Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/643CC6BCF35B11EF89B5B6A6762E951A.roa
File: 643CC6BCF35B11EF89B5B6A6762E951A.roa (raw, json)
Hash identifier: Sy8qpNiJ9dok28/Mbnet6ZiArc11BWgSeV6W5p0V25Y=
Subject key identifier: 69:C4:0D:08:1B:1B:72:19:34:C2:31:F2:D3:DB:08:11:A6:BE:C3:7F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015E08
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/643CC6BCF35B11EF89B5B6A6762E951A.roa
Signing time: Tue 25 Feb 2025 09:32:12 +0000
ROA not before: Tue 25 Feb 2025 09:32:09 +0000
ROA not after: Sat 19 Feb 2028 09:32:09 +0000
asID: 17561
IP address blocks: 154.83.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89608 (0x15e08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 09:32:09 2025 GMT
Not After : Feb 19 09:32:09 2028 GMT
Subject: CN=67bd8e1c-8a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cd:c5:ed:f8:3d:ed:a3:e0:03:09:d6:94:9d:
cd:aa:68:4b:bf:c1:c5:bf:d9:49:ff:47:27:f0:cf:
8f:1c:7e:e7:20:54:85:d0:c8:1d:2c:28:e2:6a:8d:
bb:cc:9b:31:38:b5:54:5a:09:eb:7f:30:4d:bc:70:
8c:bc:1a:84:34:85:2a:23:2d:9c:da:f3:b7:b4:b6:
a3:27:16:5a:c7:92:61:be:3c:0b:a8:68:b9:01:96:
b8:60:97:d7:87:0b:6a:97:a5:0c:8a:7f:fa:eb:3d:
ad:fb:43:91:e5:a6:a4:4d:b8:d5:13:77:71:55:ab:
8d:d5:ff:96:f3:ed:de:4c:c5:f2:a4:9c:fe:68:26:
43:ce:f0:f1:70:4e:28:8a:77:27:eb:8a:f9:51:00:
4b:36:f1:75:a6:1a:9a:06:39:4a:65:97:bb:97:c4:
58:67:5d:87:f5:88:4d:c1:19:44:3c:4a:7a:63:06:
ad:3c:31:f1:68:25:58:85:d1:da:4d:b9:75:5a:d2:
a1:ff:3f:f8:ad:cd:66:e4:71:66:41:3c:32:e5:7b:
0d:1f:94:51:34:bc:6d:2b:de:08:62:ec:92:1f:15:
3f:e4:f0:2e:4f:19:c3:af:03:2b:34:c4:82:02:86:
e8:a0:cb:f5:f8:46:6f:57:0a:54:d0:a2:0c:01:71:
65:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C4:0D:08:1B:1B:72:19:34:C2:31:F2:D3:DB:08:11:A6:BE:C3:7F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/643CC6BCF35B11EF89B5B6A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.74.0/24
Signature Algorithm: sha256WithRSAEncryption
63:b8:cb:e4:1f:17:59:22:59:35:5a:a2:62:c4:16:1e:82:a4:
c2:18:7d:bc:18:df:9e:2f:93:ec:6d:d4:1a:22:70:05:0e:5a:
d8:a7:33:40:47:43:53:57:33:ee:94:d3:ed:0b:05:a9:95:a2:
82:81:35:f7:74:ca:24:7a:f7:6f:26:57:fe:a2:e1:44:0f:88:
c1:05:ba:53:7e:c8:c6:26:d7:5c:3a:b7:a2:ee:9e:b4:19:6e:
e5:3e:4a:57:47:f6:d2:38:dc:bb:29:65:50:38:4e:8e:64:06:
48:af:ff:61:16:27:49:a4:c3:e3:ca:0e:33:41:69:aa:11:6c:
02:e2:2e:05:76:a3:78:89:95:e3:8e:9b:2d:d1:bb:28:01:a0:
cd:71:b6:21:73:fb:f1:d4:b7:72:77:80:43:13:c0:43:27:22:
bd:71:7b:1c:8a:c5:3a:45:b5:af:0d:9b:30:0c:7f:fc:5b:8f:
8a:f8:7f:46:d9:ab:d9:d0:d0:e5:65:e5:29:cf:cc:35:5c:56:
93:29:3f:35:7d:a1:08:39:93:4b:7c:71:ef:f3:7d:37:cb:ef:
7e:66:31:4f:77:27:23:5f:4f:1e:08:9a:27:95:2f:a5:90:55:
5d:bf:b8:b2:8a:6d:91:26:34:b6:aa:5b:20:cf:24:e2:30:eb:
0a:83:b0:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV4IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDkzMjA5WhcNMjgwMjE5MDkzMjA5WjAYMRYw
FAYDVQQDEw02N2JkOGUxYy04YTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0c3F7fg97aPgAwnWlJ3NqmhLv8HFv9lJ/0cn8M+PHH7nIFSF0MgdLCji
ao27zJsxOLVUWgnrfzBNvHCMvBqENIUqIy2c2vO3tLajJxZax5JhvjwLqGi5AZa4
YJfXhwtql6UMin/66z2t+0OR5aakTbjVE3dxVauN1f+W8+3eTMXypJz+aCZDzvDx
cE4oincn64r5UQBLNvF1phqaBjlKZZe7l8RYZ12H9YhNwRlEPEp6YwatPDHxaCVY
hdHaTbl1WtKh/z/4rc1m5HFmQTwy5XsNH5RRNLxtK94IYuySHxU/5PAuTxnDrwMr
NMSCAobooMv1+EZvVwpU0KIMAXFl7wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGnE
DQgbG3IZNMIx8tPbCBGmvsN/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NDNDQzZCQ0YzNUIxMUVGODlCNUI2QTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlNKMA0GCSqGSIb3DQEB
CwUAA4IBAQBjuMvkHxdZIlk1WqJixBYegqTCGH28GN+eL5PsbdQaInAFDlrYpzNA
R0NTVzPulNPtCwWplaKCgTX3dMokevdvJlf+ouFED4jBBbpTfsjGJtdcOrei7p60
GW7lPkpXR/bSONy7KWVQOE6OZAZIr/9hFidJpMPjyg4zQWmqEWwC4i4FdqN4iZXj
jpst0bsoAaDNcbYhc/vx1Ldyd4BDE8BDJyK9cXscisU6RbWvDZswDH/8W4+K+H9G
2avZ0NDlZeUpz8w1XFaTKT81faEIOZNLfHHv8303y+9+ZjFPdycjX08eCJonlS+l
kFVdv7iyim2RJjS2qlsgzyTiMOsKg7Aw
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:41 2025 by rpki-client