Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/680FE574C93C11EF9D4150B7762E951A.roa
File: 680FE574C93C11EF9D4150B7762E951A.roa (raw, json)
Hash identifier: iXPeeCscJRHymlQJROEYbBto06A2vZ0hnl3Ikuv6RXY=
Subject key identifier: 2A:AF:00:52:8D:6A:2C:11:EE:7B:ED:79:86:81:92:F6:69:43:EB:4E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013405
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/680FE574C93C11EF9D4150B7762E951A.roa
Signing time: Thu 02 Jan 2025 19:04:35 +0000
ROA not before: Thu 02 Jan 2025 19:04:32 +0000
ROA not after: Sat 13 Dec 2025 19:04:32 +0000
asID: 984
IP address blocks: 154.223.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78853 (0x13405)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 19:04:32 2025 GMT
Not After : Dec 13 19:04:32 2025 GMT
Subject: CN=6776e343-3d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:78:86:11:8f:8e:21:6e:61:07:40:b3:fb:26:
da:d7:19:d5:ef:50:19:f5:fd:f2:e3:e4:79:df:8d:
df:3e:bd:28:1e:74:38:bf:11:ad:66:6c:38:9e:7d:
5d:c8:f5:9d:35:d1:eb:bc:bf:2d:c5:db:7a:6d:4f:
3f:53:ef:a5:0c:df:f6:03:2d:18:86:35:6a:8e:42:
66:39:ae:08:2e:f0:a4:2c:2f:0a:56:1c:d6:2a:b9:
ef:5e:1a:07:b3:09:5d:f0:a8:a6:ad:55:41:48:c0:
27:bc:ac:7b:bf:54:25:89:0c:42:30:c3:a3:44:7c:
dd:69:19:4b:c0:57:36:51:98:32:77:af:84:11:99:
ac:b4:e6:7c:ef:1b:1c:70:16:62:71:51:9f:0a:e8:
73:2d:3e:72:80:ce:d8:dc:59:f8:46:8d:ea:aa:81:
97:be:23:ab:80:31:1d:78:e9:84:b0:98:07:02:34:
53:45:9b:2c:c2:18:56:7d:67:b0:e0:8a:60:47:e5:
b8:49:85:9d:0c:01:1a:d4:76:5c:f7:6a:91:60:ed:
25:ff:4e:d1:cb:bc:41:a2:2b:b9:d1:f6:ce:20:79:
76:08:83:bb:2b:ab:53:68:d3:8a:88:46:f8:62:ed:
9a:d7:81:c1:3c:f1:de:94:55:f7:db:8c:4a:c5:00:
19:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AF:00:52:8D:6A:2C:11:EE:7B:ED:79:86:81:92:F6:69:43:EB:4E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/680FE574C93C11EF9D4150B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.230.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:7b:37:7b:cd:6e:cc:29:cd:31:f0:95:d5:41:8e:d7:b8:1b:
01:06:b3:c8:69:87:26:78:35:f0:aa:94:de:65:87:62:12:00:
17:f6:e8:8e:8e:8f:f4:ec:78:8b:fa:f8:20:88:2e:44:b5:c0:
41:68:cc:d8:bd:50:73:70:fd:b3:5c:a3:af:ba:02:92:fa:c4:
ea:e2:e3:40:3b:0c:d4:cb:e5:3f:47:08:6d:0c:28:96:14:06:
09:04:d8:58:82:68:79:52:ce:07:69:76:47:bf:1b:62:fe:35:
c2:5e:05:0d:6d:85:44:8e:d1:e3:a7:2a:7f:76:39:f1:12:05:
f3:13:6c:ad:fd:91:cc:25:13:97:41:35:51:a9:e8:9a:b9:32:
17:2b:8d:e2:5b:03:e1:05:33:b3:1a:20:4a:7f:38:24:fd:27:
5e:b4:13:9d:db:57:57:fe:46:c0:c2:f8:f4:c6:49:ea:6f:0b:
60:cf:45:3d:02:11:db:83:6b:74:13:b4:05:4c:b3:47:b6:c3:
81:5c:fa:c6:18:40:af:4d:5e:e9:ee:ac:7b:d0:dd:c7:f7:dd:
77:24:27:33:a5:da:b3:a4:73:c9:21:5f:13:7a:92:81:6b:43:
63:a5:c8:a2:a7:6d:ba:16:cd:86:6e:01:3d:29:5c:96:e4:8f:
58:25:87:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATQFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTkwNDMyWhcNMjUxMjEzMTkwNDMyWjAYMRYw
FAYDVQQDEw02Nzc2ZTM0My0zZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtniGEY+OIW5hB0Cz+yba1xnV71AZ9f3y4+R5343fPr0oHnQ4vxGtZmw4
nn1dyPWdNdHrvL8txdt6bU8/U++lDN/2Ay0YhjVqjkJmOa4ILvCkLC8KVhzWKrnv
XhoHswld8KimrVVBSMAnvKx7v1QliQxCMMOjRHzdaRlLwFc2UZgyd6+EEZmstOZ8
7xsccBZicVGfCuhzLT5ygM7Y3Fn4Ro3qqoGXviOrgDEdeOmEsJgHAjRTRZsswhhW
fWew4IpgR+W4SYWdDAEa1HZc92qRYO0l/07Ry7xBoiu50fbOIHl2CIO7K6tTaNOK
iEb4Yu2a14HBPPHelFX324xKxQAZFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCqv
AFKNaiwR7nvteYaBkvZpQ+tOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODBGRTU3NEM5M0MxMUVGOUQ0MTUwQjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/mMA0GCSqGSIb3DQEB
CwUAA4IBAQB7ezd7zW7MKc0x8JXVQY7XuBsBBrPIaYcmeDXwqpTeZYdiEgAX9uiO
jo/07HiL+vggiC5EtcBBaMzYvVBzcP2zXKOvugKS+sTq4uNAOwzUy+U/RwhtDCiW
FAYJBNhYgmh5Us4HaXZHvxti/jXCXgUNbYVEjtHjpyp/djnxEgXzE2yt/ZHMJROX
QTVRqeiauTIXK43iWwPhBTOzGiBKfzgk/SdetBOd21dX/kbAwvj0xknqbwtgz0U9
AhHbg2t0E7QFTLNHtsOBXPrGGECvTV7p7qx70N3H9913JCczpdqzpHPJIV8TepKB
a0Njpciip226Fs2GbgE9KVyW5I9YJYfc
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:45 2025 by rpki-client