Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6709C2D8F46D11EFBFCC9D83762E951A.roa
File: 6709C2D8F46D11EFBFCC9D83762E951A.roa (raw, json)
Hash identifier: orTkywbTKdn8KXdKWbDYf1BH2JzqjBhAmaKIdYeKLe8=
Subject key identifier: 77:AA:4A:B2:9E:C5:95:F5:2A:EA:CC:DF:32:3D:8A:E2:2A:E4:B6:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016552
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6709C2D8F46D11EFBFCC9D83762E951A.roa
Signing time: Wed 26 Feb 2025 18:13:39 +0000
ROA not before: Wed 26 Feb 2025 18:13:35 +0000
ROA not after: Sat 19 Feb 2028 18:13:35 +0000
asID: 17561
IP address blocks: 154.201.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91474 (0x16552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 18:13:35 2025 GMT
Not After : Feb 19 18:13:35 2028 GMT
Subject: CN=67bf59d3-37fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:74:f8:a6:76:00:d3:f5:b3:12:d1:d1:f1:11:
a6:94:0a:d1:f5:48:c6:14:e1:4f:33:3b:2d:29:c5:
9b:8a:9e:e6:0f:d9:a8:92:15:9c:cf:d1:2c:85:62:
8f:b6:09:a4:03:55:32:5e:4f:eb:9a:ab:0d:fe:69:
c4:a2:8d:16:92:e2:8a:ee:17:38:9e:07:98:94:71:
a3:15:90:d8:15:ae:23:81:f6:38:3e:e1:be:7a:19:
4f:50:8d:97:39:6f:ae:32:d0:0f:4d:7f:ee:a0:8e:
ec:93:59:a8:49:2e:f1:7a:8e:78:ef:44:e6:37:eb:
0d:c5:db:2c:f7:d8:32:60:1e:25:ba:37:b3:39:a5:
26:c1:ac:f3:88:23:1d:5d:64:a0:b2:aa:45:e9:25:
eb:4b:1a:8b:22:76:c5:0c:f5:4c:81:c6:e3:4f:62:
1e:34:d6:8f:df:ca:7c:bf:0c:ce:e5:1e:f2:44:5a:
99:86:9c:9f:e7:d8:5a:d1:bb:ed:a9:bd:94:e4:21:
46:38:e4:45:c3:f7:e5:16:66:e0:c2:5c:3c:a8:ac:
01:ae:11:39:1c:b1:ae:a3:88:99:f6:84:f6:bd:4a:
22:c5:35:4a:aa:81:40:85:b6:66:51:33:74:12:a0:
99:28:a5:af:de:df:f7:1f:91:c7:36:98:b1:01:ec:
54:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AA:4A:B2:9E:C5:95:F5:2A:EA:CC:DF:32:3D:8A:E2:2A:E4:B6:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6709C2D8F46D11EFBFCC9D83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.12.0/24
Signature Algorithm: sha256WithRSAEncryption
04:82:7a:d5:fa:8a:d3:3a:80:82:3d:df:43:0b:4c:f3:00:1d:
02:07:b7:46:41:4e:63:ac:84:a6:4a:e6:3e:55:9e:93:c4:a0:
d9:83:3e:e0:be:0d:6d:2c:41:c6:59:bf:1e:ec:a3:e1:86:28:
26:b8:23:8a:73:9f:bd:4f:0d:f4:f6:8d:e5:31:89:eb:4f:0e:
d6:3f:7d:c6:bd:43:d3:60:2d:be:45:a0:73:ae:6e:ae:ac:55:
11:c8:0b:54:25:4c:25:b3:df:9d:4a:f7:2f:72:e4:f6:09:7a:
ab:26:cd:5f:01:71:b4:92:a0:a8:57:97:f3:21:48:c0:2a:c7:
e2:a1:68:f9:37:48:ab:e2:97:e9:b0:10:60:ee:28:02:b0:a3:
5e:50:9a:a6:0b:fe:8e:7a:df:9f:9b:d0:23:0b:37:19:a3:31:
aa:de:a2:b6:03:f4:b7:7e:98:ac:e1:85:e7:6b:38:79:4b:33:
02:cd:d1:06:64:eb:c9:f1:e9:f2:95:2e:4a:9d:ea:da:02:cd:
3b:90:98:f9:b0:71:52:48:cb:b3:86:27:26:11:d8:87:a7:b6:
b5:70:4d:f4:17:5c:d4:9b:03:2a:b1:60:c6:d1:aa:c0:5b:d1:
06:50:a9:a8:f3:e4:9a:d1:6d:c3:37:f6:77:01:02:b0:13:d6:
96:81:ab:51
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWVSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTgxMzM1WhcNMjgwMjE5MTgxMzM1WjAYMRYw
FAYDVQQDEw02N2JmNTlkMy0zN2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwXT4pnYA0/WzEtHR8RGmlArR9UjGFOFPMzstKcWbip7mD9mokhWcz9Es
hWKPtgmkA1UyXk/rmqsN/mnEoo0WkuKK7hc4ngeYlHGjFZDYFa4jgfY4PuG+ehlP
UI2XOW+uMtAPTX/uoI7sk1moSS7xeo5470TmN+sNxdss99gyYB4lujezOaUmwazz
iCMdXWSgsqpF6SXrSxqLInbFDPVMgcbjT2IeNNaP38p8vwzO5R7yRFqZhpyf59ha
0bvtqb2U5CFGOORFw/flFmbgwlw8qKwBrhE5HLGuo4iZ9oT2vUoixTVKqoFAhbZm
UTN0EqCZKKWv3t/3H5HHNpixAexUOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHeq
SrKexZX1KurM3zI9iuIq5LbaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NzA5QzJEOEY0NkQxMUVGQkZDQzlEODM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmskMMA0GCSqGSIb3DQEB
CwUAA4IBAQAEgnrV+orTOoCCPd9DC0zzAB0CB7dGQU5jrISmSuY+VZ6TxKDZgz7g
vg1tLEHGWb8e7KPhhigmuCOKc5+9Tw309o3lMYnrTw7WP33GvUPTYC2+RaBzrm6u
rFURyAtUJUwls9+dSvcvcuT2CXqrJs1fAXG0kqCoV5fzIUjAKsfioWj5N0ir4pfp
sBBg7igCsKNeUJqmC/6Oet+fm9AjCzcZozGq3qK2A/S3fpis4YXnazh5SzMCzdEG
ZOvJ8enylS5KneraAs07kJj5sHFSSMuzhicmEdiHp7a1cE30F1zUmwMqsWDG0arA
W9EGUKmo8+Sa0W3DN/Z3AQKwE9aWgatR
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:43:53 2025 by rpki-client