Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54E88B40F3B711EFBF248D8D762E951A.roa
File: 54E88B40F3B711EFBF248D8D762E951A.roa (raw, json)
Hash identifier: cF9/dfIX3oDjaaHK0pUCm8tSVYdb+c1MieBDtrlDc04=
Subject key identifier: AC:F5:4D:88:36:25:7E:CC:96:16:1C:39:F9:BD:76:79:95:74:0E:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015FE1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54E88B40F3B711EFBF248D8D762E951A.roa
Signing time: Tue 25 Feb 2025 20:30:20 +0000
ROA not before: Tue 25 Feb 2025 20:30:17 +0000
ROA not after: Wed 09 Apr 2025 20:30:17 +0000
asID: 138915
IP address blocks: 154.95.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90081 (0x15fe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 20:30:17 2025 GMT
Not After : Apr 9 20:30:17 2025 GMT
Subject: CN=67be285c-3f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d6:dd:3b:60:4b:b0:cc:bc:98:3f:9e:0b:40:
77:fc:23:17:df:57:a5:d9:14:c0:3f:04:01:85:77:
8c:97:58:77:54:31:2c:f9:57:f6:bf:ef:29:35:ca:
55:38:02:90:32:23:3c:37:75:fa:5f:3c:82:69:78:
ed:b8:73:a2:3f:8e:b7:17:57:2a:d3:9d:ca:f7:d4:
e2:20:50:38:61:df:13:fa:bd:f3:7d:47:95:16:d0:
ec:d5:28:7b:65:5b:f8:e8:da:97:36:e3:d8:80:3f:
c8:50:8c:19:34:f9:2a:e4:11:a1:f6:02:19:0c:33:
bb:cd:74:1e:f4:26:f7:3c:22:3d:a9:14:26:a5:04:
5f:9a:be:5e:ca:84:90:e3:25:6a:72:71:e9:74:1b:
a9:c0:a9:c3:17:19:e5:c9:b4:18:55:5c:d5:01:10:
b8:3d:21:cb:0f:fb:a6:54:e5:51:83:0a:3d:02:5a:
c0:d0:e3:2f:96:40:01:be:33:06:0e:62:b3:df:8a:
23:76:be:dd:64:a1:98:42:6c:f0:74:77:39:1f:60:
ab:b4:6d:b8:e6:ca:f8:ed:13:15:7e:fe:15:74:97:
fe:df:df:9f:82:e6:b5:0e:74:1a:f9:ff:c9:a8:01:
d0:fe:7f:a0:8c:ea:a7:24:76:a4:45:68:b5:fe:42:
2d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F5:4D:88:36:25:7E:CC:96:16:1C:39:F9:BD:76:79:95:74:0E:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54E88B40F3B711EFBF248D8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.82.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:7a:12:08:64:7d:a5:05:15:31:25:4e:3c:9f:a9:e8:36:60:
4f:58:c6:98:23:e6:95:77:f7:0b:0e:61:c4:af:38:15:50:26:
4d:c1:cc:f3:c4:ea:31:ae:a5:b1:02:7e:2a:19:f9:a3:0e:c8:
e4:61:44:34:3e:5b:99:18:7d:b3:40:79:3e:c6:00:82:4e:d5:
9e:96:8f:03:9b:f7:a0:b0:f4:38:52:1b:c7:01:cc:85:29:6b:
a5:40:1d:f6:a5:fe:11:00:f6:3a:ed:36:97:fc:c1:64:66:6c:
25:a7:67:6f:5b:51:ce:17:2a:b0:89:04:80:7a:2f:a9:e9:6d:
28:16:7b:de:de:94:1d:d0:a6:42:12:3b:55:5c:cf:62:f0:dc:
a6:98:3d:6d:cd:62:3f:0b:52:72:a9:40:24:ed:57:c3:18:aa:
61:df:de:10:b8:42:d4:95:db:22:6f:a9:e3:72:9e:b6:82:0d:
a8:04:80:5d:e8:69:67:36:7b:b8:e5:00:ee:36:ab:62:ee:18:
38:e3:e5:d3:07:8b:db:48:0e:05:9a:cf:e1:29:34:7e:96:20:
6e:60:e5:ba:67:d3:b8:3a:c6:9a:0b:84:d4:42:42:03:1f:24:
13:7c:5d:f2:97:d0:90:cc:a8:60:db:c1:3b:06:ef:3d:94:ee:
ba:54:d2:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV/hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MjAzMDE3WhcNMjUwNDA5MjAzMDE3WjAYMRYw
FAYDVQQDEw02N2JlMjg1Yy0zZjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw9bdO2BLsMy8mD+eC0B3/CMX31el2RTAPwQBhXeMl1h3VDEs+Vf2v+8p
NcpVOAKQMiM8N3X6XzyCaXjtuHOiP463F1cq053K99TiIFA4Yd8T+r3zfUeVFtDs
1Sh7ZVv46NqXNuPYgD/IUIwZNPkq5BGh9gIZDDO7zXQe9Cb3PCI9qRQmpQRfmr5e
yoSQ4yVqcnHpdBupwKnDFxnlybQYVVzVARC4PSHLD/umVOVRgwo9AlrA0OMvlkAB
vjMGDmKz34ojdr7dZKGYQmzwdHc5H2CrtG245sr47RMVfv4VdJf+39+fgua1DnQa
+f/JqAHQ/n+gjOqnJHakRWi1/kItawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKz1
TYg2JX7MlhYcOfm9dnmVdA7XMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NEU4OEI0MEYzQjcxMUVGQkYyNDhEOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml9SMA0GCSqGSIb3DQEB
CwUAA4IBAQDWehIIZH2lBRUxJU48n6noNmBPWMaYI+aVd/cLDmHErzgVUCZNwczz
xOoxrqWxAn4qGfmjDsjkYUQ0PluZGH2zQHk+xgCCTtWelo8Dm/egsPQ4UhvHAcyF
KWulQB32pf4RAPY67TaX/MFkZmwlp2dvW1HOFyqwiQSAei+p6W0oFnve3pQd0KZC
EjtVXM9i8NymmD1tzWI/C1JyqUAk7VfDGKph394QuELUldsib6njcp62gg2oBIBd
6GlnNnu45QDuNqti7hg44+XTB4vbSA4Fms/hKTR+liBuYOW6Z9O4OsaaC4TUQkID
HyQTfF3yl9CQzKhg28E7Bu89lO66VNKF
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:50 2025 by rpki-client