Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2199B72EF4A611EFB1059485762E951A.roa
File: 2199B72EF4A611EFB1059485762E951A.roa (raw, json)
Hash identifier: Fo/v42Sd/QNL/eQEo9t/6z3qiHNIBpXM1APa/T5UXKY=
Subject key identifier: 3B:8A:A5:E7:63:91:69:A1:C4:39:65:02:03:7C:BD:54:17:99:07:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01661B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2199B72EF4A611EFB1059485762E951A.roa
Signing time: Thu 27 Feb 2025 00:59:44 +0000
ROA not before: Thu 27 Feb 2025 00:00:40 +0000
ROA not after: Thu 19 Feb 2026 00:00:40 +0000
asID: 984
IP address blocks: 154.200.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91675 (0x1661b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 00:00:40 2025 GMT
Not After : Feb 19 00:00:40 2026 GMT
Subject: CN=67bfb900-1057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:01:6e:53:de:ae:68:74:31:8a:59:74:18:eb:
2b:a4:4e:e8:6a:8f:5d:7d:47:d0:75:16:a3:76:9b:
6d:3a:b0:a8:45:c6:f2:b8:9b:b5:4b:81:8e:ed:ea:
47:74:1c:08:26:f5:a2:8f:d5:76:f1:33:cb:39:18:
32:67:d5:01:a2:89:b5:24:c5:c7:48:9a:d2:70:b1:
71:ef:bf:60:c5:f0:18:98:4d:85:4d:06:a3:30:15:
79:b2:c2:18:06:43:2f:22:0f:a8:cc:6c:52:13:48:
d1:16:8a:35:8a:bd:7d:fa:8f:83:78:e5:9d:7d:6c:
ab:80:e6:25:4a:7a:8b:95:94:cc:35:ba:7f:b2:65:
1e:c5:45:94:8b:ca:f3:91:ff:c1:5f:03:9b:ad:0d:
2f:87:37:77:10:19:b3:60:3f:d7:b6:0c:31:77:7b:
3a:99:7c:39:26:f1:7e:f8:7b:77:37:85:cb:79:1a:
79:1c:3d:64:dc:bc:09:48:9b:cb:45:f0:6f:fc:5b:
f9:39:cc:7f:de:b2:53:6c:4a:66:51:66:51:0c:0b:
08:e1:d6:f3:fa:e8:fb:05:36:bf:47:0b:09:d6:38:
e9:02:dd:f8:60:20:4c:f4:e6:b4:59:3c:73:e7:3e:
96:5e:03:6c:cb:a1:55:54:d8:7a:28:18:70:74:26:
31:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8A:A5:E7:63:91:69:A1:C4:39:65:02:03:7C:BD:54:17:99:07:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2199B72EF4A611EFB1059485762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.68.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:20:41:89:18:35:8b:26:9d:1d:a0:27:d8:b8:63:17:c1:f7:
5a:47:29:bf:62:83:6a:f3:9d:00:2b:84:ef:86:62:5b:a6:58:
c5:3b:af:a5:3a:f2:c5:4d:05:aa:96:cc:ab:75:0c:49:dd:e4:
21:36:eb:cb:61:b7:66:4f:a0:2a:69:83:87:03:70:81:79:56:
4e:f0:56:0a:dc:af:4b:bd:17:4f:34:16:fc:07:e1:48:6f:67:
1e:65:55:cd:a5:7a:c6:94:b2:24:25:9a:1d:da:9d:a4:74:a4:
b6:99:74:eb:fb:2e:d8:e4:a5:48:a2:34:10:68:f9:7a:ff:f0:
50:af:96:20:b3:ff:5a:f5:e4:a7:1a:92:69:42:a4:2a:5d:67:
2b:ad:08:2e:8b:d0:0f:50:5d:90:1e:73:c5:6e:43:81:94:a3:
68:dd:1c:00:69:24:ee:31:83:51:f7:af:4e:79:37:74:e3:45:
71:da:91:45:19:85:32:b3:cd:ca:5e:83:f4:6d:7c:01:29:4f:
ce:74:08:b3:27:9b:b2:ba:96:77:58:9b:c5:36:30:89:e6:69:
a6:34:8b:d0:dd:56:77:ac:ac:6f:53:9a:e5:89:70:6d:cb:cb:
63:86:4d:dd:1d:01:55:cf:c4:89:4b:1c:61:bf:65:ec:4d:52:
1b:2b:a5:b7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWYbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDAwMDQwWhcNMjYwMjE5MDAwMDQwWjAYMRYw
FAYDVQQDEw02N2JmYjkwMC0xMDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuQFuU96uaHQxill0GOsrpE7oao9dfUfQdRajdpttOrCoRcbyuJu1S4GO
7epHdBwIJvWij9V28TPLORgyZ9UBoom1JMXHSJrScLFx779gxfAYmE2FTQajMBV5
ssIYBkMvIg+ozGxSE0jRFoo1ir19+o+DeOWdfWyrgOYlSnqLlZTMNbp/smUexUWU
i8rzkf/BXwObrQ0vhzd3EBmzYD/Xtgwxd3s6mXw5JvF++Ht3N4XLeRp5HD1k3LwJ
SJvLRfBv/Fv5Ocx/3rJTbEpmUWZRDAsI4dbz+uj7BTa/RwsJ1jjpAt34YCBM9Oa0
WTxz5z6WXgNsy6FVVNh6KBhwdCYxLQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDuK
pedjkWmhxDllAgN8vVQXmQfqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTk5QjcyRUY0QTYxMUVGQjEwNTk0ODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmshEMA0GCSqGSIb3DQEB
CwUAA4IBAQBuIEGJGDWLJp0doCfYuGMXwfdaRym/YoNq850AK4TvhmJbpljFO6+l
OvLFTQWqlsyrdQxJ3eQhNuvLYbdmT6AqaYOHA3CBeVZO8FYK3K9LvRdPNBb8B+FI
b2ceZVXNpXrGlLIkJZod2p2kdKS2mXTr+y7Y5KVIojQQaPl6//BQr5Ygs/9a9eSn
GpJpQqQqXWcrrQgui9APUF2QHnPFbkOBlKNo3RwAaSTuMYNR969OeTd040Vx2pFF
GYUys83KXoP0bXwBKU/OdAizJ5uyupZ3WJvFNjCJ5mmmNIvQ3VZ3rKxvU5rliXBt
y8tjhk3dHQFVz8SJSxxhv2XsTVIbK6W3
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:54 2025 by rpki-client