Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67FDB9DEFB3811EFAAADDC43762E951A.roa
File: 67FDB9DEFB3811EFAAADDC43762E951A.roa (raw, json)
Hash identifier: AM2bSkjWMSxZtkUHU5aBus2iZYr0q5VdYsJr9yUFMb0=
Subject key identifier: 3C:FB:A2:03:CB:FE:29:09:0D:53:08:33:DE:B4:1A:1F:C9:0E:67:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172EF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67FDB9DEFB3811EFAAADDC43762E951A.roa
Signing time: Fri 07 Mar 2025 09:41:55 +0000
ROA not before: Fri 07 Mar 2025 09:41:51 +0000
ROA not after: Tue 08 Jul 2025 09:41:51 +0000
asID: 55020
IP address blocks: 154.204.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94959 (0x172ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 7 09:41:51 2025 GMT
Not After : Jul 8 09:41:51 2025 GMT
Subject: CN=67cabf63-ac33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:87:8c:89:fd:07:fe:57:dd:15:91:2e:13:d4:
d2:e6:a5:7b:be:24:cb:b3:e1:09:9a:60:0e:e7:0a:
94:b1:f5:f4:f4:66:b5:86:f4:a1:3b:c1:14:17:95:
57:48:e3:5d:12:43:71:87:4e:3b:24:79:8c:b4:f2:
0a:3a:53:86:ec:8e:30:bf:da:0f:9c:2e:56:4a:ca:
e7:e8:eb:40:c5:9a:5c:a0:23:f7:9d:43:47:da:09:
a1:a9:eb:ef:f1:ea:aa:31:54:14:25:fb:0d:67:8b:
9c:90:07:f1:29:43:59:d2:4d:c5:92:4c:81:87:70:
5d:65:33:f7:8e:e3:dd:0d:d6:cb:6b:7d:b2:59:31:
37:d1:66:bf:66:79:b2:04:f4:b4:7d:b3:77:a5:15:
1c:8b:ed:57:65:7f:e9:cd:e9:9f:43:36:38:99:09:
a8:6d:8e:64:0b:66:42:f0:77:06:6a:7b:41:2c:28:
d9:5f:d3:9d:ba:16:00:2f:7f:b8:74:cd:a9:79:ce:
9d:13:62:10:7a:66:51:2b:0d:12:7f:4c:df:21:43:
9d:c4:07:1e:2b:b6:95:ec:e5:88:51:7a:5c:fd:62:
76:f4:fe:ff:7e:3d:16:66:f8:73:aa:8f:95:e8:7a:
f0:08:e5:c2:9a:58:2d:c1:4c:09:d2:a0:c2:2e:47:
c3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:FB:A2:03:CB:FE:29:09:0D:53:08:33:DE:B4:1A:1F:C9:0E:67:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67FDB9DEFB3811EFAAADDC43762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.128.0/18
Signature Algorithm: sha256WithRSAEncryption
a8:87:2f:ae:fe:fd:1c:d7:d2:ef:43:b8:7f:a3:7b:0e:94:fa:
04:49:56:99:66:39:24:0c:ee:2f:38:3c:1b:e8:37:ec:72:a4:
e9:6f:8f:22:80:56:d1:a0:3f:c7:d9:cb:e1:f9:68:e4:5e:fa:
32:7c:f0:81:eb:70:d9:08:86:04:5e:21:ff:2a:6a:2d:09:a0:
55:13:73:22:16:50:ba:5c:d9:f7:e5:69:d6:25:7e:fa:45:15:
da:83:f7:1c:c0:ac:8f:85:5e:97:ba:ce:01:0a:e1:47:70:40:
a1:66:96:6b:d9:69:11:92:7a:a4:d9:be:96:dc:b4:7a:83:53:
34:91:7f:92:61:97:10:5e:b4:db:e6:d9:1d:ac:9e:bc:73:8e:
b9:26:c1:18:44:da:22:50:b1:e0:b4:51:44:3b:82:be:ac:fa:
49:eb:75:d7:30:b2:a0:49:69:b9:68:07:21:43:68:75:c6:65:
35:45:14:67:1e:79:bc:35:16:c6:0b:49:be:d4:46:4d:b6:5d:
24:d8:79:e0:e3:4e:43:cd:0e:e7:72:cf:4c:4f:5c:73:d4:21:
5e:6d:96:a2:d7:06:cc:72:a0:3d:f1:b2:4b:2d:9e:9f:07:80:
31:57:45:46:2e:1f:4d:18:7d:d7:af:9b:3e:a6:b4:95:98:eb:
dd:72:64:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXLvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA3MDk0MTUxWhcNMjUwNzA4MDk0MTUxWjAYMRYw
FAYDVQQDEw02N2NhYmY2My1hYzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3oeMif0H/lfdFZEuE9TS5qV7viTLs+EJmmAO5wqUsfX09Ga1hvShO8EU
F5VXSONdEkNxh047JHmMtPIKOlOG7I4wv9oPnC5WSsrn6OtAxZpcoCP3nUNH2gmh
qevv8eqqMVQUJfsNZ4uckAfxKUNZ0k3FkkyBh3BdZTP3juPdDdbLa32yWTE30Wa/
ZnmyBPS0fbN3pRUci+1XZX/pzemfQzY4mQmobY5kC2ZC8HcGantBLCjZX9OduhYA
L3+4dM2pec6dE2IQemZRKw0Sf0zfIUOdxAceK7aV7OWIUXpc/WJ29P7/fj0WZvhz
qo+V6HrwCOXCmlgtwUwJ0qDCLkfDUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDz7
ogPL/ikJDVMIM960Gh/JDmdSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82N0ZEQjlERUZCMzgxMUVGQUFBRERDNDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsyAMA0GCSqGSIb3DQEB
CwUAA4IBAQCohy+u/v0c19LvQ7h/o3sOlPoESVaZZjkkDO4vODwb6DfscqTpb48i
gFbRoD/H2cvh+WjkXvoyfPCB63DZCIYEXiH/KmotCaBVE3MiFlC6XNn35WnWJX76
RRXag/ccwKyPhV6Xus4BCuFHcEChZpZr2WkRknqk2b6W3LR6g1M0kX+SYZcQXrTb
5tkdrJ68c465JsEYRNoiULHgtFFEO4K+rPpJ63XXMLKgSWm5aAchQ2h1xmU1RRRn
Hnm8NRbGC0m+1EZNtl0k2Hng405DzQ7ncs9MT1xz1CFebZai1wbMcqA98bJLLZ6f
B4AxV0VGLh9NGH3Xr5s+prSVmOvdcmQc
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:57 2025 by rpki-client