Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65EA4980C93A11EF827C67AC762E951A.roa
File: 65EA4980C93A11EF827C67AC762E951A.roa (raw, json)
Hash identifier: MemqSTVj7ZW/FGQ6pPVA9UvJxxJNXVt8revL6+5q/nQ=
Subject key identifier: 3C:11:07:94:36:73:21:FE:67:18:BC:9C:65:4A:72:B3:94:70:19:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0133F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65EA4980C93A11EF827C67AC762E951A.roa
Signing time: Thu 02 Jan 2025 18:50:13 +0000
ROA not before: Thu 02 Jan 2025 18:50:09 +0000
ROA not after: Sat 13 Dec 2025 18:50:09 +0000
asID: 984
IP address blocks: 154.223.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78837 (0x133f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 18:50:09 2025 GMT
Not After : Dec 13 18:50:09 2025 GMT
Subject: CN=6776dfe5-4433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:76:7b:e2:02:3e:26:be:e5:1d:33:c9:a5:75:
50:c2:f6:4a:d2:32:eb:c0:9c:09:84:8f:5a:b5:b6:
4c:d2:a3:5f:da:e6:ce:d6:cf:ad:4a:80:78:03:40:
e7:7e:36:8f:6b:15:fd:b7:0b:92:33:ff:54:45:ef:
17:e4:23:da:72:5a:b2:c7:13:80:b6:76:36:3a:cd:
56:55:2a:00:60:dd:7f:be:c0:58:d1:85:cf:41:d2:
f7:f2:14:40:60:13:79:4c:b7:50:eb:3f:38:4e:b5:
f1:9d:ac:07:1f:07:12:bd:cb:2c:c6:ce:18:28:7a:
13:57:f4:c3:e8:80:65:d7:50:5c:91:cd:f2:fe:3d:
24:d4:9c:e2:2d:84:31:03:c5:cb:f2:47:1b:8a:2f:
35:86:a7:f7:47:2d:40:f3:87:4e:05:7c:52:5b:b7:
31:42:c6:89:94:fc:22:a9:9d:65:b0:ae:66:54:d9:
f1:eb:fb:cd:6b:e3:79:eb:6a:a1:59:58:ec:ff:d5:
19:5d:00:7b:10:be:a9:9d:7f:7d:dd:62:b7:4e:6f:
92:71:b8:ef:5b:02:5d:22:76:17:cf:1b:75:ed:b5:
1b:2d:1b:1a:ee:81:75:91:38:d4:f8:90:86:91:b1:
76:d6:4a:3c:0d:fa:9e:6f:d1:dd:53:35:d4:bb:1e:
8d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:11:07:94:36:73:21:FE:67:18:BC:9C:65:4A:72:B3:94:70:19:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65EA4980C93A11EF827C67AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.193.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:e1:35:d6:cd:46:22:33:6a:3f:13:20:a0:b4:c6:e1:f3:a8:
f7:2f:09:29:53:03:4e:e8:bc:6d:ae:0e:fc:0b:50:5a:1f:29:
9b:7b:c1:1e:09:98:91:9e:29:39:22:b4:73:a7:37:b7:3a:9a:
b4:80:b0:c6:85:f8:b0:31:24:69:cf:fd:4e:38:33:88:53:b2:
c1:d8:14:cf:37:cc:80:d4:c0:90:97:6a:65:27:2c:f3:ee:07:
c1:e2:80:be:af:e0:5b:f6:9a:63:22:87:be:a7:c5:a8:ca:94:
5b:ea:7f:6b:96:3b:99:48:72:89:41:89:db:37:88:3f:f6:4e:
98:b1:6e:a8:66:e2:22:44:18:84:f7:bc:c5:6f:fc:bc:c4:1f:
f2:2a:b9:8e:e0:97:96:04:3d:53:46:ff:fa:79:19:a9:09:e0:
7d:73:02:db:6e:c4:49:7b:db:77:65:6d:2c:ba:03:cc:47:f2:
ad:bd:d6:bb:6f:6a:d8:26:e1:79:dd:8d:89:8c:c7:9d:45:c5:
82:9e:52:cb:7d:b8:b9:33:0f:0b:5b:27:d5:c6:fe:da:05:02:
b2:d9:46:1f:f1:ff:7b:78:99:62:25:88:6f:30:1e:32:0d:8e:
00:31:5c:3c:f1:fd:9a:89:39:b0:de:43:ac:3a:0d:93:f1:df:
6d:68:aa:ae
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATP1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTg1MDA5WhcNMjUxMjEzMTg1MDA5WjAYMRYw
FAYDVQQDEw02Nzc2ZGZlNS00NDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt3Z74gI+Jr7lHTPJpXVQwvZK0jLrwJwJhI9atbZM0qNf2ubO1s+tSoB4
A0DnfjaPaxX9twuSM/9URe8X5CPaclqyxxOAtnY2Os1WVSoAYN1/vsBY0YXPQdL3
8hRAYBN5TLdQ6z84TrXxnawHHwcSvcssxs4YKHoTV/TD6IBl11Bckc3y/j0k1Jzi
LYQxA8XL8kcbii81hqf3Ry1A84dOBXxSW7cxQsaJlPwiqZ1lsK5mVNnx6/vNa+N5
62qhWVjs/9UZXQB7EL6pnX993WK3Tm+ScbjvWwJdInYXzxt17bUbLRsa7oF1kTjU
+JCGkbF21ko8Dfqeb9HdUzXUux6NmQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDwR
B5Q2cyH+Zxi8nGVKcrOUcBnMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NUVBNDk4MEM5M0ExMUVGODI3QzY3QUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/BMA0GCSqGSIb3DQEB
CwUAA4IBAQCz4TXWzUYiM2o/EyCgtMbh86j3LwkpUwNO6Lxtrg78C1BaHymbe8Ee
CZiRnik5IrRzpze3Opq0gLDGhfiwMSRpz/1OODOIU7LB2BTPN8yA1MCQl2plJyzz
7gfB4oC+r+Bb9ppjIoe+p8WoypRb6n9rljuZSHKJQYnbN4g/9k6YsW6oZuIiRBiE
97zFb/y8xB/yKrmO4JeWBD1TRv/6eRmpCeB9cwLbbsRJe9t3ZW0sugPMR/Ktvda7
b2rYJuF53Y2JjMedRcWCnlLLfbi5Mw8LWyfVxv7aBQKy2UYf8f97eJliJYhvMB4y
DY4AMVw88f2aiTmw3kOsOg2T8d9taKqu
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:56 2025 by rpki-client