXtcRc7B
+E5gj1DWXWt91XLue7tdjgKg/FqsxC8rHU0U40gjG2b/HbGYDBW/26ltPOasM5xP
Asvfja1FitAoWlHZHx3rR+sXamx4wDZtYDxltTolvGrliBNykdLbxnjn2cTGlX5/
JP0zjwPoac5IZ8eSNp0XCyTOT1VOkE+9uEBtDs/J5wNlNVAVf91YeVIqTbWpr3AU
mwXln0I+7DtfkpRpNG/hOz3swzUiiR5CkJyVSQxzBy7yzf3hZNZ92Rrju05EsRfy
gmTFhHhvauPMWrBlqNX4aZl/sgVSlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE1u
BNIIRm+R+T/IK77XozdQWFydMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMEUxNzY3MEY0NTQxMUVGQTM2ODVGNTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJVMA0GCSqGSIb3DQEB
CwUAA4IBAQCfvCjVAauCtWyOhBJY3kM5nVCrq8uNLgvfBqpLXNScwbHdCHip2lX5
MrE785tu/+6NvPqOBC7BNZ0lj0qQh9c+MzEfsMes+tWo9ppJPy20eBZzVPgg2QwK
S2IKF2uCRauQBPB+RzKbII6wWXLMnmFeW91e8SuHEZCDVYO4sCMy1y+kbaHta7Oc
fRDbCIs2Y9kcGOf26iaAUH+6dkWj3023irx+FZtsMTOq4ujdPRqN569/EeA2TBwv
sz2xoBcgkLv7uHB1dryCPKkvDF/otJSyNoLfqIndAoOd6H3lLP9fg8jFwhpZwR4r
KCg9Cw2PrGSD/NNx71bOrNdHbUbPayVr
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:37:58 2025 by rpki-client