Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D3F2718C91411EFBC5E01BD762E951A.roa
File: 5D3F2718C91411EFBC5E01BD762E951A.roa (raw, json)
Hash identifier: TWyPMTGv/bpNZJSubOz0TZAAH8TQr0nSFT0Bk19IC8E=
Subject key identifier: 16:8B:78:5B:1C:79:5C:06:96:34:5F:B0:A4:73:87:86:85:75:8A:98
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0132C3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D3F2718C91411EFBC5E01BD762E951A.roa
Signing time: Thu 02 Jan 2025 14:17:57 +0000
ROA not before: Thu 02 Jan 2025 14:17:53 +0000
ROA not after: Mon 13 Dec 2027 14:17:53 +0000
asID: 17561
IP address blocks: 154.221.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78531 (0x132c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 14:17:53 2025 GMT
Not After : Dec 13 14:17:53 2027 GMT
Subject: CN=6776a015-69eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:07:d4:19:66:06:63:fd:86:eb:71:62:0f:2e:
15:db:6e:78:8a:b6:f9:f1:a2:b8:c4:c6:17:07:d2:
b7:a4:e1:f5:cc:ed:58:fd:09:7e:7e:ff:37:32:1c:
2d:00:1d:eb:7e:ce:8d:31:28:ba:1b:65:fe:0f:7b:
69:e5:24:18:29:53:d4:b8:fd:19:0d:d8:86:eb:06:
da:25:d8:24:d5:99:8f:52:af:c0:73:87:44:09:12:
ed:84:06:57:6e:f5:fe:91:fa:15:ff:e3:0c:04:27:
ac:ab:e1:a5:61:49:c3:d7:bf:aa:c4:78:4b:66:19:
4b:c9:9d:db:9c:d5:0b:58:c7:3b:ba:ae:26:a6:73:
49:89:ee:67:c2:ab:85:64:89:a0:31:ca:3d:2f:e3:
ff:f2:85:87:65:5a:c9:a8:ec:f3:5b:3e:49:71:dd:
fe:53:c3:63:51:f6:a1:a0:1d:83:8b:b9:d0:73:66:
cf:ff:33:67:31:26:6c:ee:db:22:61:fc:8b:79:1b:
8e:43:b2:0d:86:c3:c7:6b:e0:f5:27:f9:cb:d6:29:
80:33:dd:b4:db:b4:df:d3:4b:f7:3a:d3:da:53:08:
04:b2:64:0a:85:34:46:c6:3b:d5:57:52:ca:70:13:
e6:b9:94:5b:6a:72:dc:88:0f:1a:f8:2f:5c:d8:d7:
07:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:8B:78:5B:1C:79:5C:06:96:34:5F:B0:A4:73:87:86:85:75:8A:98
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D3F2718C91411EFBC5E01BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.238.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:89:42:ed:0f:80:ad:09:55:42:3f:72:96:b7:f1:77:f0:c8:
c7:56:b9:39:47:5d:ce:59:52:3e:84:c1:d5:b5:1e:6c:9c:29:
e0:a7:52:eb:f5:59:d5:14:a0:a3:89:4a:4b:c4:80:d8:73:0e:
2e:c7:31:54:67:71:2b:b9:b9:40:10:bb:75:43:e7:fc:17:87:
95:af:b4:e4:88:a1:cb:2c:92:80:d5:c5:e5:15:1a:c1:2c:23:
32:98:1f:55:6d:d4:86:9b:29:15:18:db:62:8b:7a:b7:8c:76:
32:40:05:1e:07:61:fd:c5:05:c7:a3:62:be:ba:72:23:56:27:
e6:26:f0:54:23:85:e4:77:57:1e:7b:55:83:ca:e4:46:05:92:
44:a0:d0:5b:01:6d:7a:d3:1e:17:7a:1a:67:e7:52:86:6d:da:
80:7f:7d:cd:1a:ea:e4:bf:99:82:55:7a:2b:01:1f:e9:45:a2:
62:83:f6:40:9d:33:ea:9a:38:a8:46:2c:f8:9b:bc:56:97:44:
2d:d7:e5:7f:f8:f7:f3:2e:8c:1c:18:39:cb:31:54:ca:0a:d5:
3f:40:d4:b3:0d:ab:d5:6d:a8:81:cf:36:e0:46:c6:b1:e9:9c:
8d:96:b5:91:8b:d3:9e:17:53:93:16:e0:36:10:3c:24:27:27:
e1:35:e7:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATLDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTQxNzUzWhcNMjcxMjEzMTQxNzUzWjAYMRYw
FAYDVQQDEw02Nzc2YTAxNS02OWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArAfUGWYGY/2G63FiDy4V2254irb58aK4xMYXB9K3pOH1zO1Y/Ql+fv83
MhwtAB3rfs6NMSi6G2X+D3tp5SQYKVPUuP0ZDdiG6wbaJdgk1ZmPUq/Ac4dECRLt
hAZXbvX+kfoV/+MMBCesq+GlYUnD17+qxHhLZhlLyZ3bnNULWMc7uq4mpnNJie5n
wquFZImgMco9L+P/8oWHZVrJqOzzWz5Jcd3+U8NjUfahoB2Di7nQc2bP/zNnMSZs
7tsiYfyLeRuOQ7INhsPHa+D1J/nL1imAM92027Tf00v3OtPaUwgEsmQKhTRGxjvV
V1LKcBPmuZRbanLciA8a+C9c2NcH1wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBaL
eFsceVwGljRfsKRzh4aFdYqYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDNGMjcxOEM5MTQxMUVGQkM1RTAxQkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3uMA0GCSqGSIb3DQEB
CwUAA4IBAQDViULtD4CtCVVCP3KWt/F38MjHVrk5R13OWVI+hMHVtR5snCngp1Lr
9VnVFKCjiUpLxIDYcw4uxzFUZ3ErublAELt1Q+f8F4eVr7TkiKHLLJKA1cXlFRrB
LCMymB9VbdSGmykVGNtii3q3jHYyQAUeB2H9xQXHo2K+unIjVifmJvBUI4Xkd1ce
e1WDyuRGBZJEoNBbAW160x4Xehpn51KGbdqAf33NGurkv5mCVXorAR/pRaJig/ZA
nTPqmjioRiz4m7xWl0Qt1+V/+PfzLowcGDnLMVTKCtU/QNSzDavVbaiBzzbgRsax
6ZyNlrWRi9OeF1OTFuA2EDwkJyfhNecd
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:13:46 2025 by rpki-client