Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CF5432EF42211EFB4560873762E951A.roa
File: 2CF5432EF42211EFB4560873762E951A.roa (raw, json)
Hash identifier: ePpIWda+WGB5Z+5elD2TfR5Qc/MUhvUfNOU6y69Ft3Q=
Subject key identifier: 5E:5F:DD:C9:46:6D:CB:74:92:98:5D:9C:8D:96:C4:C2:7E:0B:67:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0161AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CF5432EF42211EFB4560873762E951A.roa
Signing time: Wed 26 Feb 2025 09:15:09 +0000
ROA not before: Wed 26 Feb 2025 09:15:05 +0000
ROA not after: Thu 19 Feb 2026 09:15:05 +0000
asID: 984
IP address blocks: 154.206.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90542 (0x161ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:15:05 2025 GMT
Not After : Feb 19 09:15:05 2026 GMT
Subject: CN=67bedb9d-ae18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:55:2b:86:e9:d1:e1:d7:a8:43:55:18:ff:da:
81:ef:58:41:95:b8:8b:cc:f0:c2:59:04:d6:00:91:
76:7a:48:42:8c:74:06:1d:49:e8:61:d1:b2:b2:c7:
b9:f3:57:19:96:0e:00:83:c2:a1:aa:33:de:f8:a6:
b2:e9:c0:77:a9:72:60:95:3c:65:4f:9c:fa:1a:9e:
36:91:01:1d:f8:48:20:37:c3:06:bd:e7:ba:51:2d:
3d:40:5a:1e:28:1a:56:06:03:0d:70:9a:a5:d9:6c:
89:59:de:93:1d:89:8f:2a:ee:d5:98:89:3c:d8:36:
25:87:d9:4c:51:f9:5d:00:a8:16:d5:0f:87:1f:c0:
d1:1d:56:58:07:72:26:79:b2:b2:83:a3:89:8a:f7:
1f:18:4a:31:89:01:bf:79:70:2c:40:bb:82:4e:bc:
9b:7f:72:be:9d:da:d7:d6:27:1c:25:52:76:61:22:
4f:2e:6a:df:7f:16:7c:6e:77:68:8a:91:75:d0:8b:
9a:e8:d7:67:d6:6e:6a:72:80:f7:c1:c9:e1:03:d1:
eb:0d:13:09:ff:49:6e:2c:4f:43:2f:62:84:dd:7a:
b5:26:c9:5b:71:79:31:e2:2e:5b:15:fc:cb:2a:7c:
3b:e7:74:22:ee:65:fc:99:2f:a6:a0:27:f0:ac:a4:
b8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5F:DD:C9:46:6D:CB:74:92:98:5D:9C:8D:96:C4:C2:7E:0B:67:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CF5432EF42211EFB4560873762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.230.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:91:7d:73:1a:b9:c4:af:94:7e:22:1f:a2:c4:fa:36:97:6a:
6a:9f:9f:f3:4b:4d:d6:20:96:0b:6e:e5:14:d9:dc:7a:b0:a4:
8f:c0:94:44:7f:2b:47:ff:e2:6a:64:ef:2b:04:38:8c:d3:98:
78:e6:0c:a1:cf:80:39:6b:ca:ff:a9:d4:95:18:3d:12:20:20:
b8:6c:84:8b:74:df:dc:5c:eb:b2:55:b6:c6:8d:4e:42:31:cf:
26:41:fa:f3:e9:e5:6c:e0:0f:38:70:d6:52:42:22:7a:8a:e2:
6f:3a:76:38:04:a3:b4:13:60:42:03:a8:a6:db:eb:16:13:07:
30:f0:9f:3c:f0:ae:dd:90:87:65:28:39:7b:85:04:d2:dc:49:
8f:4a:41:3d:f3:f4:86:4b:46:e9:d7:9b:31:1b:39:68:19:8a:
6d:2a:a9:8d:ca:45:6b:7c:47:b7:2f:0f:18:65:80:3e:a1:23:
cc:5c:3d:b3:ed:2f:79:11:11:d6:fb:7c:a7:0d:4a:83:bc:b2:
ec:33:9b:41:2e:12:a7:17:ae:ea:d3:98:ad:6b:07:56:9c:ab:
18:54:4b:5e:86:c4:1e:fd:e7:b9:ae:86:6f:92:ee:a8:2f:5c:
d5:c6:97:e6:e5:4b:32:17:b3:a8:78:01:87:2e:d0:dc:82:97:
0d:5f:e8:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWGuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDkxNTA1WhcNMjYwMjE5MDkxNTA1WjAYMRYw
FAYDVQQDEw02N2JlZGI5ZC1hZTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuVUrhunR4deoQ1UY/9qB71hBlbiLzPDCWQTWAJF2ekhCjHQGHUnoYdGy
sse581cZlg4Ag8KhqjPe+Kay6cB3qXJglTxlT5z6Gp42kQEd+EggN8MGvee6US09
QFoeKBpWBgMNcJql2WyJWd6THYmPKu7VmIk82DYlh9lMUfldAKgW1Q+HH8DRHVZY
B3ImebKyg6OJivcfGEoxiQG/eXAsQLuCTrybf3K+ndrX1iccJVJ2YSJPLmrffxZ8
bndoipF10Iua6Ndn1m5qcoD3wcnhA9HrDRMJ/0luLE9DL2KE3Xq1JslbcXkx4i5b
FfzLKnw753Qi7mX8mS+moCfwrKS4GwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF5f
3clGbct0kphdnI2WxMJ+C2e1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0Y1NDMyRUY0MjIxMUVGQjQ1NjA4NzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7mMA0GCSqGSIb3DQEB
CwUAA4IBAQCNkX1zGrnEr5R+Ih+ixPo2l2pqn5/zS03WIJYLbuUU2dx6sKSPwJRE
fytH/+JqZO8rBDiM05h45gyhz4A5a8r/qdSVGD0SICC4bISLdN/cXOuyVbbGjU5C
Mc8mQfrz6eVs4A84cNZSQiJ6iuJvOnY4BKO0E2BCA6im2+sWEwcw8J888K7dkIdl
KDl7hQTS3EmPSkE98/SGS0bp15sxGzloGYptKqmNykVrfEe3Lw8YZYA+oSPMXD2z
7S95ERHW+3ynDUqDvLLsM5tBLhKnF67q05itawdWnKsYVEtehsQe/ee5roZvku6o
L1zVxpfm5UsyF7OoeAGHLtDcgpcNX+i9
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:50 2025 by rpki-client