Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A08E166C93611EF8CADC191762E951A.roa
File: 5A08E166C93611EF8CADC191762E951A.roa (raw, json)
Hash identifier: o81TbDMM6fYyF9UDJ1t11cjZ1C9Lc/2wntzVg6lrGoM=
Subject key identifier: 67:EC:CF:61:8C:9B:50:A3:FB:3B:95:64:9E:BE:DB:23:EF:A2:DD:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0133D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A08E166C93611EF8CADC191762E951A.roa
Signing time: Thu 02 Jan 2025 18:21:15 +0000
ROA not before: Thu 02 Jan 2025 18:21:11 +0000
ROA not after: Sat 13 Dec 2025 18:21:11 +0000
asID: 984
IP address blocks: 154.222.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78805 (0x133d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 18:21:11 2025 GMT
Not After : Dec 13 18:21:11 2025 GMT
Subject: CN=6776d91b-3de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a6:b7:e9:c1:92:75:7e:43:c2:4f:8f:a9:f4:
b7:9f:2f:92:f1:19:37:f1:df:ad:a9:66:84:7e:3f:
65:f8:98:46:66:3f:f6:83:f4:24:be:e5:db:0f:55:
a4:89:97:20:cf:f4:5b:b1:03:c4:f8:24:e0:65:ea:
12:81:9b:22:f1:21:98:89:40:84:91:1f:16:df:52:
dc:78:eb:53:06:7e:13:ab:e8:36:12:c9:7b:c1:53:
0a:77:1b:0a:65:dd:cc:df:53:dc:81:3a:2b:19:a8:
4b:6e:7b:e0:68:18:5e:51:09:8b:d1:50:40:20:f2:
f7:72:9d:8e:b9:9e:5f:60:8f:39:72:22:8f:c9:95:
ed:ef:a1:92:79:fd:2b:6f:f7:b6:c1:a4:a3:15:48:
fb:52:0e:76:7f:b5:b5:65:5f:56:e1:9a:cd:80:5f:
09:52:d5:c5:de:89:fb:de:eb:08:7d:4d:7f:15:3b:
79:33:5a:23:9d:8e:98:fd:04:f3:33:3d:9c:a3:5a:
dc:e0:5f:8b:bb:bc:c0:59:6e:37:5a:77:29:af:d7:
c9:8b:76:c0:3e:be:cb:38:e4:ed:e7:d0:6e:0c:7b:
81:8e:75:b8:3c:dc:7d:9f:5e:1f:6c:7c:69:92:98:
60:9f:a7:47:9e:73:58:d7:ba:89:c8:cc:9c:dd:de:
8e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EC:CF:61:8C:9B:50:A3:FB:3B:95:64:9E:BE:DB:23:EF:A2:DD:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A08E166C93611EF8CADC191762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.185.0/24
Signature Algorithm: sha256WithRSAEncryption
52:88:a1:09:cb:f2:2a:4b:43:0d:4a:1d:63:00:fb:8c:fa:e4:
5f:e8:17:9a:42:58:3c:3d:e2:c2:41:43:6f:ca:2d:56:f9:3c:
5d:7c:59:85:f0:1b:40:b9:8c:ff:14:fe:71:c3:8f:74:ea:70:
e9:3d:c0:7e:71:bc:d3:a8:76:ec:c2:37:c4:31:f8:ed:1c:71:
33:09:4b:13:5c:38:f0:fb:fa:0b:7c:45:e3:66:6e:3b:27:32:
bc:d4:e6:73:ea:fa:7d:26:0e:8f:64:83:f1:13:9e:57:7a:be:
0a:21:86:a5:16:f9:14:bb:ae:a7:84:36:e0:89:14:3d:e8:e0:
ad:35:5b:b3:82:11:19:65:3f:72:55:74:df:f0:e2:5e:53:8f:
4e:21:8b:88:b2:ab:fa:60:1e:6b:41:a5:d1:53:79:5a:8f:6a:
4f:18:72:9b:2d:dc:4a:6c:8b:37:ee:3c:ec:a6:c8:49:e5:d8:
61:5a:a4:e8:69:2e:cd:a3:91:0d:75:f8:ac:21:dc:b7:ba:8c:
3d:f2:46:ad:64:18:67:98:95:91:5d:81:a8:76:9d:1f:a3:df:
bb:90:93:58:35:1d:28:a2:9f:02:cb:ba:f9:53:fb:ec:28:52:
3b:16:22:b8:04:64:84:4f:07:16:bc:69:d4:54:a0:8a:a2:98:
2b:31:50:92
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATPVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTgyMTExWhcNMjUxMjEzMTgyMTExWjAYMRYw
FAYDVQQDEw02Nzc2ZDkxYi0zZGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw6a36cGSdX5Dwk+PqfS3ny+S8Rk38d+tqWaEfj9l+JhGZj/2g/QkvuXb
D1WkiZcgz/RbsQPE+CTgZeoSgZsi8SGYiUCEkR8W31LceOtTBn4Tq+g2Esl7wVMK
dxsKZd3M31PcgTorGahLbnvgaBheUQmL0VBAIPL3cp2OuZ5fYI85ciKPyZXt76GS
ef0rb/e2waSjFUj7Ug52f7W1ZV9W4ZrNgF8JUtXF3on73usIfU1/FTt5M1ojnY6Y
/QTzMz2co1rc4F+Lu7zAWW43Wncpr9fJi3bAPr7LOOTt59BuDHuBjnW4PNx9n14f
bHxpkphgn6dHnnNY17qJyMyc3d6OzwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGfs
z2GMm1Cj+zuVZJ6+2yPvot1pMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QTA4RTE2NkM5MzYxMUVGOENBREMxOTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt65MA0GCSqGSIb3DQEB
CwUAA4IBAQBSiKEJy/IqS0MNSh1jAPuM+uRf6BeaQlg8PeLCQUNvyi1W+TxdfFmF
8BtAuYz/FP5xw4906nDpPcB+cbzTqHbswjfEMfjtHHEzCUsTXDjw+/oLfEXjZm47
JzK81OZz6vp9Jg6PZIPxE55Xer4KIYalFvkUu66nhDbgiRQ96OCtNVuzghEZZT9y
VXTf8OJeU49OIYuIsqv6YB5rQaXRU3laj2pPGHKbLdxKbIs37jzspshJ5dhhWqTo
aS7No5ENdfisIdy3uow98katZBhnmJWRXYGodp0fo9+7kJNYNR0oop8Cy7r5U/vs
KFI7FiK4BGSETwcWvGnUVKCKopgrMVCS
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:21:12 2025 by rpki-client