Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64E41F68F41C11EFAC10914C762E951A.roa
File: 64E41F68F41C11EFAC10914C762E951A.roa (raw, json)
Hash identifier: /+wxDj34kQr1P7H1OG1qbQHGypx+LcNPZEnHH87BZB4=
Subject key identifier: 9B:7A:B0:DA:2F:37:4C:94:D5:65:BD:79:88:12:3A:B6:B7:97:F0:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016161
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64E41F68F41C11EFAC10914C762E951A.roa
Signing time: Wed 26 Feb 2025 08:33:46 +0000
ROA not before: Wed 26 Feb 2025 08:33:42 +0000
ROA not after: Thu 19 Feb 2026 08:33:42 +0000
asID: 328608
IP address blocks: 154.200.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90465 (0x16161)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 08:33:42 2025 GMT
Not After : Feb 19 08:33:42 2026 GMT
Subject: CN=67bed1ea-062a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:28:2a:2c:8a:93:11:82:08:36:d3:66:83:a8:
ee:2e:ec:e4:f5:dd:92:b5:e4:f8:5c:89:25:bc:16:
c8:e3:b0:8d:a7:ea:21:55:84:20:37:ee:5b:ad:6b:
be:49:84:a2:00:d9:2e:6c:7a:e0:5e:9a:eb:04:31:
15:a3:44:db:21:a8:ca:d9:0a:e8:a8:f0:47:c5:d6:
e5:43:73:c5:89:df:a7:9b:03:f4:d2:74:c2:87:ef:
6e:01:e4:8b:2a:cd:19:ea:fb:4a:f4:25:fc:17:91:
00:d4:62:47:d4:f0:8f:cb:eb:d2:70:42:cf:76:64:
81:71:b7:ec:e6:69:38:ac:34:ac:07:12:d7:61:3a:
7b:29:aa:a6:14:a7:93:87:e7:ff:84:cc:65:bf:49:
35:46:f9:b3:d1:96:8b:0c:0a:7f:c1:3f:33:f3:95:
c5:65:45:78:79:5c:6e:dd:c8:f1:ce:d7:21:52:92:
42:a6:d8:5f:4a:98:51:c7:c3:34:79:83:2c:c1:ae:
f0:bf:d0:93:17:3b:20:d3:1d:2d:56:6e:77:d0:23:
0b:aa:08:e4:78:eb:dc:bf:bb:e2:4c:77:ad:1b:0d:
d4:1c:5a:d2:39:83:c7:c8:0e:ff:01:6d:a9:0c:b1:
8f:2a:17:5f:47:50:72:09:9a:9a:06:71:8b:37:7c:
73:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7A:B0:DA:2F:37:4C:94:D5:65:BD:79:88:12:3A:B6:B7:97:F0:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64E41F68F41C11EFAC10914C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.193.0/24
Signature Algorithm: sha256WithRSAEncryption
70:2d:49:a4:bd:d9:95:d7:54:97:ee:d0:aa:87:5c:4a:f3:cd:
13:8d:61:4c:99:0a:14:d1:b0:7f:f5:7c:48:4c:49:41:e5:9c:
59:3f:17:16:ca:58:66:27:f9:b9:b2:11:d3:5b:e6:0f:25:b2:
9c:39:a0:e6:93:0e:8c:c8:50:6f:57:3f:44:cc:76:49:8d:1c:
37:16:80:8e:62:3c:1a:c5:9e:05:4d:24:36:9e:5e:1c:51:bb:
88:6e:b7:30:74:bc:ba:b3:c5:c1:0a:6f:4a:3c:c5:b6:dc:f2:
df:ef:7a:1e:10:5a:5d:86:35:0d:3f:d1:6d:1a:c0:94:b1:12:
ee:81:88:86:cd:7b:b3:67:4f:df:59:42:eb:2f:73:5f:0a:92:
3e:1d:28:68:c7:17:12:60:c8:48:d1:db:93:d2:46:37:4c:6a:
d7:aa:9d:eb:18:84:24:c0:f9:32:a3:57:9c:9b:8b:cd:ee:0e:
eb:57:cb:6a:82:b6:24:f3:4a:43:92:19:1d:9c:59:ec:20:5d:
83:ce:fb:86:fc:29:c1:91:dd:12:ad:cc:77:b8:9b:ca:4b:4d:
3b:9c:2a:b9:27:cb:1b:0f:cc:da:1e:b3:f8:1e:3d:dd:b4:20:
fe:5b:81:06:58:00:c7:aa:53:dc:9b:b0:98:f9:cf:3c:d6:66:
eb:5a:4d:32
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWFhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDgzMzQyWhcNMjYwMjE5MDgzMzQyWjAYMRYw
FAYDVQQDEw02N2JlZDFlYS0wNjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3ygqLIqTEYIINtNmg6juLuzk9d2SteT4XIklvBbI47CNp+ohVYQgN+5b
rWu+SYSiANkubHrgXprrBDEVo0TbIajK2QroqPBHxdblQ3PFid+nmwP00nTCh+9u
AeSLKs0Z6vtK9CX8F5EA1GJH1PCPy+vScELPdmSBcbfs5mk4rDSsBxLXYTp7Kaqm
FKeTh+f/hMxlv0k1Rvmz0ZaLDAp/wT8z85XFZUV4eVxu3cjxztchUpJCpthfSphR
x8M0eYMswa7wv9CTFzsg0x0tVm530CMLqgjkeOvcv7viTHetGw3UHFrSOYPHyA7/
AW2pDLGPKhdfR1ByCZqaBnGLN3xzXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJt6
sNovN0yU1WW9eYgSOra3l/CrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NEU0MUY2OEY0MUMxMUVGQUMxMDkxNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjBMA0GCSqGSIb3DQEB
CwUAA4IBAQBwLUmkvdmV11SX7tCqh1xK880TjWFMmQoU0bB/9XxITElB5ZxZPxcW
ylhmJ/m5shHTW+YPJbKcOaDmkw6MyFBvVz9EzHZJjRw3FoCOYjwaxZ4FTSQ2nl4c
UbuIbrcwdLy6s8XBCm9KPMW23PLf73oeEFpdhjUNP9FtGsCUsRLugYiGzXuzZ0/f
WULrL3NfCpI+HShoxxcSYMhI0duT0kY3TGrXqp3rGIQkwPkyo1ecm4vN7g7rV8tq
grYk80pDkhkdnFnsIF2DzvuG/CnBkd0Srcx3uJvKS007nCq5J8sbD8zaHrP4Hj3d
tCD+W4EGWADHqlPcm7CY+c881mbrWk0y
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:54:50 2025 by rpki-client