Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C82DFF8CDC011EF84717D7A762E951A.roa
File: 5C82DFF8CDC011EF84717D7A762E951A.roa (raw, json)
Hash identifier: lndupYZKzorOMkFd35/yWi7w69BeljZjwgFlWgDx5LA=
Subject key identifier: 99:5D:FB:BD:F9:F1:F3:68:A8:26:AB:BD:88:EB:AF:DA:49:B0:8E:0B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01370C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C82DFF8CDC011EF84717D7A762E951A.roa
Signing time: Wed 08 Jan 2025 12:59:14 +0000
ROA not before: Wed 08 Jan 2025 12:59:10 +0000
ROA not after: Tue 16 Dec 2025 12:59:10 +0000
asID: 984
IP address blocks: 154.200.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79628 (0x1370c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 12:59:10 2025 GMT
Not After : Dec 16 12:59:10 2025 GMT
Subject: CN=677e76a2-1f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ce:91:32:c5:5f:10:83:e4:21:85:6d:ac:e3:
84:00:6e:f9:6b:84:e8:ba:1d:85:a0:09:8e:f0:77:
4b:72:b7:3c:01:ac:0f:e7:e8:50:1f:87:80:2b:c0:
1b:57:23:18:46:32:f1:1a:53:f4:ab:8f:5d:62:de:
58:27:ea:3f:47:dc:a9:85:4d:dc:66:5e:3f:e6:92:
02:1c:49:ee:2f:55:76:38:7b:76:54:27:35:96:be:
1a:90:30:d7:2e:fd:ec:bc:91:38:4b:10:b1:e4:61:
74:f8:42:e0:eb:7e:42:8a:53:ee:9f:6c:ff:27:b6:
ef:ec:46:15:02:87:f9:08:a0:64:88:38:b1:13:94:
4a:da:56:bd:d8:d3:94:1c:0e:63:fa:b3:73:4a:87:
e0:b4:27:cb:31:85:25:ba:0a:aa:00:7d:00:06:f1:
00:c4:36:20:af:2d:ad:c4:90:c5:d0:79:67:6b:e1:
06:09:eb:dd:fc:27:ad:4f:f4:96:ed:a3:62:0f:c4:
f6:aa:3a:fe:d4:50:db:a9:38:43:0f:db:df:ee:7e:
17:20:5d:58:a7:11:0c:3e:a0:d7:78:55:3e:ce:9b:
fe:f3:5e:12:cd:50:d4:a2:c6:82:01:fc:4f:b7:c7:
c0:49:0d:1f:12:00:03:2a:d6:d2:11:29:af:87:b3:
d0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:5D:FB:BD:F9:F1:F3:68:A8:26:AB:BD:88:EB:AF:DA:49:B0:8E:0B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C82DFF8CDC011EF84717D7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.229.0/24
Signature Algorithm: sha256WithRSAEncryption
32:da:2a:41:8a:63:bb:1a:b2:26:14:26:40:a1:76:72:ce:85:
8a:7e:63:0f:31:54:e6:98:8e:23:80:6e:db:a6:4c:bc:0f:a1:
8f:3c:72:6b:73:43:b4:f2:7d:28:da:34:2b:89:a0:1c:13:3b:
8f:18:7a:7f:f7:af:69:60:54:a1:25:46:f7:4f:db:f9:8b:bd:
47:9d:fc:55:97:b2:c6:85:24:8f:84:75:b8:fc:a7:39:07:57:
d8:05:b5:58:4c:2e:b0:5b:d0:e4:a2:8b:78:7a:a2:6f:c6:07:
a9:8d:15:43:1f:85:0a:0e:17:b9:70:2b:98:d4:9a:a8:65:e8:
88:95:1b:5c:6d:53:33:fd:b6:98:29:30:13:13:16:b1:bf:8d:
7e:f9:c9:8b:67:04:d8:ee:a1:c5:94:4b:62:65:8c:c6:4a:30:
6e:d8:4e:44:d4:b6:89:6d:2e:82:e0:cd:29:77:c7:0f:80:ea:
75:99:20:86:a5:c9:57:a1:a0:ca:9e:87:49:31:78:cf:5b:83:
11:07:04:3f:24:38:62:f5:75:b5:fc:ac:24:8b:5e:ad:b5:42:
37:0f:47:d1:d9:a3:f1:ca:4f:4a:23:dd:ed:e9:b8:76:e5:35:
1d:64:46:ad:d3:c8:1b:56:34:e8:b7:77:12:dc:b3:7a:57:02:
4d:8b:7c:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATcMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTI1OTEwWhcNMjUxMjE2MTI1OTEwWjAYMRYw
FAYDVQQDEw02NzdlNzZhMi0xZjE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAts6RMsVfEIPkIYVtrOOEAG75a4Touh2FoAmO8HdLcrc8AawP5+hQH4eA
K8AbVyMYRjLxGlP0q49dYt5YJ+o/R9yphU3cZl4/5pICHEnuL1V2OHt2VCc1lr4a
kDDXLv3svJE4SxCx5GF0+ELg635CilPun2z/J7bv7EYVAof5CKBkiDixE5RK2la9
2NOUHA5j+rNzSofgtCfLMYUlugqqAH0ABvEAxDYgry2txJDF0Hlna+EGCevd/Cet
T/SW7aNiD8T2qjr+1FDbqThDD9vf7n4XIF1YpxEMPqDXeFU+zpv+814SzVDUosaC
AfxPt8fASQ0fEgADKtbSESmvh7PQawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJld
+7358fNoqCarvYjrr9pJsI4LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QzgyREZGOENEQzAxMUVGODQ3MTdEN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjlMA0GCSqGSIb3DQEB
CwUAA4IBAQAy2ipBimO7GrImFCZAoXZyzoWKfmMPMVTmmI4jgG7bpky8D6GPPHJr
c0O08n0o2jQriaAcEzuPGHp/969pYFShJUb3T9v5i71HnfxVl7LGhSSPhHW4/Kc5
B1fYBbVYTC6wW9Dkoot4eqJvxgepjRVDH4UKDhe5cCuY1JqoZeiIlRtcbVMz/baY
KTATExaxv41++cmLZwTY7qHFlEtiZYzGSjBu2E5E1LaJbS6C4M0pd8cPgOp1mSCG
pclXoaDKnodJMXjPW4MRBwQ/JDhi9XW1/Kwki16ttUI3D0fR2aPxyk9KI93t6bh2
5TUdZEat08gbVjTot3cS3LN6VwJNi3yb
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:38 2025 by rpki-client