Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/652BD4CE0B9C11F0BD8AF69E762E951A.roa
File: 652BD4CE0B9C11F0BD8AF69E762E951A.roa (raw, json)
Hash identifier: p+/UDV+KcsOpwiigy+jSIpEmMqutNMdILIO+M9fYeFU=
Subject key identifier: 7A:DE:1E:CF:EC:1D:36:1B:DD:92:94:FB:36:64:E5:28:28:F0:13:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01769A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/652BD4CE0B9C11F0BD8AF69E762E951A.roa
Signing time: Fri 28 Mar 2025 06:17:59 +0000
ROA not before: Fri 28 Mar 2025 06:17:55 +0000
ROA not after: Thu 17 Apr 2025 06:17:55 +0000
asID: 400619
IP address blocks: 154.210.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95898 (0x1769a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 28 06:17:55 2025 GMT
Not After : Apr 17 06:17:55 2025 GMT
Subject: CN=67e63f17-bd34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:65:79:cb:f5:b1:ab:54:23:61:62:68:5c:41:
b4:ef:b5:99:d3:ac:37:41:f1:86:ad:7d:d2:f8:34:
54:45:67:8e:0c:0c:b0:ef:0d:15:5b:4f:5e:43:58:
3f:28:b8:d2:27:48:63:0e:7f:d5:1b:ca:72:56:8a:
a7:a1:2a:e7:15:38:4b:f1:95:b5:f0:45:5d:55:f2:
6c:74:7d:f9:3f:1d:c5:12:88:21:3d:14:3f:f4:cd:
a1:fb:8e:43:e7:96:ab:d4:84:01:5f:29:68:bf:ee:
dd:be:db:3c:b8:39:85:28:4c:ba:c1:37:7b:35:3f:
80:f6:43:c9:28:cb:52:30:85:53:ff:4e:48:01:92:
30:4f:63:ba:ae:c7:b3:8e:3b:19:64:be:88:ba:ec:
2e:27:35:c0:aa:e3:9b:03:aa:79:8c:f1:37:12:e3:
6d:27:cc:9d:74:9d:64:e7:6a:97:d9:53:ae:9d:ef:
8b:03:ae:8a:b2:45:28:c0:7c:8d:d5:a9:e5:7c:9b:
f4:7c:41:5a:88:4f:45:f4:e1:9e:0b:7e:46:26:94:
91:f5:2b:e0:df:00:b9:67:9a:04:f0:1b:d8:5a:c2:
56:b3:ee:88:c9:2e:9a:6f:04:b8:36:0c:dc:5b:cd:
12:69:33:fd:65:51:93:bd:e0:e5:d5:44:e8:08:19:
a6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:DE:1E:CF:EC:1D:36:1B:DD:92:94:FB:36:64:E5:28:28:F0:13:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/652BD4CE0B9C11F0BD8AF69E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.16.0/20
Signature Algorithm: sha256WithRSAEncryption
66:3f:f4:a5:75:21:ee:6c:d4:f9:20:03:71:79:38:2b:1a:fa:
af:7a:21:39:da:1b:bd:f0:10:01:48:0c:af:50:84:be:65:f1:
d9:c1:8c:ec:f2:09:66:25:bb:78:6a:fe:31:d4:da:d3:8a:2d:
af:8f:e5:1d:c5:73:cd:d6:b5:12:ff:b3:97:24:33:5c:b5:d7:
bf:5b:92:ce:46:36:69:06:a2:66:29:58:2a:91:0a:31:e1:41:
dd:97:7e:9b:5f:02:34:b6:8a:c5:72:60:e0:1a:7d:6d:cc:4d:
dd:38:be:2f:c5:70:da:a4:89:d4:bc:41:96:b4:f9:cf:9e:f7:
5a:c3:d1:dc:e7:f3:1f:40:96:d7:41:dc:4a:f4:14:30:53:23:
b6:8a:51:f6:df:0f:98:44:f1:8b:cd:97:04:bd:2f:e3:f7:21:
31:42:76:aa:1d:61:5a:25:8c:f1:6a:ff:fb:e3:bb:58:3b:d0:
f4:a4:de:fe:24:27:57:55:9a:4b:ce:bb:32:9e:6f:58:32:32:
e0:cf:57:ce:43:86:9a:4a:8c:26:e8:10:42:9a:40:f0:c0:79:
41:40:ee:23:ff:11:36:2c:18:96:cf:50:04:92:e0:35:b6:82:
d9:03:89:cd:f1:4f:51:08:59:db:67:7e:1b:53:ff:7a:68:b2:
b3:f5:3b:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXaaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI4MDYxNzU1WhcNMjUwNDE3MDYxNzU1WjAYMRYw
FAYDVQQDEw02N2U2M2YxNy1iZDM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv2V5y/Wxq1QjYWJoXEG077WZ06w3QfGGrX3S+DRURWeODAyw7w0VW09e
Q1g/KLjSJ0hjDn/VG8pyVoqnoSrnFThL8ZW18EVdVfJsdH35Px3FEoghPRQ/9M2h
+45D55ar1IQBXylov+7dvts8uDmFKEy6wTd7NT+A9kPJKMtSMIVT/05IAZIwT2O6
rsezjjsZZL6IuuwuJzXAquObA6p5jPE3EuNtJ8yddJ1k52qX2VOune+LA66KskUo
wHyN1anlfJv0fEFaiE9F9OGeC35GJpSR9Svg3wC5Z5oE8BvYWsJWs+6IyS6abwS4
NgzcW80SaTP9ZVGTveDl1UToCBmm6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHre
Hs/sHTYb3ZKU+zZk5Sgo8BO/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NTJCRDRDRTBCOUMxMUYwQkQ4QUY2OUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtIQMA0GCSqGSIb3DQEB
CwUAA4IBAQBmP/SldSHubNT5IANxeTgrGvqveiE52hu98BABSAyvUIS+ZfHZwYzs
8glmJbt4av4x1NrTii2vj+UdxXPN1rUS/7OXJDNctde/W5LORjZpBqJmKVgqkQox
4UHdl36bXwI0torFcmDgGn1tzE3dOL4vxXDapInUvEGWtPnPnvdaw9Hc5/MfQJbX
QdxK9BQwUyO2ilH23w+YRPGLzZcEvS/j9yExQnaqHWFaJYzxav/747tYO9D0pN7+
JCdXVZpLzrsynm9YMjLgz1fOQ4aaSowm6BBCmkDwwHlBQO4j/xE2LBiWz1AEkuA1
toLZA4nN8U9RCFnbZ34bU/96aLKz9Tub
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:46:43 2025 by rpki-client