Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52F9AC86F43611EF8396EE80762E951A.roa
File: 52F9AC86F43611EF8396EE80762E951A.roa (raw, json)
Hash identifier: 8GCk3EVrUiWOzk3RScyVeqvYKZSF34f43wfKV6HrtBY=
Subject key identifier: 71:39:6B:18:BC:DB:48:94:B2:34:81:4F:FC:7F:34:97:F5:6A:51:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0162AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52F9AC86F43611EF8396EE80762E951A.roa
Signing time: Wed 26 Feb 2025 11:39:23 +0000
ROA not before: Wed 26 Feb 2025 11:39:19 +0000
ROA not after: Thu 19 Feb 2026 11:39:19 +0000
asID: 984
IP address blocks: 154.208.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90798 (0x162ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:39:19 2025 GMT
Not After : Feb 19 11:39:19 2026 GMT
Subject: CN=67befd6b-fab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6a:44:6c:6e:67:f8:9f:7b:e1:5c:b0:22:4c:
61:ef:05:c0:3a:7f:f2:a1:0f:ef:27:8d:92:38:3c:
f8:7a:82:01:7a:f1:8e:13:fb:15:3b:36:47:c6:e6:
77:c6:17:ad:0f:a6:a5:1f:c1:90:af:60:71:79:d6:
0b:21:01:8c:5e:e4:ed:50:74:85:a5:4b:c6:67:fd:
c0:b9:2f:8d:35:f4:37:c1:de:d7:09:4e:45:d5:b2:
02:cf:08:49:b1:d4:71:af:da:be:ec:40:e2:f5:e4:
65:25:1e:b2:01:c9:8a:f9:ff:17:97:ce:b7:42:7c:
bb:7b:1f:8e:6b:c2:ac:95:32:9f:a6:03:be:ca:ab:
b9:e9:af:05:f4:81:d9:2c:b9:b0:30:1c:a2:30:2e:
c5:bb:64:7f:9c:35:36:88:39:2d:42:e5:35:e6:2e:
b8:6a:d8:ce:7f:9a:d5:7a:ce:b1:08:72:c8:ed:75:
2e:9d:38:0a:d6:01:11:d8:92:5f:57:7a:fb:17:57:
e9:72:7b:49:fc:6d:f9:f2:33:00:1b:e7:ad:e4:2e:
08:5f:f1:bd:90:e7:a9:6b:9c:75:9e:64:3b:37:ee:
6a:a9:7b:09:f8:56:84:0f:5e:5d:8d:f4:d1:dc:13:
b5:ac:09:c5:86:26:ca:eb:ff:33:94:07:ce:f7:1b:
ae:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:39:6B:18:BC:DB:48:94:B2:34:81:4F:FC:7F:34:97:F5:6A:51:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52F9AC86F43611EF8396EE80762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.100.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:46:76:c6:38:cb:15:b6:9d:43:df:7a:01:f1:24:38:15:da:
c4:dc:0b:10:31:7e:a6:19:31:80:85:e3:c6:e5:74:18:8b:e6:
be:d5:99:a8:35:5a:ca:6d:12:89:79:85:e5:0c:10:c2:bf:1d:
94:29:7a:d6:bd:30:9d:69:ef:da:52:f4:7f:5c:f6:5f:96:8d:
ae:dd:af:82:38:7b:88:50:d2:e2:e4:8a:14:24:a9:b1:e0:e8:
d9:08:64:02:5c:cb:1a:c9:ab:7b:d9:da:6e:41:47:34:81:83:
ff:11:c2:44:3f:86:ef:2e:2c:8a:34:17:b4:5d:59:7e:30:e9:
a0:6a:a5:30:4b:08:26:1e:b7:a9:1b:a1:19:a8:32:70:9e:04:
8d:2b:17:c2:40:3c:7a:3e:40:fd:b7:cd:7e:33:b4:46:0f:d5:
e5:6a:7e:13:a4:20:c7:37:12:79:73:4c:51:06:87:0e:bb:43:
99:e3:83:8e:43:69:91:a3:df:e9:79:37:76:20:90:0d:cf:f5:
aa:12:8f:d4:0e:93:84:10:70:71:d6:41:9a:ef:69:7f:88:2c:
4e:8b:d1:d0:13:4b:85:04:47:74:c5:02:ae:a6:5b:5b:9f:49:
20:c5:6c:e3:5a:d6:8c:c4:e0:d6:c7:a2:df:34:87:d5:c0:43:
1f:d8:89:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWKuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTEzOTE5WhcNMjYwMjE5MTEzOTE5WjAYMRYw
FAYDVQQDEw02N2JlZmQ2Yi1mYWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyGpEbG5n+J974VywIkxh7wXAOn/yoQ/vJ42SODz4eoIBevGOE/sVOzZH
xuZ3xhetD6alH8GQr2BxedYLIQGMXuTtUHSFpUvGZ/3AuS+NNfQ3wd7XCU5F1bIC
zwhJsdRxr9q+7EDi9eRlJR6yAcmK+f8Xl863Qny7ex+Oa8KslTKfpgO+yqu56a8F
9IHZLLmwMByiMC7Fu2R/nDU2iDktQuU15i64atjOf5rVes6xCHLI7XUunTgK1gER
2JJfV3r7F1fpcntJ/G358jMAG+et5C4IX/G9kOepa5x1nmQ7N+5qqXsJ+FaED15d
jfTR3BO1rAnFhibK6/8zlAfO9xuuywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHE5
axi820iUsjSBT/x/NJf1alEcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MkY5QUM4NkY0MzYxMUVGODM5NkVFODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBkMA0GCSqGSIb3DQEB
CwUAA4IBAQC1RnbGOMsVtp1D33oB8SQ4FdrE3AsQMX6mGTGAhePG5XQYi+a+1Zmo
NVrKbRKJeYXlDBDCvx2UKXrWvTCdae/aUvR/XPZflo2u3a+COHuIUNLi5IoUJKmx
4OjZCGQCXMsayat72dpuQUc0gYP/EcJEP4bvLiyKNBe0XVl+MOmgaqUwSwgmHrep
G6EZqDJwngSNKxfCQDx6PkD9t81+M7RGD9Xlan4TpCDHNxJ5c0xRBocOu0OZ44OO
Q2mRo9/peTd2IJANz/WqEo/UDpOEEHBx1kGa72l/iCxOi9HQE0uFBEd0xQKupltb
n0kgxWzjWtaMxODWx6LfNIfVwEMf2Il1
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:59 2025 by rpki-client