Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DDABD0CC92811EFADB8CFB9762E951A.roa
File: 2DDABD0CC92811EFADB8CFB9762E951A.roa (raw, json)
Hash identifier: kNhEmr3IGVPPUeXPs3CTXzXsHt5aL2eslAY5zgX+ztk=
Subject key identifier: 85:D7:9B:82:16:F9:C5:D8:E2:D2:19:FC:67:22:E1:22:BB:CB:80:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013365
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DDABD0CC92811EFADB8CFB9762E951A.roa
Signing time: Thu 02 Jan 2025 16:39:48 +0000
ROA not before: Thu 02 Jan 2025 16:39:44 +0000
ROA not after: Sat 13 Dec 2025 16:39:44 +0000
asID: 984
IP address blocks: 154.222.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78693 (0x13365)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 16:39:44 2025 GMT
Not After : Dec 13 16:39:44 2025 GMT
Subject: CN=6776c154-0f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c7:67:d2:12:59:90:98:9a:cc:9a:ed:3e:25:
e2:5d:78:89:f6:cc:1a:30:00:af:8b:8d:5f:7d:c1:
b6:8a:b0:7b:e8:e4:40:86:73:40:b7:8c:e8:e0:18:
9d:55:3a:4f:9e:57:55:c0:52:04:14:e3:64:96:eb:
af:e0:a1:15:44:5e:67:ff:d6:27:cb:66:a5:64:1e:
63:d9:7f:e2:36:aa:a1:f8:31:b1:61:bd:49:90:2d:
16:6e:6d:af:9c:db:bc:31:f5:8c:07:6d:25:74:01:
42:59:44:0c:08:59:89:d8:f1:ee:ce:1a:b3:14:5c:
7b:cf:08:f8:d6:b4:00:74:df:68:78:42:3e:ce:3f:
b7:12:f0:e5:c1:5f:54:67:b5:88:b2:25:ee:0c:5d:
23:7f:48:32:67:35:dd:d1:39:7c:56:f9:86:92:1a:
71:82:0b:fc:54:d9:b7:f7:48:f9:30:e7:23:cd:f8:
3c:ff:8f:28:9d:53:ee:e0:ba:61:ac:e1:b5:a8:2f:
cd:19:6b:25:a2:a3:f5:ca:7d:1f:c9:92:2d:0a:cb:
df:2c:4d:d9:1f:7f:07:a5:2b:9f:45:5b:32:23:0d:
5f:6d:ba:a5:2b:c1:17:31:81:3e:33:87:cb:1c:17:
76:c9:c5:fb:14:c1:b6:67:ae:c1:d3:b7:28:ce:6f:
fa:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D7:9B:82:16:F9:C5:D8:E2:D2:19:FC:67:22:E1:22:BB:CB:80:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DDABD0CC92811EFADB8CFB9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.125.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:f1:0c:0c:c0:9a:2b:e5:9c:ea:e2:51:29:43:66:33:ce:a9:
8f:91:fc:8b:20:f2:5d:f7:61:68:3c:de:48:74:28:c7:f3:46:
bb:c9:2a:73:74:97:72:0e:b0:42:ed:01:40:9b:e6:7a:07:04:
f7:b8:7c:15:5a:f2:c5:84:99:80:26:c4:3e:7a:92:12:29:71:
00:13:55:ba:b3:d1:6b:24:d6:93:fe:8d:33:fc:4a:48:0d:48:
a6:51:3e:b5:84:c3:27:03:4f:7f:e5:f9:70:a2:0a:41:9c:50:
70:44:18:f7:bf:7b:61:32:a5:c7:bc:78:5e:a5:ce:a0:8e:1c:
9e:a2:66:3b:d5:64:d6:6e:2d:db:a9:3e:22:fd:f9:c9:2c:b8:
16:25:84:05:bb:ea:db:50:79:97:d7:f5:8e:56:5b:1a:22:8c:
e3:47:fb:af:fb:a9:a7:e6:16:3a:8d:8c:ab:70:c0:62:39:ab:
10:b8:9d:75:c2:8a:87:8e:53:cb:54:a0:8e:cf:3c:c3:2f:a6:
97:34:cd:ba:c5:fd:b1:09:55:01:76:de:3d:27:5b:0e:4c:ba:
9c:bb:6b:ca:59:8f:fe:b3:f9:c5:c4:89:2f:7d:a0:ab:ee:ee:
11:0e:78:6b:04:d6:85:9c:4b:6c:ad:df:e3:34:58:3d:3e:34:
91:77:43:59
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATNlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTYzOTQ0WhcNMjUxMjEzMTYzOTQ0WjAYMRYw
FAYDVQQDEw02Nzc2YzE1NC0wZjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs8dn0hJZkJiazJrtPiXiXXiJ9swaMACvi41ffcG2irB76ORAhnNAt4zo
4BidVTpPnldVwFIEFONkluuv4KEVRF5n/9Yny2alZB5j2X/iNqqh+DGxYb1JkC0W
bm2vnNu8MfWMB20ldAFCWUQMCFmJ2PHuzhqzFFx7zwj41rQAdN9oeEI+zj+3EvDl
wV9UZ7WIsiXuDF0jf0gyZzXd0Tl8VvmGkhpxggv8VNm390j5MOcjzfg8/48onVPu
4LphrOG1qC/NGWsloqP1yn0fyZItCsvfLE3ZH38HpSufRVsyIw1fbbqlK8EXMYE+
M4fLHBd2ycX7FMG2Z67B07cozm/61QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIXX
m4IW+cXY4tIZ/Gci4SK7y4BzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRERBQkQwQ0M5MjgxMUVGQURCOENGQjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt59MA0GCSqGSIb3DQEB
CwUAA4IBAQA88QwMwJor5Zzq4lEpQ2YzzqmPkfyLIPJd92FoPN5IdCjH80a7ySpz
dJdyDrBC7QFAm+Z6BwT3uHwVWvLFhJmAJsQ+epISKXEAE1W6s9FrJNaT/o0z/EpI
DUimUT61hMMnA09/5flwogpBnFBwRBj3v3thMqXHvHhepc6gjhyeomY71WTWbi3b
qT4i/fnJLLgWJYQFu+rbUHmX1/WOVlsaIozjR/uv+6mn5hY6jYyrcMBiOasQuJ11
woqHjlPLVKCOzzzDL6aXNM26xf2xCVUBdt49J1sOTLqcu2vKWY/+s/nFxIkvfaCr
7u4RDnhrBNaFnEtsrd/jNFg9PjSRd0NZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:06:06 2025 by rpki-client