Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/684BE838F45E11EFA31D3799762E951A.roa
File: 684BE838F45E11EFA31D3799762E951A.roa (raw, json)
Hash identifier: Dk0ggr2JrtQm+g7MMknYwtQyGSfw+IsHO+Yzihv878A=
Subject key identifier: B3:D9:81:E9:5E:79:8E:AF:E2:FB:A4:9E:0B:41:20:4D:C0:4C:62:71
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016524
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/684BE838F45E11EFA31D3799762E951A.roa
Signing time: Wed 26 Feb 2025 16:26:19 +0000
ROA not before: Wed 26 Feb 2025 16:26:12 +0000
ROA not after: Sat 19 Feb 2028 16:26:12 +0000
asID: 17561
IP address blocks: 154.82.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91428 (0x16524)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 16:26:12 2025 GMT
Not After : Feb 19 16:26:12 2028 GMT
Subject: CN=67bf40ab-c519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:48:71:3b:bf:71:15:fa:8e:2e:39:5b:3a:c8:
48:db:fa:80:ce:e9:a3:50:4a:33:9c:4f:92:b8:54:
8c:7d:e9:41:52:bd:10:57:39:f3:a7:75:b7:11:0a:
31:fe:b1:41:18:94:b7:6e:ec:d9:0f:f8:3c:de:a6:
5f:e9:e3:94:92:6f:0c:dc:16:b6:ca:3e:2c:d2:2f:
01:3f:f1:77:54:84:cf:23:4b:c3:a6:0a:fb:ae:a0:
49:a6:ff:bb:3c:13:ea:f2:9e:46:37:4d:89:5f:d4:
e1:f0:2b:b6:44:c1:49:9b:58:73:43:51:59:2b:20:
a5:8b:e8:71:8f:f6:95:d8:d5:93:26:ca:4b:26:ae:
8b:62:1c:f9:e0:97:ed:1b:73:98:a3:1a:be:28:2d:
29:af:e6:b6:46:8b:31:ee:98:00:c8:ec:ee:dd:b1:
95:08:40:c0:7b:06:b9:c3:eb:a9:07:35:15:e7:c2:
ca:f4:f7:b6:53:52:53:38:ed:fb:c7:8f:64:5d:01:
0b:04:16:63:8d:d3:39:f9:54:82:20:27:27:68:eb:
cf:6b:7a:5d:f2:d1:3f:0d:52:2f:58:8f:98:27:72:
73:2e:c3:d7:63:37:18:ee:16:e3:e4:e8:f8:e2:75:
bf:96:16:ef:10:3d:f7:de:9d:d4:6e:ce:62:31:15:
c1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D9:81:E9:5E:79:8E:AF:E2:FB:A4:9E:0B:41:20:4D:C0:4C:62:71
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/684BE838F45E11EFA31D3799762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.254.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7a:66:f2:51:3b:af:2c:f2:d5:24:66:00:ea:4a:bb:c4:c5:
bd:c7:62:ad:6b:5f:5e:97:0d:b8:b2:fa:cc:28:e0:22:19:77:
42:ea:e9:49:10:8e:77:e5:c0:78:32:a8:0a:5a:04:2d:58:7a:
63:33:27:2a:84:da:8f:a6:bf:e6:8c:5d:12:b6:e4:ab:86:2f:
fa:59:c3:90:96:0c:de:ae:9d:33:ea:91:72:51:c0:b6:a8:21:
cb:3e:db:de:cb:d5:68:60:b1:3c:ce:0e:d3:d3:f9:9b:67:ce:
32:f4:b8:29:14:37:8d:ff:8f:2a:6a:8d:1d:a8:d2:53:ad:12:
ab:cd:90:48:ad:5d:e9:f8:10:f9:71:52:62:a3:cb:cf:c8:bc:
dd:23:2a:08:98:51:d9:d5:45:d0:d1:ba:b0:e6:3b:cc:a0:39:
56:f2:f9:45:13:e5:95:20:56:de:49:03:8b:91:3c:d1:f5:9f:
0a:24:e2:f3:d2:0a:75:b5:65:f4:4a:81:6d:b3:80:90:72:d1:
dd:c0:ec:a0:63:5a:41:1a:ea:a8:6f:62:7f:6d:61:2a:82:7a:
f6:4d:ac:9b:e0:c6:f2:88:b4:41:ca:5b:be:c7:9c:af:8b:76:
00:09:4d:99:4e:85:76:40:a0:16:ed:fe:75:b8:64:8a:50:78:
26:7b:44:9a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWUkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTYyNjEyWhcNMjgwMjE5MTYyNjEyWjAYMRYw
FAYDVQQDEw02N2JmNDBhYi1jNTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt0hxO79xFfqOLjlbOshI2/qAzumjUEoznE+SuFSMfelBUr0QVznzp3W3
EQox/rFBGJS3buzZD/g83qZf6eOUkm8M3Ba2yj4s0i8BP/F3VITPI0vDpgr7rqBJ
pv+7PBPq8p5GN02JX9Th8Cu2RMFJm1hzQ1FZKyCli+hxj/aV2NWTJspLJq6LYhz5
4JftG3OYoxq+KC0pr+a2Rosx7pgAyOzu3bGVCEDAewa5w+upBzUV58LK9Pe2U1JT
OO37x49kXQELBBZjjdM5+VSCICcnaOvPa3pd8tE/DVIvWI+YJ3JzLsPXYzcY7hbj
5Oj44nW/lhbvED333p3Ubs5iMRXB3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLPZ
geleeY6v4vukngtBIE3ATGJxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODRCRTgzOEY0NUUxMUVGQTMxRDM3OTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlL+MA0GCSqGSIb3DQEB
CwUAA4IBAQB3embyUTuvLPLVJGYA6kq7xMW9x2Kta19elw24svrMKOAiGXdC6ulJ
EI535cB4MqgKWgQtWHpjMycqhNqPpr/mjF0StuSrhi/6WcOQlgzerp0z6pFyUcC2
qCHLPtvey9VoYLE8zg7T0/mbZ84y9LgpFDeN/48qao0dqNJTrRKrzZBIrV3p+BD5
cVJio8vPyLzdIyoImFHZ1UXQ0bqw5jvMoDlW8vlFE+WVIFbeSQOLkTzR9Z8KJOLz
0gp1tWX0SoFts4CQctHdwOygY1pBGuqob2J/bWEqgnr2Tayb4MbyiLRBylu+x5yv
i3YACU2ZToV2QKAW7f51uGSKUHgme0Sa
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:09 2025 by rpki-client