Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/401FB4FCF43111EFB95BC55E762E951A.roa
File: 401FB4FCF43111EFB95BC55E762E951A.roa (raw, json)
Hash identifier: KwqzsvrYMzJFzrIwcDLu3yJseWCSMwr9pL70Jm3uDsE=
Subject key identifier: 4B:05:88:C2:AB:3E:4E:AD:42:38:DE:A9:C2:04:A7:15:73:EE:88:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01626F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/401FB4FCF43111EFB95BC55E762E951A.roa
Signing time: Wed 26 Feb 2025 11:03:04 +0000
ROA not before: Wed 26 Feb 2025 11:03:00 +0000
ROA not after: Thu 19 Feb 2026 11:03:00 +0000
asID: 984
IP address blocks: 154.208.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90735 (0x1626f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:03:00 2025 GMT
Not After : Feb 19 11:03:00 2026 GMT
Subject: CN=67bef4e8-c5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:14:a4:44:5d:f9:52:92:d5:05:45:df:44:9d:
a8:40:8f:14:b3:dd:e2:d1:d8:b7:8a:ac:c5:14:2c:
27:a9:f3:b0:b0:e2:83:a4:b0:8a:3b:32:a3:24:5f:
4c:d1:30:d3:7e:17:c1:74:b2:da:df:42:f0:90:aa:
c2:6f:13:32:66:5e:a1:d5:9b:6d:25:05:f3:58:b1:
55:e9:85:71:ec:a5:c6:3e:d0:aa:cb:8e:46:5a:31:
8f:76:1f:27:08:4b:6e:f0:48:21:79:96:ef:ee:5b:
c8:93:73:75:c9:34:83:63:13:57:ba:52:1b:fd:5c:
93:da:b3:a8:7f:cd:66:63:d4:9b:de:c6:e7:9c:d4:
5a:52:8f:59:57:9c:9d:ed:0d:1f:36:7c:07:d1:6e:
08:52:eb:c5:de:aa:52:41:55:9a:3f:63:9d:95:61:
68:b1:e4:7d:4c:53:cb:73:64:af:79:f5:ec:62:e7:
5a:22:55:0a:d7:b1:26:b8:84:05:14:9a:d4:6c:ce:
ab:ba:c3:18:b7:c2:99:7c:65:ce:a7:11:c1:16:ed:
33:96:d7:e2:6f:cd:fa:cd:59:b5:52:ca:1a:b1:37:
8d:47:c2:dc:56:44:34:4a:32:62:b3:16:bd:86:76:
6b:68:f4:4b:d2:3a:ee:49:4d:c4:40:68:b4:69:9d:
7d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:05:88:C2:AB:3E:4E:AD:42:38:DE:A9:C2:04:A7:15:73:EE:88:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/401FB4FCF43111EFB95BC55E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.88.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:31:c9:ed:a4:62:80:ad:43:f8:ad:a9:de:78:57:1c:47:92:
3d:38:c5:d5:5b:ea:2d:cf:f9:04:85:69:ea:76:c5:e8:da:90:
5b:25:3a:ac:b0:ae:7e:78:32:01:0b:ad:fa:5a:7d:04:34:4f:
e6:05:aa:30:cc:9d:68:13:5b:c2:0a:2b:ab:02:81:6e:8b:70:
48:1b:52:e8:27:07:26:cd:52:00:4b:6f:38:e8:90:65:db:a0:
16:95:a3:67:81:93:59:8f:fd:11:71:91:ca:7f:9a:49:a5:fc:
a3:8e:c2:9e:c9:00:57:c7:43:08:0c:fd:6f:6a:be:ff:ef:35:
b7:ca:26:77:7c:7c:c7:c2:cb:07:23:c0:16:26:11:9b:56:b5:
9a:6e:c9:e8:b5:db:ea:4c:78:bd:8e:ea:ea:9b:65:46:d9:e8:
49:df:f7:d1:58:e2:22:61:3d:29:0c:70:15:b5:db:1e:35:10:
a1:2a:63:86:a8:10:07:7c:cf:ff:d0:72:ae:53:d1:39:19:ae:
5c:8d:e7:e3:2e:f0:02:02:4f:90:8e:98:38:01:6d:7d:14:41:
c3:97:9b:ca:42:60:dc:97:5f:22:e5:d8:51:55:0b:cd:ff:1c:
0e:f3:0b:5e:63:a4:b9:42:38:49:ce:ed:ba:ea:64:53:6b:3c:
90:63:00:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWJvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTEwMzAwWhcNMjYwMjE5MTEwMzAwWjAYMRYw
FAYDVQQDEw02N2JlZjRlOC1jNWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtBSkRF35UpLVBUXfRJ2oQI8Us93i0di3iqzFFCwnqfOwsOKDpLCKOzKj
JF9M0TDTfhfBdLLa30LwkKrCbxMyZl6h1ZttJQXzWLFV6YVx7KXGPtCqy45GWjGP
dh8nCEtu8EgheZbv7lvIk3N1yTSDYxNXulIb/VyT2rOof81mY9Sb3sbnnNRaUo9Z
V5yd7Q0fNnwH0W4IUuvF3qpSQVWaP2OdlWFoseR9TFPLc2SvefXsYudaIlUK17Em
uIQFFJrUbM6rusMYt8KZfGXOpxHBFu0zltfib836zVm1UsoasTeNR8LcVkQ0SjJi
sxa9hnZraPRL0jruSU3EQGi0aZ19/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEsF
iMKrPk6tQjjeqcIEpxVz7ojcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MDFGQjRGQ0Y0MzExMUVGQjk1QkM1NUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBYMA0GCSqGSIb3DQEB
CwUAA4IBAQBcMcntpGKArUP4raneeFccR5I9OMXVW+otz/kEhWnqdsXo2pBbJTqs
sK5+eDIBC636Wn0ENE/mBaowzJ1oE1vCCiurAoFui3BIG1LoJwcmzVIAS2846JBl
26AWlaNngZNZj/0RcZHKf5pJpfyjjsKeyQBXx0MIDP1var7/7zW3yiZ3fHzHwssH
I8AWJhGbVrWabsnotdvqTHi9jurqm2VG2ehJ3/fRWOIiYT0pDHAVtdseNRChKmOG
qBAHfM//0HKuU9E5Ga5cjefjLvACAk+Qjpg4AW19FEHDl5vKQmDcl18i5dhRVQvN
/xwO8wteY6S5QjhJzu266mRTazyQYwBo
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:46:52 2025 by rpki-client