Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/568EB87ECDD411EF83E49C78762E951A.roa
File: 568EB87ECDD411EF83E49C78762E951A.roa (raw, json)
Hash identifier: 8cI5Vwp/dta8lh51vLFHrBLoKAnuEYwxr1aao98PoDY=
Subject key identifier: 48:01:75:29:8C:18:7E:34:06:62:47:66:5C:A5:AD:E6:9C:DB:1F:3D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01375D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/568EB87ECDD411EF83E49C78762E951A.roa
Signing time: Wed 08 Jan 2025 15:22:14 +0000
ROA not before: Wed 08 Jan 2025 15:22:10 +0000
ROA not after: Mon 03 Jan 2028 15:22:10 +0000
asID: 17561
IP address blocks: 154.86.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79709 (0x1375d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 15:22:10 2025 GMT
Not After : Jan 3 15:22:10 2028 GMT
Subject: CN=677e9826-e58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:06:11:e1:e4:92:f2:f3:1f:f0:f7:3b:7e:a4:
8d:29:fd:5c:53:5a:6c:1f:23:71:fc:7d:80:85:80:
b4:00:fb:35:86:d0:06:ef:5a:d1:61:07:cb:b3:4a:
ef:28:c0:6a:bb:ae:16:aa:5a:ad:80:ef:20:01:40:
60:b4:c6:c5:ca:4a:77:2d:37:95:f0:c6:55:a5:cd:
ef:3a:8d:d1:7a:c7:76:0f:89:76:dd:2b:68:e1:5b:
ec:1c:79:ea:b4:87:0a:97:1b:6f:7e:8c:d4:0e:9a:
2f:24:5c:1b:c6:ab:5d:05:2e:e3:74:0f:68:0b:06:
bb:71:7d:8b:3e:0a:0b:0c:b6:b2:3f:1b:58:0d:7d:
51:8d:8e:8a:3e:12:1b:03:39:53:37:f4:62:f3:2f:
1e:df:cd:d5:12:e6:42:68:c9:c6:53:0e:7d:84:70:
38:1e:21:9c:d4:27:34:24:1d:e6:bd:cf:3f:f2:e0:
e0:e2:57:9f:8c:74:e1:02:3e:67:b7:a1:56:4d:ee:
b0:f5:60:dd:2c:9f:67:3d:bd:a3:18:7f:f5:f2:15:
88:5a:24:d0:78:46:1e:c1:9e:b2:b9:e0:2f:e2:07:
ee:5e:ef:ea:ca:70:91:45:7b:ab:1e:9d:35:94:03:
f9:0b:af:f2:db:7f:fb:f1:95:77:23:41:6a:c4:6f:
72:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:01:75:29:8C:18:7E:34:06:62:47:66:5C:A5:AD:E6:9C:DB:1F:3D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/568EB87ECDD411EF83E49C78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.113.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:b3:f4:b3:a3:fc:55:f1:b5:bf:06:31:0f:1a:70:2f:40:85:
85:b1:9d:63:5f:63:15:7f:dd:1f:db:47:87:4b:5b:7c:dc:54:
87:e9:f5:19:aa:98:f3:61:28:df:0b:23:2d:ec:d2:75:55:cf:
0d:53:a7:32:5d:70:6b:63:a0:81:80:bf:ee:30:4b:7a:09:62:
28:c8:d5:cd:2e:90:f1:a7:da:69:25:6f:5d:b6:c3:02:fb:a4:
52:bd:21:c4:77:c3:d4:50:41:bc:40:a3:49:c7:53:40:50:80:
34:ba:96:51:c0:9e:ed:3d:f4:e0:ee:0a:b6:35:a8:e1:cf:85:
c4:ae:63:f3:50:6c:6a:89:02:26:3f:05:9a:01:ad:ea:e5:06:
70:f7:76:6d:36:4e:e3:69:40:ee:67:40:a4:cd:e7:b9:7c:64:
f9:fe:f7:7b:1f:c0:02:4c:73:82:cb:05:d3:ad:4c:32:9b:9f:
09:89:5d:95:51:aa:73:fb:70:18:d7:ef:32:2b:80:14:c7:06:
4e:89:fc:58:61:6b:d1:42:ab:91:36:2b:61:32:f6:ff:55:d7:
6b:e9:4e:fa:99:d2:a1:ae:ed:31:25:7c:d6:75:dc:16:82:e5:
5c:c7:b0:3b:3f:18:9a:5f:1c:b9:b2:d2:6d:74:a9:17:32:05:
83:2f:14:e0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATddMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTUyMjEwWhcNMjgwMTAzMTUyMjEwWjAYMRYw
FAYDVQQDEw02NzdlOTgyNi1lNThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvQYR4eSS8vMf8Pc7fqSNKf1cU1psHyNx/H2AhYC0APs1htAG71rRYQfL
s0rvKMBqu64WqlqtgO8gAUBgtMbFykp3LTeV8MZVpc3vOo3Resd2D4l23Sto4Vvs
HHnqtIcKlxtvfozUDpovJFwbxqtdBS7jdA9oCwa7cX2LPgoLDLayPxtYDX1RjY6K
PhIbAzlTN/Ri8y8e383VEuZCaMnGUw59hHA4HiGc1Cc0JB3mvc8/8uDg4lefjHTh
Aj5nt6FWTe6w9WDdLJ9nPb2jGH/18hWIWiTQeEYewZ6yueAv4gfuXu/qynCRRXur
Hp01lAP5C6/y23/78ZV3I0FqxG9yDQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEgB
dSmMGH40BmJHZlylreac2x89MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjhFQjg3RUNERDQxMUVGODNFNDlDNzg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZxMA0GCSqGSIb3DQEB
CwUAA4IBAQDKs/Szo/xV8bW/BjEPGnAvQIWFsZ1jX2MVf90f20eHS1t83FSH6fUZ
qpjzYSjfCyMt7NJ1Vc8NU6cyXXBrY6CBgL/uMEt6CWIoyNXNLpDxp9ppJW9dtsMC
+6RSvSHEd8PUUEG8QKNJx1NAUIA0upZRwJ7tPfTg7gq2Najhz4XErmPzUGxqiQIm
PwWaAa3q5QZw93ZtNk7jaUDuZ0Ckzee5fGT5/vd7H8ACTHOCywXTrUwym58JiV2V
Uapz+3AY1+8yK4AUxwZOifxYYWvRQquRNithMvb/Vddr6U76mdKhru0xJXzWddwW
guVcx7A7PxiaXxy5stJtdKkXMgWDLxTg
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:00 2025 by rpki-client