Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FA205E6F42511EFBFDD0789762E951A.roa
File: 2FA205E6F42511EFBFDD0789762E951A.roa (raw, json)
Hash identifier: EMQ+onQ8jqG7sJPh8fwvZUJ2Ye2l95iQHHIMnxXdGqE=
Subject key identifier: 6B:FB:33:F3:86:BD:83:24:E2:4A:B9:5D:93:0F:59:9B:C2:44:AB:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0161E4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FA205E6F42511EFBFDD0789762E951A.roa
Signing time: Wed 26 Feb 2025 09:36:42 +0000
ROA not before: Wed 26 Feb 2025 09:36:38 +0000
ROA not after: Thu 19 Feb 2026 09:36:38 +0000
asID: 984
IP address blocks: 154.206.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90596 (0x161e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:36:38 2025 GMT
Not After : Feb 19 09:36:38 2026 GMT
Subject: CN=67bee0aa-1594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6a:f2:a2:55:a7:44:31:c3:e1:8b:5b:25:73:
b9:d9:18:fa:15:bd:0c:03:f9:b2:34:0f:18:1b:c5:
93:db:ac:84:d6:44:b0:e8:db:37:50:55:95:6b:bb:
39:97:f2:90:8c:01:b7:e3:21:0f:98:69:9c:3b:bf:
22:09:7b:ae:6a:58:f1:f0:02:a3:9d:c6:f0:c7:b8:
a4:b6:5f:59:32:33:24:56:14:a3:8b:26:2a:ec:dd:
be:a5:21:fa:25:1c:29:3f:2b:e7:d8:d5:79:5c:f0:
88:91:48:e0:8b:2a:11:a5:e3:46:a2:9c:08:fc:4b:
87:c1:8f:dd:38:34:6b:c1:f8:5f:92:48:4a:53:6e:
19:66:36:fd:ff:5d:29:73:58:41:b7:07:81:a8:50:
34:06:6e:be:94:1d:89:f7:30:62:02:33:ca:b4:98:
fa:f6:73:9f:33:4f:72:59:83:17:ba:3c:fb:51:2c:
e9:50:e3:81:17:c0:76:f4:45:e3:ba:69:85:4a:77:
31:bc:f8:db:e4:44:eb:5b:4c:af:f8:9d:f0:01:e9:
53:0a:f6:9f:8e:00:d6:c2:57:c4:0d:ca:67:49:c3:
3d:75:73:d6:d2:ec:f1:d0:1b:b8:c8:78:df:8f:df:
e8:51:16:01:96:58:2f:e8:22:b7:96:82:29:a9:13:
61:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:FB:33:F3:86:BD:83:24:E2:4A:B9:5D:93:0F:59:9B:C2:44:AB:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FA205E6F42511EFBFDD0789762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.241.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ec:1f:c9:b3:bd:f7:a6:9b:73:ba:62:18:6c:50:f0:2b:c2:
18:c6:3a:87:a2:1b:f4:dd:44:9e:40:b9:22:36:51:95:3b:c2:
a3:ed:b8:e6:8b:85:b0:39:1a:3d:7c:bc:4d:ff:c5:31:8f:d4:
3c:11:12:8e:87:76:21:0a:f7:da:c9:31:19:34:59:50:34:0a:
5b:b0:dc:50:67:ec:e5:98:2b:41:83:b3:20:6a:8f:36:eb:e8:
50:df:bd:78:2b:dc:04:89:48:e0:fb:89:2f:24:34:ec:bc:92:
76:fc:90:62:ed:c9:c9:1b:e9:79:06:df:5f:fb:a7:bc:34:2e:
38:76:84:8a:1b:af:96:00:05:2e:de:1b:cf:60:75:56:89:9b:
50:72:6f:f7:39:c3:57:d6:78:47:4c:27:f0:ae:c7:99:2a:eb:
cb:89:2c:e7:27:a8:2f:7d:e1:4a:05:fc:11:ec:84:64:c5:ef:
34:ca:2c:85:28:0b:eb:92:1c:56:fc:6a:a0:fa:35:fd:72:d8:
8e:79:fa:00:f9:bb:69:fb:0e:e7:58:5b:b0:0b:81:74:f7:07:
a5:b1:37:c4:f8:36:19:a5:db:54:a7:62:3d:42:6b:9f:6d:48:
4d:a3:91:b4:12:50:32:68:89:52:ec:b0:47:f0:30:b0:99:1d:
67:69:91:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWHkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDkzNjM4WhcNMjYwMjE5MDkzNjM4WjAYMRYw
FAYDVQQDEw02N2JlZTBhYS0xNTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1mryolWnRDHD4YtbJXO52Rj6Fb0MA/myNA8YG8WT26yE1kSw6Ns3UFWV
a7s5l/KQjAG34yEPmGmcO78iCXuualjx8AKjncbwx7iktl9ZMjMkVhSjiyYq7N2+
pSH6JRwpPyvn2NV5XPCIkUjgiyoRpeNGopwI/EuHwY/dODRrwfhfkkhKU24ZZjb9
/10pc1hBtweBqFA0Bm6+lB2J9zBiAjPKtJj69nOfM09yWYMXujz7USzpUOOBF8B2
9EXjummFSncxvPjb5ETrW0yv+J3wAelTCvafjgDWwlfEDcpnScM9dXPW0uzx0Bu4
yHjfj9/oURYBllgv6CK3loIpqRNhMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGv7
M/OGvYMk4kq5XZMPWZvCRKuVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRkEyMDVFNkY0MjUxMUVGQkZERDA3ODk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7xMA0GCSqGSIb3DQEB
CwUAA4IBAQCZ7B/Js733pptzumIYbFDwK8IYxjqHohv03USeQLkiNlGVO8Kj7bjm
i4WwORo9fLxN/8Uxj9Q8ERKOh3YhCvfayTEZNFlQNApbsNxQZ+zlmCtBg7Mgao82
6+hQ3714K9wEiUjg+4kvJDTsvJJ2/JBi7cnJG+l5Bt9f+6e8NC44doSKG6+WAAUu
3hvPYHVWiZtQcm/3OcNX1nhHTCfwrseZKuvLiSznJ6gvfeFKBfwR7IRkxe80yiyF
KAvrkhxW/Gqg+jX9ctiOefoA+btp+w7nWFuwC4F09welsTfE+DYZpdtUp2I9Qmuf
bUhNo5G0ElAyaIlS7LBH8DCwmR1naZG2
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:35 2025 by rpki-client