Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/488371A8C93211EFBA8B3778762E951A.roa
File: 488371A8C93211EFBA8B3778762E951A.roa (raw, json)
Hash identifier: 12zCZfB6crVrWS1TZEP2YRI1KzRBMxhqofGXWb8whj4=
Subject key identifier: 7A:A9:AF:F2:B2:52:D5:D5:75:37:85:41:35:83:E3:0C:78:21:C0:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0133B5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/488371A8C93211EFBA8B3778762E951A.roa
Signing time: Thu 02 Jan 2025 17:52:07 +0000
ROA not before: Thu 02 Jan 2025 17:52:04 +0000
ROA not after: Sat 13 Dec 2025 17:52:04 +0000
asID: 984
IP address blocks: 154.222.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78773 (0x133b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 17:52:04 2025 GMT
Not After : Dec 13 17:52:04 2025 GMT
Subject: CN=6776d247-0563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0e:94:df:d4:90:60:67:26:c6:0d:76:0a:98:
91:8d:7a:42:31:17:61:d6:9c:b8:e5:50:02:e6:5f:
65:86:1d:a1:c7:b2:85:97:5e:d2:85:7c:d7:a4:f1:
ed:ef:6a:a9:35:7a:e1:4e:58:94:be:8a:2e:f6:a2:
a3:64:f0:a1:6d:8b:8b:d4:bf:f4:72:b6:25:c0:57:
32:0a:dd:d5:6d:93:c7:88:77:81:a3:a0:24:34:a5:
bb:a7:ba:00:96:7c:37:e0:aa:c3:d6:79:39:af:63:
57:13:16:ad:2f:25:ed:a0:e6:f8:64:cb:8a:be:0b:
a1:7d:2c:c5:1f:85:bb:51:20:6a:ee:95:c5:81:9a:
ab:fc:36:ff:e9:82:48:ff:38:b9:55:a2:51:d2:74:
6d:d3:e5:27:35:e8:e2:f6:3e:37:eb:2f:54:d7:cc:
b0:4b:af:af:dc:3e:10:ad:6e:2e:fe:32:2c:46:aa:
17:1f:a2:49:72:e7:ce:78:36:d8:f4:6c:30:b3:d9:
ac:99:58:9f:54:b1:f5:5b:df:80:d5:1f:4b:5c:be:
35:a2:9f:f0:ce:62:f6:57:e4:bf:34:d2:98:7a:4c:
fd:b3:be:2b:34:2e:d1:e5:b8:b8:d8:06:24:d7:8e:
3b:4b:84:ed:42:fc:d7:f3:33:4f:d6:3f:3c:9b:f2:
b0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A9:AF:F2:B2:52:D5:D5:75:37:85:41:35:83:E3:0C:78:21:C0:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/488371A8C93211EFBA8B3778762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.168.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:81:32:b5:ad:a7:54:f4:91:78:8a:4d:7f:4e:63:01:d9:18:
92:07:e6:c5:33:64:5b:92:87:25:c4:17:b0:8f:8d:f9:f3:8e:
d6:d8:c8:c8:ab:43:0b:37:bb:c1:ac:3f:83:17:dc:a0:8e:99:
2d:7c:68:29:a5:d9:be:e9:37:00:d5:b9:57:c9:8d:08:26:9a:
57:9a:fd:09:19:e5:b2:1c:08:a5:75:a6:1f:47:8b:ca:83:45:
20:91:00:d0:bd:05:49:77:69:a3:77:5f:83:43:6c:dd:25:75:
42:e8:75:97:c4:7c:25:c7:6f:71:6b:86:e6:a6:0f:e3:e6:1c:
ec:02:b9:94:30:75:9f:49:e4:15:a3:f0:2c:88:4e:2d:fd:bb:
b5:72:73:2e:e6:c8:25:b1:3e:58:41:a3:82:6f:46:10:c6:09:
ab:ce:8e:87:35:20:fa:f8:34:84:ab:81:73:ba:c4:17:05:e6:
86:2c:01:49:99:9c:c8:7c:11:5e:7f:35:04:c5:9c:12:b1:f4:
64:a3:fd:84:86:bf:86:2e:09:64:e2:90:8d:3c:12:cc:46:2c:
0f:c6:3c:a5:58:18:cd:2f:72:86:98:99:97:fa:53:5e:26:d3:
0b:2d:c5:27:9b:b7:01:41:fb:13:8a:5f:46:84:67:3e:70:fb:
c3:2c:3e:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATO1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTc1MjA0WhcNMjUxMjEzMTc1MjA0WjAYMRYw
FAYDVQQDEw02Nzc2ZDI0Ny0wNTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+g6U39SQYGcmxg12CpiRjXpCMRdh1py45VAC5l9lhh2hx7KFl17ShXzX
pPHt72qpNXrhTliUvoou9qKjZPChbYuL1L/0crYlwFcyCt3VbZPHiHeBo6AkNKW7
p7oAlnw34KrD1nk5r2NXExatLyXtoOb4ZMuKvguhfSzFH4W7USBq7pXFgZqr/Db/
6YJI/zi5VaJR0nRt0+UnNeji9j436y9U18ywS6+v3D4QrW4u/jIsRqoXH6JJcufO
eDbY9Gwws9msmVifVLH1W9+A1R9LXL41op/wzmL2V+S/NNKYekz9s74rNC7R5bi4
2AYk1447S4TtQvzX8zNP1j88m/KwRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHqp
r/KyUtXVdTeFQTWD4wx4IcBpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80ODgzNzFBOEM5MzIxMUVGQkE4QjM3Nzg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6oMA0GCSqGSIb3DQEB
CwUAA4IBAQAqgTK1radU9JF4ik1/TmMB2RiSB+bFM2RbkoclxBewj435847W2MjI
q0MLN7vBrD+DF9ygjpktfGgppdm+6TcA1blXyY0IJppXmv0JGeWyHAildaYfR4vK
g0UgkQDQvQVJd2mjd1+DQ2zdJXVC6HWXxHwlx29xa4bmpg/j5hzsArmUMHWfSeQV
o/AsiE4t/bu1cnMu5sglsT5YQaOCb0YQxgmrzo6HNSD6+DSEq4FzusQXBeaGLAFJ
mZzIfBFefzUExZwSsfRko/2Ehr+GLglk4pCNPBLMRiwPxjylWBjNL3KGmJmX+lNe
JtMLLcUnm7cBQfsTil9GhGc+cPvDLD6i
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:17:07 2025 by rpki-client