Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C8E19DEF4A511EF83291780762E951A.roa
File: 5C8E19DEF4A511EF83291780762E951A.roa (raw, json)
Hash identifier: WRvzqCdPsdhRh2xvjrmaqrJsn5qoRe1Up1nb0209ujk=
Subject key identifier: EB:7A:A3:82:70:F5:8B:56:02:F7:87:D3:B1:B2:08:EB:06:85:EC:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016617
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C8E19DEF4A511EF83291780762E951A.roa
Signing time: Thu 27 Feb 2025 00:54:13 +0000
ROA not before: Thu 27 Feb 2025 00:00:09 +0000
ROA not after: Thu 19 Feb 2026 00:00:09 +0000
asID: 984
IP address blocks: 154.200.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91671 (0x16617)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 00:00:09 2025 GMT
Not After : Feb 19 00:00:09 2026 GMT
Subject: CN=67bfb7b5-5764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:03:a4:48:ee:ae:7b:d0:89:d2:57:84:de:
a4:58:27:53:05:e5:f0:da:37:b3:89:18:1c:6c:b9:
77:5e:cf:ab:59:27:32:65:38:83:7d:50:f4:0d:8e:
7b:18:eb:16:0f:46:24:0a:9d:00:d9:20:4f:0d:4c:
8e:11:e9:d6:e9:93:01:ce:4b:d3:be:46:09:cd:b4:
79:79:3a:3d:d1:a6:42:44:4c:f2:5a:43:2c:f9:01:
a6:5f:c5:f2:09:79:b8:9b:90:f4:aa:96:88:35:46:
52:af:fe:72:e7:eb:23:17:b5:fd:80:2b:64:50:6e:
ae:c6:5c:f8:15:66:39:22:6d:15:a9:03:23:ae:f5:
1e:21:fa:3b:31:1c:f6:15:2b:ec:f2:93:f3:29:43:
41:e3:94:d5:ce:55:02:8c:1f:01:29:25:d5:17:26:
a7:c8:20:49:75:62:d8:f5:72:fd:0f:bc:93:28:e9:
3c:73:9b:1f:eb:0b:a9:7d:2a:88:57:38:e3:cf:0d:
9d:7a:ee:1b:1a:7c:c4:4b:18:bd:96:f9:0f:49:70:
22:e6:cc:e8:78:c6:8c:d3:79:7d:74:03:b7:09:3a:
75:3a:2d:6d:09:3b:c9:0f:39:be:69:84:bc:67:98:
98:c1:03:2c:0f:fd:4a:2d:22:6e:e6:5d:9c:57:57:
ba:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:7A:A3:82:70:F5:8B:56:02:F7:87:D3:B1:B2:08:EB:06:85:EC:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C8E19DEF4A511EF83291780762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.66.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:e9:d6:cf:82:5b:1c:12:23:f6:07:05:f6:fb:28:e3:51:02:
e3:05:79:7c:6c:2e:ff:a2:29:79:dc:e4:6c:24:ff:14:06:c1:
a5:2b:21:2d:76:a5:c7:a3:40:a8:0f:56:f4:58:f4:b4:ba:e0:
11:c4:4d:cf:c8:7c:81:6c:49:3f:63:e3:91:dd:42:9f:fe:9d:
99:4a:52:69:8f:d8:42:b8:d9:d2:59:b0:58:ff:2d:ed:ee:7b:
d1:b7:22:41:38:e3:c1:1a:c2:ba:fc:27:81:16:4a:41:ed:73:
be:87:48:56:c6:c1:60:94:07:97:4a:6d:2e:3d:c1:98:64:aa:
1a:40:89:50:a3:69:e4:95:59:c8:87:76:36:e4:2f:ff:26:96:
48:f1:dc:a0:ed:47:3f:0c:fa:b3:1f:4b:50:9f:a9:40:20:0f:
b1:d6:85:84:8f:ca:f9:a5:a8:7c:5a:c8:9e:e5:3c:50:3e:aa:
8f:1c:74:bd:76:47:3d:3c:f2:84:89:23:f0:cf:32:0d:b0:1b:
4b:72:0c:b6:43:f6:a3:e5:2c:3a:55:3b:18:15:93:df:6b:43:
3a:1c:32:3b:47:47:05:df:b1:35:bd:0a:d4:b5:dd:30:f3:ed:
c4:b8:dc:09:06:20:2c:43:85:61:1a:df:f3:cf:6a:67:cb:33:
7c:07:28:7e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWYXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDAwMDA5WhcNMjYwMjE5MDAwMDA5WjAYMRYw
FAYDVQQDEw02N2JmYjdiNS01NzY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu8gDpEjurnvQidJXhN6kWCdTBeXw2jeziRgcbLl3Xs+rWScyZTiDfVD0
DY57GOsWD0YkCp0A2SBPDUyOEenW6ZMBzkvTvkYJzbR5eTo90aZCREzyWkMs+QGm
X8XyCXm4m5D0qpaINUZSr/5y5+sjF7X9gCtkUG6uxlz4FWY5Im0VqQMjrvUeIfo7
MRz2FSvs8pPzKUNB45TVzlUCjB8BKSXVFyanyCBJdWLY9XL9D7yTKOk8c5sf6wup
fSqIVzjjzw2deu4bGnzESxi9lvkPSXAi5szoeMaM03l9dAO3CTp1Oi1tCTvJDzm+
aYS8Z5iYwQMsD/1KLSJu5l2cV1e64QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOt6
o4Jw9YtWAveH07GyCOsGheytMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QzhFMTlERUY0QTUxMUVGODMyOTE3ODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmshCMA0GCSqGSIb3DQEB
CwUAA4IBAQBv6dbPglscEiP2BwX2+yjjUQLjBXl8bC7/oil53ORsJP8UBsGlKyEt
dqXHo0CoD1b0WPS0uuARxE3PyHyBbEk/Y+OR3UKf/p2ZSlJpj9hCuNnSWbBY/y3t
7nvRtyJBOOPBGsK6/CeBFkpB7XO+h0hWxsFglAeXSm0uPcGYZKoaQIlQo2nklVnI
h3Y25C//JpZI8dyg7Uc/DPqzH0tQn6lAIA+x1oWEj8r5pah8Wsie5TxQPqqPHHS9
dkc9PPKEiSPwzzINsBtLcgy2Q/aj5Sw6VTsYFZPfa0M6HDI7R0cF37E1vQrUtd0w
8+3EuNwJBiAsQ4VhGt/zz2pnyzN8Byh+
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:53 2025 by rpki-client