Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/684F56F80A1111F0BE1B17BF762E951A.roa
File: 684F56F80A1111F0BE1B17BF762E951A.roa (raw, json)
Hash identifier: lE0QoIggQEeFuLBAni6PlLnaMWmA2bQ+u4ZZ4lapZek=
Subject key identifier: 51:DB:A5:FE:61:8C:CF:59:37:17:90:1B:18:32:2A:84:B0:E7:D2:CE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01764D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/684F56F80A1111F0BE1B17BF762E951A.roa
Signing time: Wed 26 Mar 2025 07:10:33 +0000
ROA not before: Wed 26 Mar 2025 07:10:29 +0000
ROA not after: Sat 05 Apr 2025 07:10:29 +0000
asID: 142286
IP address blocks: 154.89.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 07:10:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95821 (0x1764d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 26 07:10:29 2025 GMT
Not After : Apr 5 07:10:29 2025 GMT
Subject: CN=67e3a869-f28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6a:9f:f0:fa:d2:d6:02:9e:a5:87:3f:31:45:
62:0d:35:db:5f:3e:c0:18:5a:77:33:82:44:c8:86:
fe:e9:2a:96:e5:21:db:e5:77:00:d9:fc:30:66:a8:
3a:cf:62:26:57:1e:ee:d0:b8:a7:87:5f:2f:a1:ad:
0f:be:37:2a:87:de:1f:06:e2:3e:d1:5e:3a:42:ff:
a1:a1:df:09:2b:ae:7d:a3:76:73:d4:94:c4:ef:b3:
ae:47:8d:26:09:82:39:38:c5:da:ac:32:b1:ee:e0:
4b:c9:3c:8c:df:3d:5a:fd:8d:12:37:3b:d1:5e:02:
d6:61:d9:e3:70:e0:08:67:fd:30:98:c9:dd:7d:c6:
31:65:43:b4:da:5c:ac:6a:17:c1:d3:2b:13:05:06:
53:0d:4f:bd:d6:cc:57:df:b8:2e:eb:0d:66:ac:e2:
ce:36:4c:82:2e:9a:eb:9a:03:d0:fd:2e:74:ef:3b:
b4:89:13:07:de:6d:d6:5b:d1:76:8f:02:3b:87:e6:
44:b5:bc:92:76:a5:12:ec:3f:44:bd:6e:0d:cc:5c:
22:1c:0a:07:cb:42:6c:ab:2b:ae:6a:e5:bc:36:03:
56:49:cc:d1:aa:d5:05:a5:db:0f:f8:27:db:ad:9c:
99:a3:e6:42:33:2a:40:a3:bf:e7:af:cb:14:0b:58:
0e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:DB:A5:FE:61:8C:CF:59:37:17:90:1B:18:32:2A:84:B0:E7:D2:CE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/684F56F80A1111F0BE1B17BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.64.0/18
Signature Algorithm: sha256WithRSAEncryption
90:a4:81:30:d8:80:c1:0c:c3:78:60:46:11:48:43:27:a7:56:
bf:b4:92:37:34:88:10:05:4f:2a:22:4f:40:66:44:56:49:f7:
c7:bc:16:51:34:e7:d7:18:e9:a0:fc:44:6b:ff:4f:7e:c0:63:
ad:f2:b0:9f:2e:64:16:81:8c:47:c4:0c:ce:f9:c2:41:03:c1:
fa:7c:28:12:6b:27:fd:f7:33:49:95:12:cf:da:18:18:3c:1b:
85:fe:dd:91:59:6c:49:a5:5e:c9:94:a3:38:13:bd:ec:18:fd:
c4:59:34:e4:84:92:f6:c0:e9:b5:f1:e3:b5:d5:80:33:04:1f:
26:3c:a8:52:6e:ef:16:b6:ce:06:11:6e:00:c0:30:3b:f6:34:
44:85:17:77:d1:95:2c:00:de:0d:18:94:7e:5c:f9:0c:c2:8c:
63:4b:81:2c:2a:99:b3:67:35:f7:c2:e3:a7:9e:56:10:63:06:
3b:bf:aa:60:e3:e2:0d:7d:b8:5c:43:f7:0d:a0:35:ab:dc:12:
49:25:12:a8:cb:17:e0:e5:b5:2c:c3:ee:01:3f:f1:42:68:cf:
75:10:01:c0:26:2b:df:fe:fb:fa:16:21:de:64:16:c8:a1:11:
22:29:e3:23:e8:5d:be:76:ac:02:39:ce:58:94:ed:7d:6d:6e:
99:e3:40:be
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXZNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI2MDcxMDI5WhcNMjUwNDA1MDcxMDI5WjAYMRYw
FAYDVQQDEw02N2UzYTg2OS1mMjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApWqf8PrS1gKepYc/MUViDTXbXz7AGFp3M4JEyIb+6SqW5SHb5XcA2fww
Zqg6z2ImVx7u0Linh18voa0Pvjcqh94fBuI+0V46Qv+hod8JK659o3Zz1JTE77Ou
R40mCYI5OMXarDKx7uBLyTyM3z1a/Y0SNzvRXgLWYdnjcOAIZ/0wmMndfcYxZUO0
2lysahfB0ysTBQZTDU+91sxX37gu6w1mrOLONkyCLprrmgPQ/S507zu0iRMH3m3W
W9F2jwI7h+ZEtbySdqUS7D9EvW4NzFwiHAoHy0JsqyuuauW8NgNWSczRqtUFpdsP
+CfbrZyZo+ZCMypAo7/nr8sUC1gOsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFHb
pf5hjM9ZNxeQGxgyKoSw59LOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODRGNTZGODBBMTExMUYwQkUxQjE3QkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmllAMA0GCSqGSIb3DQEB
CwUAA4IBAQCQpIEw2IDBDMN4YEYRSEMnp1a/tJI3NIgQBU8qIk9AZkRWSffHvBZR
NOfXGOmg/ERr/09+wGOt8rCfLmQWgYxHxAzO+cJBA8H6fCgSayf99zNJlRLP2hgY
PBuF/t2RWWxJpV7JlKM4E73sGP3EWTTkhJL2wOm18eO11YAzBB8mPKhSbu8Wts4G
EW4AwDA79jREhRd30ZUsAN4NGJR+XPkMwoxjS4EsKpmzZzX3wuOnnlYQYwY7v6pg
4+INfbhcQ/cNoDWr3BJJJRKoyxfg5bUsw+4BP/FCaM91EAHAJivf/vv6FiHeZBbI
oREiKeMj6F2+dqwCOc5YlO19bW6Z40C+
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:46 2025 by rpki-client