Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/506FF624C93311EF9D7B7B7E762E951A.roa
File: 506FF624C93311EF9D7B7B7E762E951A.roa (raw, json)
Hash identifier: TQUzV5myvw+dvd4LDJyOz2ZoixAOuvm4ERJlvNqwCbc=
Subject key identifier: B3:E7:A7:D7:0F:44:20:58:33:19:2E:6A:F1:8A:08:17:00:D2:55:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0133BD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/506FF624C93311EF9D7B7B7E762E951A.roa
Signing time: Thu 02 Jan 2025 17:59:30 +0000
ROA not before: Thu 02 Jan 2025 17:59:26 +0000
ROA not after: Sat 13 Dec 2025 17:59:26 +0000
asID: 984
IP address blocks: 154.222.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78781 (0x133bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 17:59:26 2025 GMT
Not After : Dec 13 17:59:26 2025 GMT
Subject: CN=6776d402-5c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ed:b5:79:a6:01:0f:78:2e:d9:83:87:91:01:
3a:f6:07:cf:43:31:8c:d6:d1:7e:d2:b2:3d:20:3d:
40:46:31:17:0c:84:28:01:3e:63:10:71:16:bd:1a:
34:95:f5:48:6c:e0:36:39:db:e6:be:52:b8:f7:0f:
0b:3f:f7:ce:53:3d:66:13:83:00:70:c8:5a:96:13:
13:e8:ac:f2:32:bb:9d:66:e9:b2:ca:1e:61:0f:88:
b9:ed:81:53:4a:b8:17:6b:fb:19:dd:c7:70:67:21:
29:cf:8d:81:b8:ce:e4:39:32:ee:7c:77:a3:ec:5f:
9f:f7:cc:5c:7a:1e:7c:73:88:33:de:5e:e9:8d:fc:
36:fe:12:4d:e5:ee:8e:6b:7a:76:78:f5:c3:45:a5:
e9:28:bc:c6:76:a8:36:03:9a:bc:19:aa:42:35:bd:
c7:89:55:24:26:23:6e:52:ee:f3:1e:67:d3:b0:66:
e1:6d:69:79:42:1a:2c:ed:a3:60:62:86:14:9c:cc:
0b:0e:0e:07:9e:96:5c:41:81:e7:19:4a:c8:81:f6:
ee:d4:f1:5e:57:f5:b3:a1:25:a8:0c:57:a8:bc:cc:
9f:0e:cf:83:cc:87:1e:c0:f4:bb:9d:63:17:b9:0a:
88:b6:70:0c:1d:da:38:2e:7d:e2:16:23:b7:96:fb:
db:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E7:A7:D7:0F:44:20:58:33:19:2E:6A:F1:8A:08:17:00:D2:55:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/506FF624C93311EF9D7B7B7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.172.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:08:4b:44:6b:f4:74:76:16:70:58:10:64:d5:be:c8:a8:93:
85:f2:b2:c4:cc:5c:92:0a:4f:1c:00:1b:2e:8a:8c:8e:1b:8a:
55:00:0f:f1:e1:23:4b:c9:0d:d7:c9:13:d8:ff:aa:e9:c1:c0:
49:69:bd:2e:84:f0:62:74:f8:5c:43:6d:cb:32:cd:bb:07:e2:
e4:2c:b2:74:13:23:df:92:f5:21:5f:24:59:27:b8:70:69:fc:
1d:8d:cf:dc:c2:65:15:38:9c:9c:2b:ed:7c:30:07:27:f6:e9:
cf:60:d7:62:c8:1b:b2:c8:43:6b:08:53:28:fa:71:a9:5b:9a:
5f:9e:07:85:21:6a:f7:94:fb:9d:3b:ad:3a:95:c4:1f:21:0c:
b4:51:ad:d6:17:b2:ff:38:0a:7b:a9:01:35:d0:9b:53:06:74:
b6:85:69:c1:32:77:64:cf:7e:09:a5:ad:55:ca:95:a5:72:31:
7e:19:40:4c:48:6d:72:13:1d:55:2e:41:7d:5c:b7:dd:7e:68:
3f:c3:3f:39:b4:86:73:f5:4c:78:36:ff:9c:35:31:c0:1a:6c:
b4:c8:c1:6e:3b:4b:81:9e:83:a5:80:4a:c6:bb:3f:08:70:c3:
a6:6b:25:8f:d3:8e:03:97:f8:69:4a:9e:52:a9:bc:bf:87:4b:
8d:20:49:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATO9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTc1OTI2WhcNMjUxMjEzMTc1OTI2WjAYMRYw
FAYDVQQDEw02Nzc2ZDQwMi01Yzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu+21eaYBD3gu2YOHkQE69gfPQzGM1tF+0rI9ID1ARjEXDIQoAT5jEHEW
vRo0lfVIbOA2OdvmvlK49w8LP/fOUz1mE4MAcMhalhMT6KzyMrudZumyyh5hD4i5
7YFTSrgXa/sZ3cdwZyEpz42BuM7kOTLufHej7F+f98xceh58c4gz3l7pjfw2/hJN
5e6Oa3p2ePXDRaXpKLzGdqg2A5q8GapCNb3HiVUkJiNuUu7zHmfTsGbhbWl5Qhos
7aNgYoYUnMwLDg4HnpZcQYHnGUrIgfbu1PFeV/WzoSWoDFeovMyfDs+DzIcewPS7
nWMXuQqItnAMHdo4Ln3iFiO3lvvbHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLPn
p9cPRCBYMxkuavGKCBcA0lUoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MDZGRjYyNEM5MzMxMUVGOUQ3QjdCN0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6sMA0GCSqGSIb3DQEB
CwUAA4IBAQA+CEtEa/R0dhZwWBBk1b7IqJOF8rLEzFySCk8cABsuioyOG4pVAA/x
4SNLyQ3XyRPY/6rpwcBJab0uhPBidPhcQ23LMs27B+LkLLJ0EyPfkvUhXyRZJ7hw
afwdjc/cwmUVOJycK+18MAcn9unPYNdiyBuyyENrCFMo+nGpW5pfngeFIWr3lPud
O606lcQfIQy0Ua3WF7L/OAp7qQE10JtTBnS2hWnBMndkz34Jpa1VypWlcjF+GUBM
SG1yEx1VLkF9XLfdfmg/wz85tIZz9Ux4Nv+cNTHAGmy0yMFuO0uBnoOlgErGuz8I
cMOmayWP044Dl/hpSp5Sqby/h0uNIEnF
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:42 2025 by rpki-client