Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40CD80D2F43611EFB0B0DC80762E951A.roa
File: 40CD80D2F43611EFB0B0DC80762E951A.roa (raw, json)
Hash identifier: 2UcwfmIaTbfbgFNTyTXsYLXje5o5RwvePSAIdfOJPds=
Subject key identifier: F3:07:0F:54:C7:B9:A9:46:2D:93:83:D9:25:EE:61:E0:07:06:4F:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0162AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40CD80D2F43611EFB0B0DC80762E951A.roa
Signing time: Wed 26 Feb 2025 11:38:52 +0000
ROA not before: Wed 26 Feb 2025 11:38:49 +0000
ROA not after: Fri 20 Feb 2026 11:38:49 +0000
asID: 984
IP address blocks: 154.199.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90796 (0x162ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:38:49 2025 GMT
Not After : Feb 20 11:38:49 2026 GMT
Subject: CN=67befd4c-25c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:84:33:32:53:03:8f:0e:78:53:77:3c:e8:
ab:03:bc:29:56:94:3e:53:52:27:4f:4f:2c:69:f8:
f8:f7:d3:c0:ed:57:8b:22:8b:34:95:02:46:c5:fd:
f3:49:ef:5d:f1:3f:98:4b:d9:3a:b3:a0:14:9f:4f:
17:2f:61:64:28:33:12:58:de:59:a6:e1:72:f8:0f:
af:3a:76:c9:ca:47:08:90:be:9d:d3:bc:77:b1:85:
f0:4f:69:f8:39:bc:9e:83:f7:5a:91:a4:e3:bb:c6:
bf:f2:30:fe:97:fb:b1:9b:f7:42:81:64:65:bc:4b:
7b:6d:4d:48:2a:c4:90:ac:82:02:53:53:e4:4c:e6:
ba:6e:74:a4:ff:77:39:c9:04:45:b1:ae:79:cf:2e:
88:0f:ad:48:7f:48:4d:c0:9a:2a:90:4a:98:2d:19:
69:95:3f:ef:cb:bd:be:67:33:0c:8f:72:21:32:92:
da:6b:90:c9:f7:b4:1f:ff:f6:b7:df:94:e3:5b:34:
bc:63:96:9f:7e:5f:9b:48:34:4d:a5:60:02:33:91:
23:e7:ed:ba:5b:51:d5:3c:8d:31:46:e8:e8:4e:af:
7b:9f:1d:4b:bb:3e:d1:4c:c5:9d:a7:c9:0c:53:38:
68:6d:2e:ac:cf:36:eb:b2:71:68:2a:e0:c9:4d:2b:
23:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:07:0F:54:C7:B9:A9:46:2D:93:83:D9:25:EE:61:E0:07:06:4F:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40CD80D2F43611EFB0B0DC80762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.137.0/24
Signature Algorithm: sha256WithRSAEncryption
83:3d:14:16:5d:36:a0:d6:12:10:4f:f1:5f:aa:be:a1:af:5b:
8c:33:9c:c9:a3:46:e8:69:ce:af:5c:01:5f:2d:8d:8c:76:f8:
e9:e9:a9:e0:cc:a2:45:0a:1b:d8:62:f9:af:99:f2:98:8e:85:
3f:b9:ce:fc:7d:43:d1:31:d4:3e:77:52:1b:ef:f0:f6:01:f4:
f0:24:27:4c:39:d3:61:3d:0a:ad:8d:c0:00:93:6b:b1:6f:f9:
b2:81:17:4b:82:91:df:01:2c:21:09:b3:d0:e5:9b:d1:dd:ff:
bf:18:8c:f1:08:43:48:9d:b9:1a:4b:72:00:41:38:f9:df:99:
c3:15:cb:18:c3:2c:d4:12:e5:64:2c:a5:8a:30:22:2a:29:8f:
10:8b:48:b9:31:3e:f5:c0:7e:2a:0f:a4:c4:ec:42:ae:76:60:
85:bf:05:f9:ab:f1:65:ff:21:b5:21:ee:4a:33:1a:c1:f0:32:
ec:70:19:0b:af:27:af:de:e0:49:74:3b:72:5f:14:bb:4e:d9:
be:8a:a7:01:08:33:4a:6c:99:ba:ab:32:bd:32:16:8b:56:bb:
c9:eb:bd:4e:b4:8d:44:82:6f:b1:a5:2e:94:12:a2:69:44:09:
3f:f8:3c:8d:39:bc:5a:13:73:ca:73:b3:23:0e:56:d7:d0:98:
14:62:17:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWKsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTEzODQ5WhcNMjYwMjIwMTEzODQ5WjAYMRYw
FAYDVQQDEw02N2JlZmQ0Yy0yNWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAukKEMzJTA48OeFN3POirA7wpVpQ+U1InT08safj499PA7VeLIos0lQJG
xf3zSe9d8T+YS9k6s6AUn08XL2FkKDMSWN5ZpuFy+A+vOnbJykcIkL6d07x3sYXw
T2n4Obyeg/dakaTju8a/8jD+l/uxm/dCgWRlvEt7bU1IKsSQrIICU1PkTOa6bnSk
/3c5yQRFsa55zy6ID61If0hNwJoqkEqYLRlplT/vy72+ZzMMj3IhMpLaa5DJ97Qf
//a335TjWzS8Y5affl+bSDRNpWACM5Ej5+26W1HVPI0xRujoTq97nx1Luz7RTMWd
p8kMUzhobS6szzbrsnFoKuDJTSsjdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPMH
D1THualGLZOD2SXuYeAHBk+EMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MENEODBEMkY0MzYxMUVGQjBCMERDODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmseJMA0GCSqGSIb3DQEB
CwUAA4IBAQCDPRQWXTag1hIQT/Ffqr6hr1uMM5zJo0boac6vXAFfLY2Mdvjp6ang
zKJFChvYYvmvmfKYjoU/uc78fUPRMdQ+d1Ib7/D2AfTwJCdMOdNhPQqtjcAAk2ux
b/mygRdLgpHfASwhCbPQ5ZvR3f+/GIzxCENInbkaS3IAQTj535nDFcsYwyzUEuVk
LKWKMCIqKY8Qi0i5MT71wH4qD6TE7EKudmCFvwX5q/Fl/yG1Ie5KMxrB8DLscBkL
ryev3uBJdDtyXxS7Ttm+iqcBCDNKbJm6qzK9MhaLVrvJ671OtI1Egm+xpS6UEqJp
RAk/+DyNObxaE3PKc7MjDlbX0JgUYhe9
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:27:06 2025 by rpki-client