Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23477368F43D11EF8F0E0FB1762E951A.roa
File: 23477368F43D11EF8F0E0FB1762E951A.roa (raw, json)
Hash identifier: YUbI26RmeIA2Qc5lk8VjuwlYiK1xdbLw8sia75l+UWA=
Subject key identifier: F4:53:81:2C:CF:E4:E9:F0:04:A8:C5:01:F9:53:6F:75:1E:AA:5F:B6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01631E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23477368F43D11EF8F0E0FB1762E951A.roa
Signing time: Wed 26 Feb 2025 12:28:09 +0000
ROA not before: Wed 26 Feb 2025 12:28:06 +0000
ROA not after: Thu 19 Feb 2026 12:28:06 +0000
asID: 984
IP address blocks: 154.208.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90910 (0x1631e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:28:06 2025 GMT
Not After : Feb 19 12:28:06 2026 GMT
Subject: CN=67bf08d9-af6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:92:9e:eb:58:28:c4:47:57:b8:02:a0:8e:12:
c8:68:2f:39:9c:eb:06:3d:bb:48:08:89:45:a1:39:
8c:06:97:5d:0c:4d:62:55:98:75:b7:fc:f8:cc:9b:
88:88:e1:9a:a2:26:41:00:c5:8d:50:7c:a7:44:76:
e2:b0:1b:67:49:83:10:9f:ea:6b:6e:56:33:fb:d3:
69:03:e5:6f:bc:a5:0f:83:26:70:91:de:22:08:3f:
9e:28:2a:d3:3a:92:fa:a7:a0:9d:cc:b7:9d:f8:61:
ae:de:74:c6:46:b4:03:a6:7a:b0:4f:c5:08:fb:bb:
e7:74:e7:e3:06:c3:37:ec:7b:fa:92:f9:f3:b3:40:
91:c6:c5:78:fc:61:21:4a:ca:15:e6:37:e9:f0:2c:
15:70:65:a0:19:cb:05:75:cf:c9:f3:0e:ae:04:d4:
8e:c9:43:ac:45:8b:3f:04:d5:d0:37:00:1e:89:d5:
64:6d:6f:e6:08:d6:0f:5f:53:d7:27:01:91:74:95:
61:b9:f9:04:21:6c:40:96:63:14:ea:ed:57:27:2f:
1b:80:e0:4b:80:ee:ee:7a:45:4b:f6:0c:30:0d:fd:
22:70:6a:2c:11:08:7c:6c:9a:dd:79:cd:d7:c7:cb:
45:d0:29:fd:50:4c:70:a6:4b:f8:2e:e0:fa:a1:be:
0c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:53:81:2C:CF:E4:E9:F0:04:A8:C5:01:F9:53:6F:75:1E:AA:5F:B6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23477368F43D11EF8F0E0FB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.120.0/24
Signature Algorithm: sha256WithRSAEncryption
05:fe:bf:ec:09:b3:7f:2b:42:13:f5:f8:81:a0:2e:0a:6e:d7:
4e:9c:22:49:81:7f:2d:71:55:d3:b4:b5:c5:54:7d:c3:ea:71:
01:b4:b5:7d:1e:7e:31:55:43:bc:3c:28:b0:81:35:f3:3f:f6:
69:c6:7d:54:fd:96:11:54:01:28:54:36:9c:3f:e3:c1:1f:9f:
fd:3a:60:f3:5a:8a:ba:5c:c5:2f:db:91:1b:01:c2:0d:13:89:
62:ce:c5:a6:19:1b:84:5b:15:c4:17:f2:77:b8:ec:67:49:d0:
0b:59:20:a3:fe:71:e8:91:37:7e:4f:44:f8:39:df:29:57:84:
49:00:40:3d:e8:2d:40:4e:fc:b7:fe:42:d3:0b:b4:43:a8:15:
5f:fa:77:ae:0c:24:84:a6:e5:43:88:9f:4f:5e:dc:84:1a:89:
36:09:61:b7:a4:bb:e5:22:2f:1c:17:61:95:61:34:fe:a2:1f:
97:6c:7e:2b:60:46:15:ce:23:06:b7:ba:76:9c:bf:0e:74:d6:
cb:9e:7c:9c:54:a3:24:20:f6:1e:19:4f:cc:2a:98:8f:9d:9d:
09:f7:1a:a4:05:18:7e:58:56:9a:a5:c2:26:66:10:60:31:24:
53:0e:59:45:3e:ce:b8:7a:5d:25:44:ca:dc:8c:74:f6:e6:7f:
03:d9:90:71
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWMeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTIyODA2WhcNMjYwMjE5MTIyODA2WjAYMRYw
FAYDVQQDEw02N2JmMDhkOS1hZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3JKe61goxEdXuAKgjhLIaC85nOsGPbtICIlFoTmMBpddDE1iVZh1t/z4
zJuIiOGaoiZBAMWNUHynRHbisBtnSYMQn+prblYz+9NpA+VvvKUPgyZwkd4iCD+e
KCrTOpL6p6CdzLed+GGu3nTGRrQDpnqwT8UI+7vndOfjBsM37Hv6kvnzs0CRxsV4
/GEhSsoV5jfp8CwVcGWgGcsFdc/J8w6uBNSOyUOsRYs/BNXQNwAeidVkbW/mCNYP
X1PXJwGRdJVhufkEIWxAlmMU6u1XJy8bgOBLgO7uekVL9gwwDf0icGosEQh8bJrd
ec3Xx8tF0Cn9UExwpkv4LuD6ob4MvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPRT
gSzP5OnwBKjFAflTb3Ueql+2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMzQ3NzM2OEY0M0QxMUVGOEYwRTBGQjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtB4MA0GCSqGSIb3DQEB
CwUAA4IBAQAF/r/sCbN/K0IT9fiBoC4KbtdOnCJJgX8tcVXTtLXFVH3D6nEBtLV9
Hn4xVUO8PCiwgTXzP/Zpxn1U/ZYRVAEoVDacP+PBH5/9OmDzWoq6XMUv25EbAcIN
E4lizsWmGRuEWxXEF/J3uOxnSdALWSCj/nHokTd+T0T4Od8pV4RJAEA96C1ATvy3
/kLTC7RDqBVf+neuDCSEpuVDiJ9PXtyEGok2CWG3pLvlIi8cF2GVYTT+oh+XbH4r
YEYVziMGt7p2nL8OdNbLnnycVKMkIPYeGU/MKpiPnZ0J9xqkBRh+WFaapcImZhBg
MSRTDllFPs64el0lRMrcjHT25n8D2ZBx
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:19 2025 by rpki-client