Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/418166E8F43A11EFB9236C9D762E951A.roa
File: 418166E8F43A11EFB9236C9D762E951A.roa (raw, json)
Hash identifier: aSe4WVaSSfBF8PTAwBhh0+2/mqxGcF1KQFuLd1Uyapg=
Subject key identifier: C2:5E:46:C2:C1:25:8F:2F:75:50:AB:E4:FD:33:83:90:53:1E:E9:9B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0162F1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/418166E8F43A11EFB9236C9D762E951A.roa
Signing time: Wed 26 Feb 2025 12:07:32 +0000
ROA not before: Wed 26 Feb 2025 12:07:28 +0000
ROA not after: Thu 19 Feb 2026 12:07:28 +0000
asID: 984
IP address blocks: 154.208.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90865 (0x162f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:07:28 2025 GMT
Not After : Feb 19 12:07:28 2026 GMT
Subject: CN=67bf0404-5477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:11:1b:7f:d1:46:ba:f6:40:75:cc:2b:7c:87:
fe:d9:22:2d:4a:ee:aa:d5:b3:35:8b:7b:71:24:76:
6e:d0:d9:66:24:20:4d:ea:8d:1c:5b:c6:69:0d:43:
ba:97:03:74:2c:94:04:bb:17:0d:45:0f:47:a7:0e:
ae:c1:e3:7f:de:bd:28:c2:6b:02:30:35:be:28:07:
7b:54:9c:21:d1:84:02:67:87:37:5c:89:18:99:84:
67:e6:78:d3:70:d7:53:e1:86:07:08:43:fb:6a:9b:
e7:8f:9a:f4:98:ea:42:71:52:f8:47:da:8e:67:05:
c0:4d:1b:82:91:09:d1:22:4e:15:01:b0:a6:e3:e1:
8c:02:ef:f0:52:d6:d1:91:f5:7a:66:69:20:23:85:
5d:38:77:fc:c4:d7:23:18:6f:24:ca:ac:31:a1:ec:
d4:73:c7:77:59:a0:d8:cc:9d:06:b3:09:f1:7f:b5:
38:83:b6:96:84:a0:21:2a:a8:f1:f5:a5:75:99:cf:
52:fc:68:b5:4d:64:7c:53:2f:6d:3b:75:27:a3:91:
b2:69:0b:dc:8c:33:e0:37:f7:c9:23:bf:d9:ef:04:
f0:29:b9:96:a2:ba:8c:74:3d:b8:65:ed:08:b8:ed:
f7:12:ee:0d:51:c0:ab:4f:19:34:7a:1c:60:14:9f:
14:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5E:46:C2:C1:25:8F:2F:75:50:AB:E4:FD:33:83:90:53:1E:E9:9B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/418166E8F43A11EFB9236C9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.113.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:50:03:0d:62:e1:a1:a8:ed:ee:26:01:e6:31:e5:3d:c1:96:
cc:c0:46:c3:7b:c2:57:1e:5b:cc:46:b3:ad:c8:19:5a:e7:bb:
f2:92:8b:1a:b3:d7:92:44:54:da:ca:5f:46:71:bd:ee:0d:db:
c3:92:2a:69:6b:3d:4a:05:1c:53:8f:58:58:a0:7a:23:4a:f6:
26:71:41:ce:8b:cf:32:76:97:3d:ad:6f:ae:d1:59:ea:1b:f3:
c4:8a:df:4c:e5:b4:cf:b8:0b:c7:b2:4a:e1:16:19:b0:98:63:
bf:bc:45:c1:1d:9e:03:42:70:46:50:e7:b1:50:24:9a:d1:cb:
dc:c1:13:1e:4c:c2:a0:12:cf:d2:a5:c6:19:53:50:89:12:03:
00:e4:70:77:25:ad:5b:3d:da:b2:29:08:72:ce:48:a8:aa:e2:
78:83:b8:d6:79:8f:21:62:17:a3:73:01:95:1e:3b:ca:55:2f:
1a:6a:ed:36:69:61:19:23:46:8a:c4:6f:8f:70:49:d3:46:6e:
5b:95:48:c6:76:3f:17:59:bc:00:59:b9:80:ea:b5:74:79:27:
65:f0:b2:63:78:94:2e:ff:7e:02:16:51:c5:62:72:53:cc:9d:
c2:42:40:35:07:cd:2d:f4:f8:b1:a6:e1:e9:37:d7:f0:36:7b:
6e:25:32:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWLxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTIwNzI4WhcNMjYwMjE5MTIwNzI4WjAYMRYw
FAYDVQQDEw02N2JmMDQwNC01NDc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3hEbf9FGuvZAdcwrfIf+2SItSu6q1bM1i3txJHZu0NlmJCBN6o0cW8Zp
DUO6lwN0LJQEuxcNRQ9Hpw6uweN/3r0owmsCMDW+KAd7VJwh0YQCZ4c3XIkYmYRn
5njTcNdT4YYHCEP7apvnj5r0mOpCcVL4R9qOZwXATRuCkQnRIk4VAbCm4+GMAu/w
UtbRkfV6ZmkgI4VdOHf8xNcjGG8kyqwxoezUc8d3WaDYzJ0Gswnxf7U4g7aWhKAh
Kqjx9aV1mc9S/Gi1TWR8Uy9tO3Uno5GyaQvcjDPgN/fJI7/Z7wTwKbmWorqMdD24
Ze0IuO33Eu4NUcCrTxk0ehxgFJ8U3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMJe
RsLBJY8vdVCr5P0zg5BTHumbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTgxNjZFOEY0M0ExMUVGQjkyMzZDOUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBxMA0GCSqGSIb3DQEB
CwUAA4IBAQDMUAMNYuGhqO3uJgHmMeU9wZbMwEbDe8JXHlvMRrOtyBla57vykosa
s9eSRFTayl9Gcb3uDdvDkippaz1KBRxTj1hYoHojSvYmcUHOi88ydpc9rW+u0Vnq
G/PEit9M5bTPuAvHskrhFhmwmGO/vEXBHZ4DQnBGUOexUCSa0cvcwRMeTMKgEs/S
pcYZU1CJEgMA5HB3Ja1bPdqyKQhyzkioquJ4g7jWeY8hYhejcwGVHjvKVS8aau02
aWEZI0aKxG+PcEnTRm5blUjGdj8XWbwAWbmA6rV0eSdl8LJjeJQu/34CFlHFYnJT
zJ3CQkA1B80t9PixpuHpN9fwNntuJTJw
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:06:11 2025 by rpki-client