Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40851C32F45B11EF8453D885762E951A.roa
File: 40851C32F45B11EF8453D885762E951A.roa (raw, json)
Hash identifier: SDf8PO2zTWLg5wShzZO4oqGSWg4t1ApbJb9RFJWZzaw=
Subject key identifier: 72:DC:82:F4:7F:D8:19:B8:4B:E6:20:80:B4:DC:DD:D2:3D:ED:BF:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016508
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40851C32F45B11EF8453D885762E951A.roa
Signing time: Wed 26 Feb 2025 16:03:44 +0000
ROA not before: Wed 26 Feb 2025 16:03:38 +0000
ROA not after: Sat 19 Feb 2028 16:03:38 +0000
asID: 17561
IP address blocks: 154.82.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91400 (0x16508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 16:03:38 2025 GMT
Not After : Feb 19 16:03:38 2028 GMT
Subject: CN=67bf3b60-e757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5e:1e:49:bd:0f:b4:48:f5:6c:4d:ac:2f:3b:
2f:cd:3a:a0:5b:e7:b7:3f:63:9e:f6:d0:a3:3f:77:
df:2a:58:dc:2a:92:5b:de:6f:3a:29:ad:f3:95:c0:
58:52:b8:00:c8:3d:cd:40:92:81:54:3c:96:2f:e6:
82:27:67:c5:2f:fd:d9:35:57:79:77:00:49:7e:b1:
f9:82:72:f7:2c:54:4b:0e:04:d7:d6:0d:ca:30:88:
8c:e9:48:82:77:89:4a:1e:b3:80:76:d5:91:2e:37:
c2:d5:e0:7e:ad:fc:4d:9d:fc:68:ba:70:6a:07:87:
f6:71:3d:29:54:b8:5d:ef:dc:8f:77:25:05:73:10:
f6:ef:59:6c:0d:3f:d0:c5:ac:83:b2:b7:27:f2:f6:
61:1c:e1:36:7d:a8:e1:ce:58:0c:ef:34:40:cc:0d:
b0:5b:9b:bf:36:c4:c2:92:19:31:10:1f:ab:5a:ab:
7c:ef:e8:b1:3d:74:88:12:22:f7:9d:f1:95:cd:cf:
7e:f9:eb:34:fc:c3:52:f1:2d:4a:03:a2:25:c3:69:
97:9b:78:c3:35:f1:d9:ee:25:ca:3c:a0:88:66:0f:
85:35:99:5d:2e:56:bd:13:82:6a:5d:89:60:25:ba:
7f:b5:c7:16:94:c9:2a:b5:f9:d8:68:b4:94:21:9d:
52:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DC:82:F4:7F:D8:19:B8:4B:E6:20:80:B4:DC:DD:D2:3D:ED:BF:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40851C32F45B11EF8453D885762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.247.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:8e:7a:23:6c:d7:14:16:c9:83:91:c0:2f:d6:2a:f4:74:0a:
c4:fd:db:b6:52:72:08:77:c3:65:84:15:3f:77:0f:c3:ca:71:
a1:d4:b4:b5:00:d1:58:78:e9:9c:2d:b3:52:bc:a3:90:29:19:
4a:64:b2:eb:13:54:18:f3:13:4e:5d:03:a6:da:14:4d:0c:0e:
89:f1:ee:45:e2:bc:dd:e3:97:13:59:5a:e8:76:40:cf:84:d3:
89:69:af:d0:5c:e5:5e:2d:83:67:0b:89:8f:62:92:fe:9b:88:
e4:e4:df:e6:76:81:5b:b4:a8:02:89:d8:fd:74:9f:31:17:5d:
44:99:d1:e0:cb:2a:17:43:ba:b2:39:54:57:67:0e:69:1f:cf:
50:32:af:87:75:57:95:f6:9a:30:92:f9:6e:8e:80:00:d8:9b:
92:c1:1f:49:e0:f1:ff:a1:87:5d:98:a8:98:1b:83:e9:e2:a6:
da:eb:8a:e6:7f:49:f4:3d:8f:9b:0e:ed:77:9e:61:1a:dd:7e:
53:70:cb:54:7e:d7:c5:45:6b:f7:f1:66:a2:6b:1b:2e:cd:c1:
b7:d9:28:77:d7:f4:c0:0b:21:6a:87:58:48:a6:d7:0b:7c:a4:
30:fb:9d:0d:7a:38:c4:42:4b:9e:29:3b:0e:2c:6e:e6:cc:cd:
9d:bc:b1:0f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWUIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTYwMzM4WhcNMjgwMjE5MTYwMzM4WjAYMRYw
FAYDVQQDEw02N2JmM2I2MC1lNzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwF4eSb0PtEj1bE2sLzsvzTqgW+e3P2Oe9tCjP3ffKljcKpJb3m86Ka3z
lcBYUrgAyD3NQJKBVDyWL+aCJ2fFL/3ZNVd5dwBJfrH5gnL3LFRLDgTX1g3KMIiM
6UiCd4lKHrOAdtWRLjfC1eB+rfxNnfxounBqB4f2cT0pVLhd79yPdyUFcxD271ls
DT/QxayDsrcn8vZhHOE2fajhzlgM7zRAzA2wW5u/NsTCkhkxEB+rWqt87+ixPXSI
EiL3nfGVzc9++es0/MNS8S1KA6Ilw2mXm3jDNfHZ7iXKPKCIZg+FNZldLla9E4Jq
XYlgJbp/tccWlMkqtfnYaLSUIZ1SiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHLc
gvR/2Bm4S+YggLTc3dI97b/+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MDg1MUMzMkY0NUIxMUVGODQ1M0Q4ODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlL3MA0GCSqGSIb3DQEB
CwUAA4IBAQCKjnojbNcUFsmDkcAv1ir0dArE/du2UnIId8NlhBU/dw/DynGh1LS1
ANFYeOmcLbNSvKOQKRlKZLLrE1QY8xNOXQOm2hRNDA6J8e5F4rzd45cTWVrodkDP
hNOJaa/QXOVeLYNnC4mPYpL+m4jk5N/mdoFbtKgCidj9dJ8xF11EmdHgyyoXQ7qy
OVRXZw5pH89QMq+HdVeV9powkvlujoAA2JuSwR9J4PH/oYddmKiYG4Pp4qba64rm
f0n0PY+bDu13nmEa3X5TcMtUftfFRWv38WaiaxsuzcG32Sh31/TACyFqh1hIptcL
fKQw+50NejjEQkueKTsOLG7mzM2dvLEP
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:16:51 2025 by rpki-client