Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/589EE8B2F41E11EFB4B7B75A762E951A.roa
File: 589EE8B2F41E11EFB4B7B75A762E951A.roa (raw, json)
Hash identifier: ljqZ3gl10f7laBweBPdyjB/d1p79vOs5x2fRKZz7XlU=
Subject key identifier: FE:9E:D5:76:3E:D1:13:16:61:A8:F4:EA:86:65:B9:D1:9C:0E:BB:74
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016177
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/589EE8B2F41E11EFB4B7B75A762E951A.roa
Signing time: Wed 26 Feb 2025 08:47:45 +0000
ROA not before: Wed 26 Feb 2025 08:47:41 +0000
ROA not after: Thu 19 Feb 2026 08:47:41 +0000
asID: 984
IP address blocks: 154.206.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 14:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90487 (0x16177)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 08:47:41 2025 GMT
Not After : Feb 19 08:47:41 2026 GMT
Subject: CN=67bed530-3c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:8f:d5:6d:bc:98:d4:08:95:75:9d:75:41:af:
42:a4:79:81:ae:ec:dd:e3:91:99:d2:4a:33:43:fc:
be:2d:99:6c:e0:53:ae:b1:a4:24:6c:7b:c8:a8:02:
c1:47:06:67:01:d2:5d:aa:7b:d6:0c:fb:78:cc:c2:
54:ee:b7:c7:a4:9e:c4:b0:82:49:b9:f9:a9:f5:6d:
b6:08:f2:58:a0:39:e6:d4:f3:f2:6c:80:98:05:b7:
9e:c4:77:d9:73:09:19:27:d6:b3:25:44:e9:d9:95:
03:a9:6e:43:25:78:01:38:6f:4d:92:80:17:ef:31:
38:95:07:9a:d4:37:ae:d4:60:07:21:f9:cb:f1:33:
a8:60:80:67:7f:4d:42:6d:f8:7b:72:b1:d2:33:aa:
e9:54:c6:01:2f:12:cf:1b:9c:54:8a:05:4d:db:37:
b9:e8:5d:45:d8:a0:9a:6f:8c:6f:ae:b4:c7:f3:e1:
94:31:c5:f4:87:f2:af:46:e3:a1:6b:9f:fc:17:1d:
39:66:ad:f1:f6:a3:18:2f:da:c8:44:e1:7b:ab:8e:
95:4b:57:15:1d:30:b1:1b:f6:24:5f:e0:26:85:86:
c5:92:55:9f:f3:d5:55:1e:fa:c0:4d:dc:e7:78:83:
37:fd:d8:9a:6b:13:64:31:47:4f:df:be:e7:12:ac:
e5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9E:D5:76:3E:D1:13:16:61:A8:F4:EA:86:65:B9:D1:9C:0E:BB:74
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/589EE8B2F41E11EFB4B7B75A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.219.0/24
Signature Algorithm: sha256WithRSAEncryption
24:93:4f:68:1e:9a:9d:63:0a:da:a7:f3:f1:93:03:e2:1d:70:
ae:48:c7:52:d1:1b:33:7d:7b:2d:13:f5:53:0d:cd:60:13:b0:
56:ca:49:71:14:4e:6c:02:4e:0f:db:14:6f:f9:1a:0c:20:79:
e8:2d:d9:06:d5:f4:73:8e:bc:26:6b:2f:09:9e:6b:56:13:13:
2c:68:f9:1a:f9:73:39:ce:45:32:a9:1a:61:95:19:b7:f1:13:
61:65:96:3a:65:ef:46:3d:c5:67:95:08:29:34:20:aa:7c:5a:
84:3c:33:48:0d:81:56:86:6a:4e:c9:dc:36:7c:2b:11:a2:65:
85:05:a8:8d:c8:6f:6b:05:88:27:0b:f1:f0:6b:1c:a8:30:a5:
69:8a:6c:09:cd:f2:a9:63:63:1c:73:8f:bb:df:33:92:a3:4a:
da:95:64:42:37:ed:03:9b:7f:a5:af:58:28:7b:87:41:31:03:
f4:b6:6d:27:b8:46:de:08:63:25:f3:df:01:06:22:1c:10:d8:
6a:cf:f8:c7:05:20:43:4f:92:09:5f:b1:2b:5c:83:8a:f6:14:
e0:22:ca:0f:c0:dc:5b:13:61:8d:ea:95:b6:1f:d1:dd:48:b2:
d8:e0:fc:69:d0:0a:23:67:fb:ee:f1:68:0b:0a:b7:09:8c:95:
9a:22:1f:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWF3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDg0NzQxWhcNMjYwMjE5MDg0NzQxWjAYMRYw
FAYDVQQDEw02N2JlZDUzMC0zYzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA84/VbbyY1AiVdZ11Qa9CpHmBruzd45GZ0kozQ/y+LZls4FOusaQkbHvI
qALBRwZnAdJdqnvWDPt4zMJU7rfHpJ7EsIJJufmp9W22CPJYoDnm1PPybICYBbee
xHfZcwkZJ9azJUTp2ZUDqW5DJXgBOG9NkoAX7zE4lQea1Deu1GAHIfnL8TOoYIBn
f01Cbfh7crHSM6rpVMYBLxLPG5xUigVN2ze56F1F2KCab4xvrrTH8+GUMcX0h/Kv
RuOha5/8Fx05Zq3x9qMYL9rIROF7q46VS1cVHTCxG/YkX+AmhYbFklWf89VVHvrA
TdzneIM3/diaaxNkMUdP377nEqzlDwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP6e
1XY+0RMWYaj06oZludGcDrt0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81ODlFRThCMkY0MUUxMUVGQjRCN0I3NUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7bMA0GCSqGSIb3DQEB
CwUAA4IBAQAkk09oHpqdYwrap/PxkwPiHXCuSMdS0RszfXstE/VTDc1gE7BWyklx
FE5sAk4P2xRv+RoMIHnoLdkG1fRzjrwmay8JnmtWExMsaPka+XM5zkUyqRphlRm3
8RNhZZY6Ze9GPcVnlQgpNCCqfFqEPDNIDYFWhmpOydw2fCsRomWFBaiNyG9rBYgn
C/HwaxyoMKVpimwJzfKpY2Mcc4+73zOSo0ralWRCN+0Dm3+lr1goe4dBMQP0tm0n
uEbeCGMl898BBiIcENhqz/jHBSBDT5IJX7ErXIOK9hTgIsoPwNxbE2GN6pW2H9Hd
SLLY4Pxp0AojZ/vu8WgLCrcJjJWaIh8u
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:49:21 2025 by rpki-client