Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/553CD036F44F11EF9B78F8B1762E951A.roa
File: 553CD036F44F11EF9B78F8B1762E951A.roa (raw, json)
Hash identifier: OOdOyMiQWiJWSs5rp6zYfFCJVVaMtuyB67mw6zHyLXk=
Subject key identifier: AF:72:BD:AD:F3:AA:15:0C:A1:7E:94:C0:52:64:61:D3:AD:5E:86:7A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016466
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/553CD036F44F11EF9B78F8B1762E951A.roa
Signing time: Wed 26 Feb 2025 14:38:24 +0000
ROA not before: Wed 26 Feb 2025 14:38:20 +0000
ROA not after: Sat 19 Feb 2028 14:38:20 +0000
asID: 17561
IP address blocks: 154.82.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91238 (0x16466)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 14:38:20 2025 GMT
Not After : Feb 19 14:38:20 2028 GMT
Subject: CN=67bf2760-4806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:68:ff:ab:1f:25:74:ab:7c:6f:14:1e:eb:09:
b9:48:e5:65:aa:73:ae:6f:f2:07:bf:03:b9:ee:28:
b7:8d:de:16:d0:b0:d1:78:82:0a:39:13:92:e1:9e:
6b:9c:0c:13:ae:29:d2:ca:67:7e:f0:56:79:1d:99:
d5:1e:c6:0e:1f:3f:1b:29:be:4b:66:e3:04:d0:38:
7d:b8:72:c2:c6:4e:07:69:81:13:fa:0e:0a:c6:e7:
de:70:76:a1:50:4e:16:df:bb:13:88:59:32:f2:29:
61:23:ec:2d:0b:26:d0:25:1e:cb:98:ea:bc:16:3b:
80:c7:c9:b5:d9:9a:2a:af:7c:de:78:eb:00:67:59:
2f:44:9f:66:d0:1d:4b:1a:e5:b2:90:3d:78:8f:3a:
10:21:a8:ad:7f:20:11:64:7c:ac:af:7e:a6:47:cf:
50:49:86:bc:27:84:bb:61:b6:2a:3c:3d:98:c6:13:
b5:fc:35:d7:ae:ab:89:90:25:01:8f:8f:3b:c7:d5:
9b:b9:ad:8c:f3:b2:81:0a:7f:59:ed:c4:a1:1e:7d:
cb:bc:72:02:4f:3b:7d:cc:a4:fb:54:ca:6c:68:0e:
2c:9d:0c:78:8e:e1:69:44:9c:43:f9:fc:41:d1:a8:
b9:bc:d1:65:5d:f6:41:b4:64:55:30:5d:b8:a0:58:
e5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:72:BD:AD:F3:AA:15:0C:A1:7E:94:C0:52:64:61:D3:AD:5E:86:7A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/553CD036F44F11EF9B78F8B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.214.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:92:f6:30:2d:c0:50:da:e0:22:95:ba:73:c9:d6:53:98:92:
c3:ad:71:5b:df:e8:cd:c8:a0:41:5c:f3:bf:07:9d:ad:28:f1:
2a:62:3a:f8:f2:af:5d:e8:06:15:1c:93:a5:e0:db:f5:9f:7c:
de:52:fc:35:d9:4f:fa:72:f6:bf:1e:cf:ad:33:3f:f8:7a:10:
07:50:1b:dc:bd:97:bf:d6:df:8b:8b:36:b8:68:1a:bc:32:53:
28:31:00:d6:30:44:46:17:39:b1:07:95:1f:e5:62:7d:72:61:
2f:b7:66:c6:d7:2a:20:15:9d:90:80:bc:6a:b8:11:69:b4:eb:
cc:40:1b:b5:11:5a:48:9f:64:ad:b4:4a:9a:2b:7a:23:d2:5a:
a2:85:7a:c3:a4:1e:00:f6:0f:10:73:a5:34:d1:c6:60:21:b5:
94:94:aa:f1:e4:e0:4b:2d:db:10:79:f7:03:6c:f2:c9:e2:f3:
76:1a:a0:9b:c4:05:8c:bf:67:45:78:11:b3:97:72:fa:ed:16:
e8:c5:98:07:b2:3e:f6:d2:84:a6:f1:8d:27:85:09:fe:fc:33:
6b:2e:39:ca:16:4f:4c:3a:ec:6c:0a:a7:8a:04:e1:bf:58:6b:
79:1e:4c:5f:fe:0a:17:c7:40:72:60:54:ba:c5:24:4b:d3:94:
e7:3c:33:60
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWRmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTQzODIwWhcNMjgwMjE5MTQzODIwWjAYMRYw
FAYDVQQDEw02N2JmMjc2MC00ODA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp2j/qx8ldKt8bxQe6wm5SOVlqnOub/IHvwO57ii3jd4W0LDReIIKOROS
4Z5rnAwTrinSymd+8FZ5HZnVHsYOHz8bKb5LZuME0Dh9uHLCxk4HaYET+g4Kxufe
cHahUE4W37sTiFky8ilhI+wtCybQJR7LmOq8FjuAx8m12Zoqr3zeeOsAZ1kvRJ9m
0B1LGuWykD14jzoQIaitfyARZHysr36mR89QSYa8J4S7YbYqPD2YxhO1/DXXrquJ
kCUBj487x9Wbua2M87KBCn9Z7cShHn3LvHICTzt9zKT7VMpsaA4snQx4juFpRJxD
+fxB0ai5vNFlXfZBtGRVMF24oFjlXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK9y
va3zqhUMoX6UwFJkYdOtXoZ6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NTNDRDAzNkY0NEYxMUVGOUI3OEY4QjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLWMA0GCSqGSIb3DQEB
CwUAA4IBAQDJkvYwLcBQ2uAilbpzydZTmJLDrXFb3+jNyKBBXPO/B52tKPEqYjr4
8q9d6AYVHJOl4Nv1n3zeUvw12U/6cva/Hs+tMz/4ehAHUBvcvZe/1t+Liza4aBq8
MlMoMQDWMERGFzmxB5Uf5WJ9cmEvt2bG1yogFZ2QgLxquBFptOvMQBu1EVpIn2St
tEqaK3oj0lqihXrDpB4A9g8Qc6U00cZgIbWUlKrx5OBLLdsQefcDbPLJ4vN2GqCb
xAWMv2dFeBGzl3L67RboxZgHsj720oSm8Y0nhQn+/DNrLjnKFk9MOuxsCqeKBOG/
WGt5Hkxf/goXx0ByYFS6xSRL05TnPDNg
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:25:07 2025 by rpki-client