Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FE799B0F4A411EFBD0DB775762E951A.roa
File: 2FE799B0F4A411EFBD0DB775762E951A.roa (raw, json)
Hash identifier: c5EOp6NTKq/MgdbalKWPX02X7EA0JzMrS8vHI8VEboE=
Subject key identifier: 3C:36:B9:87:6C:86:02:6B:EF:E8:BC:6A:B2:95:9A:0E:1D:CF:48:AA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016611
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FE799B0F4A411EFBD0DB775762E951A.roa
Signing time: Thu 27 Feb 2025 00:45:49 +0000
ROA not before: Thu 27 Feb 2025 00:00:45 +0000
ROA not after: Thu 19 Feb 2026 00:00:45 +0000
asID: 984
IP address blocks: 154.200.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91665 (0x16611)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 00:00:45 2025 GMT
Not After : Feb 19 00:00:45 2026 GMT
Subject: CN=67bfb5bd-d279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:24:00:1d:d9:13:37:75:a2:6b:e5:48:7a:3a:
3d:5a:ca:71:67:ab:09:ee:b5:6e:9f:be:78:2c:e7:
20:b5:3f:7f:e6:80:1f:b2:b0:92:7d:c0:19:12:10:
de:81:fa:00:76:01:00:d2:c6:53:4c:5b:78:8c:a0:
cd:71:88:dd:d0:b9:1c:16:4f:8e:80:31:2a:55:47:
3d:73:12:59:68:f2:4d:b0:df:f3:0d:8c:5c:b6:2e:
8c:53:00:0e:c0:ba:06:3e:6a:1c:d0:24:56:5f:9c:
c9:03:a7:17:52:5e:a9:ad:1a:b5:a0:3d:2a:91:7c:
0d:5d:dc:f5:32:16:84:03:d0:a3:de:65:b9:5c:06:
62:0f:89:04:e7:99:da:c7:c5:7c:11:a1:f5:54:a4:
2b:52:30:c9:c5:b4:ef:d2:7e:7e:cb:fb:8c:ff:e7:
af:b3:1f:bf:cc:21:3f:5f:6d:d0:0a:e2:30:66:f0:
b4:3e:ad:76:f9:34:52:68:f2:3c:51:b9:a8:5d:fd:
07:85:c7:f5:83:74:d5:07:21:89:73:a7:ed:7a:31:
5b:61:f1:13:5d:ce:f4:a1:a9:13:c0:33:aa:56:f1:
91:b7:dd:c7:8f:1f:09:15:e5:c2:85:40:f7:59:10:
a8:a8:88:c4:b7:41:6b:1d:a8:69:32:62:ad:ad:85:
4f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:36:B9:87:6C:86:02:6B:EF:E8:BC:6A:B2:95:9A:0E:1D:CF:48:AA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FE799B0F4A411EFBD0DB775762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.60.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:dc:8f:4a:17:6a:d0:d4:bc:43:dd:ee:49:60:c2:fa:1d:db:
be:97:aa:43:3c:5e:a5:11:7a:ed:dd:20:04:39:e2:c3:bd:41:
df:ac:e5:31:29:0e:10:5d:f5:c8:d3:c3:59:e9:6c:62:17:c5:
e5:a8:07:15:62:69:69:a6:a2:7c:5d:c9:8e:76:48:0a:3f:9a:
3f:65:46:1f:35:eb:4e:de:c9:a4:60:58:96:e7:5d:15:8c:aa:
e8:3f:ea:91:ff:a7:c5:4f:89:63:f9:13:83:ba:bc:fc:b8:f3:
22:35:77:b7:d1:98:85:1c:d7:81:04:a0:59:b9:86:87:49:e1:
31:76:cd:1d:3d:a6:47:54:48:80:40:15:f9:b1:84:60:52:9e:
12:72:fa:e6:57:9f:29:56:69:42:d4:44:aa:4a:08:24:6f:0b:
de:ca:de:28:6e:59:87:3e:33:81:13:1a:dd:e8:99:56:01:cb:
c3:3a:68:e7:b1:9b:5f:b6:fc:fb:54:6e:d7:2b:f9:7b:d9:af:
eb:7f:65:4e:9e:4a:b6:c9:f0:71:4a:45:49:61:8c:56:ea:d2:
f7:1b:5e:80:0b:42:d3:eb:b3:95:8b:22:91:b8:30:5e:76:c8:
a7:90:24:c9:ca:1b:8d:4c:31:9d:73:22:9d:12:99:5c:bd:09:
00:6c:4a:b8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWYRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDAwMDQ1WhcNMjYwMjE5MDAwMDQ1WjAYMRYw
FAYDVQQDEw02N2JmYjViZC1kMjc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0CQAHdkTN3Wia+VIejo9WspxZ6sJ7rVun754LOcgtT9/5oAfsrCSfcAZ
EhDegfoAdgEA0sZTTFt4jKDNcYjd0LkcFk+OgDEqVUc9cxJZaPJNsN/zDYxcti6M
UwAOwLoGPmoc0CRWX5zJA6cXUl6prRq1oD0qkXwNXdz1MhaEA9Cj3mW5XAZiD4kE
55nax8V8EaH1VKQrUjDJxbTv0n5+y/uM/+evsx+/zCE/X23QCuIwZvC0Pq12+TRS
aPI8UbmoXf0Hhcf1g3TVByGJc6ftejFbYfETXc70oakTwDOqVvGRt93Hjx8JFeXC
hUD3WRCoqIjEt0FrHahpMmKtrYVPcQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDw2
uYdshgJr7+i8arKVmg4dz0iqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRkU3OTlCMEY0QTQxMUVGQkQwREI3NzU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsg8MA0GCSqGSIb3DQEB
CwUAA4IBAQDA3I9KF2rQ1LxD3e5JYML6Hdu+l6pDPF6lEXrt3SAEOeLDvUHfrOUx
KQ4QXfXI08NZ6WxiF8XlqAcVYmlppqJ8XcmOdkgKP5o/ZUYfNetO3smkYFiW510V
jKroP+qR/6fFT4lj+RODurz8uPMiNXe30ZiFHNeBBKBZuYaHSeExds0dPaZHVEiA
QBX5sYRgUp4ScvrmV58pVmlC1ESqSggkbwveyt4oblmHPjOBExrd6JlWAcvDOmjn
sZtftvz7VG7XK/l72a/rf2VOnkq2yfBxSkVJYYxW6tL3G16AC0LT67OViyKRuDBe
dsinkCTJyhuNTDGdcyKdEplcvQkAbEq4
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:14 2025 by rpki-client