Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/331D55A4F4BB11EF9DBCDDA9762E951A.roa
File: 331D55A4F4BB11EF9DBCDDA9762E951A.roa (raw, json)
Hash identifier: oC1eDiyQ7vXC9ep7piJlYRfxEis8zfOWD2DPfQqUi7E=
Subject key identifier: 27:F9:CA:07:71:CE:7C:43:1B:1B:B9:B7:0D:F3:28:33:77:AF:8E:4E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01662E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/331D55A4F4BB11EF9DBCDDA9762E951A.roa
Signing time: Thu 27 Feb 2025 03:30:32 +0000
ROA not before: Thu 27 Feb 2025 03:30:29 +0000
ROA not after: Thu 19 Feb 2026 03:30:29 +0000
asID: 984
IP address blocks: 154.200.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91694 (0x1662e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 03:30:29 2025 GMT
Not After : Feb 19 03:30:29 2026 GMT
Subject: CN=67bfdc58-2d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:23:c1:f6:fd:66:40:eb:82:30:4f:6f:10:2a:
1e:f5:2b:30:e1:85:96:4f:9f:02:0e:ce:8f:dd:82:
4b:b6:1f:3a:c6:87:84:99:38:a2:65:c1:ba:ec:b3:
5d:14:97:61:a0:84:26:20:a7:91:5f:79:e0:54:0b:
a7:fd:09:12:e2:95:96:ab:d6:b4:88:6a:82:aa:88:
c6:78:cc:c1:bf:9c:78:3c:af:46:7f:d7:61:2e:4f:
29:94:f9:3c:86:6c:ff:1e:09:90:c2:6b:df:6c:54:
45:9f:0c:95:2d:db:db:bd:33:16:4f:59:ce:64:62:
63:05:a9:45:41:f3:6f:6b:e8:8d:80:70:7d:1d:02:
22:a7:40:89:14:9d:cf:2f:19:9b:1b:f8:cd:82:4c:
f4:4c:4a:b2:44:42:7f:dc:5e:ca:f2:39:a8:b8:d0:
8e:1b:20:ba:1b:52:1d:a0:d5:ec:5a:2b:70:f8:d2:
d7:af:5a:ab:a2:6a:c9:48:9a:c8:e5:e2:c9:0b:89:
cc:8b:45:35:60:81:3f:50:58:c3:eb:97:01:ec:06:
97:ca:0d:b8:50:05:2d:1d:8f:e6:5f:f7:03:c9:c1:
8e:c1:6e:fa:2d:22:a6:70:71:8c:30:29:91:d6:fd:
1c:10:33:34:51:6d:f9:4f:a2:d2:2e:c3:9c:e6:3d:
19:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F9:CA:07:71:CE:7C:43:1B:1B:B9:B7:0D:F3:28:33:77:AF:8E:4E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/331D55A4F4BB11EF9DBCDDA9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.78.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:fd:0d:dd:c0:f7:34:85:ba:75:cf:8c:86:b9:16:50:5c:ea:
4b:50:63:22:b3:17:7b:5f:2b:32:a9:c4:36:df:57:2a:4e:96:
7c:a1:ff:77:23:5f:1d:2a:d6:e6:58:ab:b9:41:dc:a6:62:f1:
d9:30:1a:07:0b:36:4a:58:0e:e4:58:0f:6c:31:2a:3d:28:cf:
b7:04:9e:0d:d5:89:82:ab:ce:b3:a3:ef:85:00:91:a2:4d:e0:
bd:a6:fa:cb:59:f6:0d:ec:5e:39:39:43:df:72:8d:a4:a5:38:
3c:80:d6:20:53:20:4c:4a:ed:93:37:23:74:d4:dc:a8:d3:9f:
fd:03:c4:6e:aa:7e:b3:99:3c:43:97:7a:86:13:d5:5e:9c:ca:
41:82:a7:45:28:52:1c:4c:12:d1:5b:65:1b:d6:4c:44:5f:a7:
5f:48:4e:97:de:46:f7:60:a4:91:8a:4c:6a:53:92:e8:7c:51:
12:25:cc:2b:d9:07:f5:14:8e:f2:c9:8d:60:d0:65:8d:48:50:
70:b7:e6:c7:a4:95:3e:20:b4:2d:1c:21:9d:b9:6b:df:b6:a7:
c3:2c:cc:2e:4b:e8:1f:95:9c:f0:cf:3b:11:60:9d:19:2a:78:
9b:8f:f4:1c:bb:e6:74:72:73:6a:64:cf:70:60:12:12:ab:12:
99:b3:3a:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWYuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDMzMDI5WhcNMjYwMjE5MDMzMDI5WjAYMRYw
FAYDVQQDEw02N2JmZGM1OC0yZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwSPB9v1mQOuCME9vECoe9Ssw4YWWT58CDs6P3YJLth86xoeEmTiiZcG6
7LNdFJdhoIQmIKeRX3ngVAun/QkS4pWWq9a0iGqCqojGeMzBv5x4PK9Gf9dhLk8p
lPk8hmz/HgmQwmvfbFRFnwyVLdvbvTMWT1nOZGJjBalFQfNva+iNgHB9HQIip0CJ
FJ3PLxmbG/jNgkz0TEqyREJ/3F7K8jmouNCOGyC6G1IdoNXsWitw+NLXr1qromrJ
SJrI5eLJC4nMi0U1YIE/UFjD65cB7AaXyg24UAUtHY/mX/cDycGOwW76LSKmcHGM
MCmR1v0cEDM0UW35T6LSLsOc5j0ZKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCf5
ygdxznxDGxu5tw3zKDN3r45OMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMzFENTVBNEY0QkIxMUVGOURCQ0REQTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmshOMA0GCSqGSIb3DQEB
CwUAA4IBAQB9/Q3dwPc0hbp1z4yGuRZQXOpLUGMisxd7XysyqcQ231cqTpZ8of93
I18dKtbmWKu5QdymYvHZMBoHCzZKWA7kWA9sMSo9KM+3BJ4N1YmCq86zo++FAJGi
TeC9pvrLWfYN7F45OUPfco2kpTg8gNYgUyBMSu2TNyN01Nyo05/9A8Ruqn6zmTxD
l3qGE9VenMpBgqdFKFIcTBLRW2Ub1kxEX6dfSE6X3kb3YKSRikxqU5LofFESJcwr
2Qf1FI7yyY1g0GWNSFBwt+bHpJU+ILQtHCGduWvftqfDLMwuS+gflZzwzzsRYJ0Z
Knibj/Qcu+Z0cnNqZM9wYBISqxKZszob
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:52 2025 by rpki-client