Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CDCF022F43F11EFA91274BF762E951A.roa
File: 2CDCF022F43F11EFA91274BF762E951A.roa (raw, json)
Hash identifier: eHDWHper0cIFGaFlExEFvTX8AWWr6TSwRpmDYsQrcMI=
Subject key identifier: 49:30:D5:46:B7:EE:9B:6F:D6:2E:FE:61:96:AD:DB:A3:37:78:01:D6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01633E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CDCF022F43F11EFA91274BF762E951A.roa
Signing time: Wed 26 Feb 2025 12:42:44 +0000
ROA not before: Wed 26 Feb 2025 12:42:40 +0000
ROA not after: Fri 20 Feb 2026 12:42:40 +0000
asID: 984
IP address blocks: 154.83.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 10:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90942 (0x1633e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:42:40 2025 GMT
Not After : Feb 20 12:42:40 2026 GMT
Subject: CN=67bf0c44-0c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:28:8a:3e:dc:85:14:d6:7f:4e:63:a4:6f:fe:
69:09:04:54:10:d6:08:89:e3:43:37:8e:69:cc:90:
e0:20:8d:ef:a0:ae:e5:0f:cd:94:77:86:a3:6d:80:
3b:5a:dc:d5:be:b3:ad:3e:40:2a:55:26:34:37:a5:
c4:ba:05:53:e5:9c:d1:d5:e1:c9:86:fa:77:08:a0:
d7:76:ca:60:29:e8:72:aa:85:4d:41:38:fd:c7:cf:
fc:42:7c:1e:62:f3:64:0b:2b:59:9c:fd:09:ce:8b:
86:55:b6:05:75:af:88:95:e5:00:0d:98:8b:08:0e:
0a:af:78:38:4f:d8:0b:55:e4:ee:69:88:f2:19:63:
4b:1d:77:1c:36:f5:54:4b:18:56:1c:26:da:de:ea:
bc:a2:b1:df:5e:09:b7:3f:0b:d5:b3:1a:cb:6b:54:
f1:ef:05:1d:12:d9:af:71:4a:7f:20:86:3c:8d:ef:
b6:d6:09:f4:58:e3:e9:37:cf:14:ef:3a:e7:66:32:
72:b6:a5:90:7c:73:3e:27:54:fd:ac:c5:82:d9:09:
69:85:48:57:80:7f:3d:6d:28:6b:f6:56:d2:ca:5c:
38:47:eb:5f:92:aa:e7:4a:e9:6c:d2:77:a0:96:91:
12:fd:e8:57:d9:12:cf:7d:4e:bb:14:84:77:e5:4f:
70:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:30:D5:46:B7:EE:9B:6F:D6:2E:FE:61:96:AD:DB:A3:37:78:01:D6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CDCF022F43F11EFA91274BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.140.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:de:df:a0:7d:3c:80:47:5f:9e:38:d8:6e:f5:d3:0c:f9:c0:
67:12:8a:5c:cc:94:30:00:73:28:1e:d1:6d:ab:f8:8e:82:ca:
f0:e4:10:21:2c:5c:4c:6b:27:8b:f7:ba:6d:cc:7c:e0:81:5b:
02:3d:33:75:85:d3:fb:60:70:e1:e1:3e:48:c2:5e:57:d9:a4:
ae:cf:9e:b5:0e:a5:9d:41:83:d1:bf:b8:82:7a:0d:22:89:36:
28:5e:6c:6c:e1:be:c2:48:6f:d7:cf:68:71:d5:d5:7a:1d:b9:
cb:a4:fb:7f:29:0e:02:6d:40:fe:25:4a:a0:69:b6:70:3c:56:
61:ea:82:b0:35:2b:53:a3:ef:40:1c:9c:b8:0e:a7:97:a0:38:
b2:79:35:1a:ab:6d:29:4d:ca:a4:b3:a6:fc:36:40:f8:63:34:
b6:36:7a:d9:c9:af:11:f0:cc:09:10:07:35:57:9c:3f:aa:e5:
35:2a:75:57:c4:35:8a:c4:e3:c3:3d:6e:1e:30:40:2d:eb:7a:
d0:aa:0b:5d:15:4f:31:31:dc:d7:9d:fa:39:dd:ea:8d:13:12:
0e:23:97:51:55:64:e4:27:f2:fa:79:46:b4:15:72:96:09:8e:
d6:c2:95:3a:bb:54:31:25:20:4e:00:82:a3:ed:9b:2e:ff:d8:
18:45:6d:2a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWM+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTI0MjQwWhcNMjYwMjIwMTI0MjQwWjAYMRYw
FAYDVQQDEw02N2JmMGM0NC0wYzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAryiKPtyFFNZ/TmOkb/5pCQRUENYIieNDN45pzJDgII3voK7lD82Ud4aj
bYA7WtzVvrOtPkAqVSY0N6XEugVT5ZzR1eHJhvp3CKDXdspgKehyqoVNQTj9x8/8
QnweYvNkCytZnP0JzouGVbYFda+IleUADZiLCA4Kr3g4T9gLVeTuaYjyGWNLHXcc
NvVUSxhWHCba3uq8orHfXgm3PwvVsxrLa1Tx7wUdEtmvcUp/IIY8je+21gn0WOPp
N88U7zrnZjJytqWQfHM+J1T9rMWC2QlphUhXgH89bShr9lbSylw4R+tfkqrnSuls
0neglpES/ehX2RLPfU67FIR35U9wHQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEkw
1Ua37ptv1i7+YZat26M3eAHWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0RDRjAyMkY0M0YxMUVGQTkxMjc0QkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOMMA0GCSqGSIb3DQEB
CwUAA4IBAQA63t+gfTyAR1+eONhu9dMM+cBnEopczJQwAHMoHtFtq/iOgsrw5BAh
LFxMayeL97ptzHzggVsCPTN1hdP7YHDh4T5Iwl5X2aSuz561DqWdQYPRv7iCeg0i
iTYoXmxs4b7CSG/Xz2hx1dV6HbnLpPt/KQ4CbUD+JUqgabZwPFZh6oKwNStTo+9A
HJy4DqeXoDiyeTUaq20pTcqks6b8NkD4YzS2NnrZya8R8MwJEAc1V5w/quU1KnVX
xDWKxOPDPW4eMEAt63rQqgtdFU8xMdzXnfo53eqNExIOI5dRVWTkJ/L6eUa0FXKW
CY7WwpU6u1QxJSBOAIKj7Zsu/9gYRW0q
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:50:17 2025 by rpki-client