Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61E66CE8F8C311EF9D9877A8762E951A.roa
File: 61E66CE8F8C311EF9D9877A8762E951A.roa (raw, json)
Hash identifier: S+fxu97/Sk2C/4J7ZFQpmeVlCKh4bZpMLFAj9eWwYAI=
Subject key identifier: E2:3B:B2:C5:7C:03:82:FD:F9:61:4A:DA:B0:27:CC:8D:F5:B4:C7:C2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01716C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61E66CE8F8C311EF9D9877A8762E951A.roa
Signing time: Tue 04 Mar 2025 06:39:12 +0000
ROA not before: Tue 04 Mar 2025 06:39:08 +0000
ROA not after: Sun 06 Apr 2025 06:39:08 +0000
asID: 57043
IP address blocks: 154.199.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94572 (0x1716c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 4 06:39:08 2025 GMT
Not After : Apr 6 06:39:08 2025 GMT
Subject: CN=67c6a010-6201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:1a:09:63:50:67:2d:fb:2e:88:af:33:fe:3d:
be:f1:61:9e:72:ea:01:bd:29:d0:f3:36:9b:58:c1:
ea:18:ce:b8:29:f7:78:53:b6:8d:0d:a3:82:9c:88:
a0:7f:9e:be:c9:d0:e2:58:c8:fc:12:c5:a7:dc:c6:
e3:68:c5:80:5b:8d:ae:65:ae:58:20:3a:9d:6f:da:
c1:4e:26:af:82:ae:03:bb:6a:d5:a4:5f:e3:f7:02:
7e:35:eb:4c:48:29:ba:aa:be:63:74:f1:9a:10:27:
16:33:11:52:67:96:d8:b4:08:85:65:a6:9c:b2:c1:
4c:b3:4b:eb:d4:d4:67:e0:7a:59:65:31:d0:58:b4:
31:78:0f:f2:c9:4b:03:03:cc:3c:fb:f8:a3:e7:2c:
c6:2d:76:bc:70:5d:4c:84:11:fa:d3:9e:71:59:0c:
46:fb:7d:ec:5f:a9:44:ab:4e:4e:ec:15:71:db:c6:
b4:ac:23:09:00:35:45:2b:06:c7:8f:83:2b:b0:d9:
b5:dc:f6:9d:3f:40:0a:b7:01:3f:28:a2:07:e4:23:
90:9f:f6:05:9e:43:cc:7e:94:32:86:5c:af:59:26:
6e:ea:6a:96:58:81:88:46:f1:d5:35:7c:2f:dc:5f:
fc:35:80:90:78:cd:da:8b:87:4d:94:ce:f3:6b:96:
b3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3B:B2:C5:7C:03:82:FD:F9:61:4A:DA:B0:27:CC:8D:F5:B4:C7:C2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61E66CE8F8C311EF9D9877A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.66.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:ed:50:e5:8e:65:06:b7:0e:59:90:db:b3:ab:11:5f:1e:04:
74:c7:93:8a:ab:34:85:f2:b2:01:45:87:d4:01:3f:58:57:b4:
b3:63:15:f1:f8:ce:bf:08:19:42:e3:32:7b:4e:1d:dd:69:fd:
b1:26:75:97:82:46:88:da:bf:04:6c:f0:c0:ce:b0:bd:16:4f:
33:b3:43:27:eb:5a:93:ff:40:67:71:f7:77:6f:c5:e1:f5:a9:
35:6b:e7:cd:a1:cb:58:d5:bb:e9:1e:38:51:20:d9:2e:6a:ab:
b6:ae:09:7a:2f:56:99:db:e4:31:0a:75:fd:b9:a1:1c:92:6e:
c5:39:a3:c6:f8:2c:e7:2d:8c:6c:f6:db:43:01:ea:40:4f:32:
ce:5d:89:24:fd:ba:42:1f:9e:9e:3f:81:7b:4a:4c:8b:74:aa:
de:cd:c2:46:7b:74:df:fe:f2:c2:74:2b:40:28:fa:c6:34:11:
3e:3f:f7:55:70:d3:b1:ca:51:5c:1f:a5:2d:28:8b:5c:f0:1e:
ed:48:1a:23:c7:87:12:05:03:0f:57:1b:f6:35:61:9a:bb:35:
29:9b:06:2b:4d:1f:4c:7d:77:39:75:1c:47:7e:cc:88:fd:79:
9a:4f:d0:b0:69:6e:cb:f5:72:26:57:ae:52:6b:c4:dc:99:86:
b2:2a:e2:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXFsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA0MDYzOTA4WhcNMjUwNDA2MDYzOTA4WjAYMRYw
FAYDVQQDEw02N2M2YTAxMC02MjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8hoJY1BnLfsuiK8z/j2+8WGecuoBvSnQ8zabWMHqGM64Kfd4U7aNDaOC
nIigf56+ydDiWMj8EsWn3MbjaMWAW42uZa5YIDqdb9rBTiavgq4Du2rVpF/j9wJ+
NetMSCm6qr5jdPGaECcWMxFSZ5bYtAiFZaacssFMs0vr1NRn4HpZZTHQWLQxeA/y
yUsDA8w8+/ij5yzGLXa8cF1MhBH6055xWQxG+33sX6lEq05O7BVx28a0rCMJADVF
KwbHj4MrsNm13PadP0AKtwE/KKIH5COQn/YFnkPMfpQyhlyvWSZu6mqWWIGIRvHV
NXwv3F/8NYCQeM3ai4dNlM7za5azsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOI7
ssV8A4L9+WFK2rAnzI31tMfCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MUU2NkNFOEY4QzMxMUVGOUQ5ODc3QTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsdCMA0GCSqGSIb3DQEB
CwUAA4IBAQAc7VDljmUGtw5ZkNuzqxFfHgR0x5OKqzSF8rIBRYfUAT9YV7SzYxXx
+M6/CBlC4zJ7Th3daf2xJnWXgkaI2r8EbPDAzrC9Fk8zs0Mn61qT/0Bncfd3b8Xh
9ak1a+fNoctY1bvpHjhRINkuaqu2rgl6L1aZ2+QxCnX9uaEckm7FOaPG+CznLYxs
9ttDAepATzLOXYkk/bpCH56eP4F7SkyLdKrezcJGe3Tf/vLCdCtAKPrGNBE+P/dV
cNOxylFcH6UtKItc8B7tSBojx4cSBQMPVxv2NWGauzUpmwYrTR9MfXc5dRxHfsyI
/XmaT9CwaW7L9XImV65Sa8TcmYayKuIs
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:37:14 2025 by rpki-client