Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/693EDE72D2E311EFAD543187762E951A.roa
File: 693EDE72D2E311EFAD543187762E951A.roa (raw, json)
Hash identifier: x2ZIMJbqUm4ynfL2IHXl9PrWFW1xEz/xAsPFt1BX6OA=
Subject key identifier: 05:7B:59:C6:A6:A4:C6:A9:BF:57:ED:57:F3:34:46:A9:91:EA:D4:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B7E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/693EDE72D2E311EFAD543187762E951A.roa
Signing time: Wed 15 Jan 2025 01:52:44 +0000
ROA not before: Wed 15 Jan 2025 01:52:40 +0000
ROA not after: Sat 03 Jan 2026 01:52:40 +0000
asID: 984
IP address blocks: 154.200.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80766 (0x13b7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 01:52:40 2025 GMT
Not After : Jan 3 01:52:40 2026 GMT
Subject: CN=678714ec-efe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:99:31:fb:0e:a3:5e:f4:0a:7d:29:95:ae:0c:
e3:97:86:d6:4c:71:ff:dd:23:1e:2c:17:c0:7c:c9:
1a:22:3c:06:eb:67:59:6a:49:59:19:5c:2e:5f:ed:
3c:d9:ef:73:ba:5f:45:4a:ee:06:d7:43:ab:c9:54:
33:67:f0:2c:77:1b:15:00:6f:e5:e5:bc:76:38:9a:
ee:71:82:c2:cd:a9:7f:9b:98:2a:6a:87:02:a0:c6:
0d:f6:9c:ec:95:c1:d2:91:bd:5c:88:c1:71:57:77:
7d:f7:1b:59:80:ae:03:2b:d5:59:5c:de:4d:a8:0b:
b4:51:5b:c2:d3:db:fa:05:ab:10:0e:37:63:20:35:
0e:dd:da:d8:0b:00:de:06:71:bf:14:2e:56:5a:48:
45:5c:1a:fc:ab:f0:32:c6:8f:cb:54:a8:e7:79:43:
51:00:60:72:08:6c:44:b1:1f:11:95:98:d3:31:9a:
24:6c:be:f7:be:c5:0e:29:aa:24:fd:fe:1b:3a:d5:
2d:8e:67:6c:d9:97:dc:94:52:d7:fb:2d:55:5e:d9:
a2:d0:89:b8:74:52:06:1e:da:42:31:ad:8e:86:cd:
77:4a:25:91:a6:71:87:0d:cc:38:67:1a:dc:55:d7:
18:75:0c:a2:41:3f:06:f9:83:9c:11:cd:39:cc:d6:
6c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:7B:59:C6:A6:A4:C6:A9:BF:57:ED:57:F3:34:46:A9:91:EA:D4:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/693EDE72D2E311EFAD543187762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.255.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:dc:29:6d:21:cd:cb:e9:7e:f0:df:d8:5b:f0:0b:e3:ba:36:
2d:a6:7d:97:da:e2:9b:7e:98:5a:d6:00:a5:e5:cb:36:5a:83:
22:64:e6:6f:f0:c5:ea:4d:68:90:03:1b:3a:59:ce:9c:64:39:
7e:34:e1:67:fd:a5:b2:6f:78:0a:24:2b:a8:30:a7:99:71:ad:
3b:f4:89:2f:ff:af:9b:8b:7f:03:3c:42:cd:e7:85:fc:51:c6:
6f:13:91:14:7d:4c:c3:a3:34:58:a1:97:ac:10:89:be:5d:c3:
f7:09:5a:09:0b:2a:28:f9:47:3a:6d:c3:d7:73:51:f8:c8:ac:
da:2e:23:16:1d:ba:2d:3c:8f:b9:53:1a:35:b7:24:83:be:e5:
cb:2a:37:c1:3a:70:97:0a:61:e9:33:94:69:ee:5e:d6:e3:0e:
14:06:90:16:9d:85:cd:9b:5b:9a:29:af:15:98:cc:cb:e1:8d:
44:d5:99:45:c9:87:80:61:78:81:14:41:ea:b5:ff:c6:6c:ee:
dc:39:ea:29:a3:6e:95:f0:ce:c8:6c:f0:dd:3b:e6:89:e6:f7:
ad:4b:b3:99:f0:b6:91:97:29:dc:46:e2:1b:9d:b2:b4:bf:9f:
9c:a8:40:52:49:d7:51:56:b3:b1:cc:71:5a:b8:a9:4d:3f:b8:
3b:e6:05:43
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATt+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDE1MjQwWhcNMjYwMTAzMDE1MjQwWjAYMRYw
FAYDVQQDEw02Nzg3MTRlYy1lZmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnZkx+w6jXvQKfSmVrgzjl4bWTHH/3SMeLBfAfMkaIjwG62dZaklZGVwu
X+082e9zul9FSu4G10OryVQzZ/AsdxsVAG/l5bx2OJrucYLCzal/m5gqaocCoMYN
9pzslcHSkb1ciMFxV3d99xtZgK4DK9VZXN5NqAu0UVvC09v6BasQDjdjIDUO3drY
CwDeBnG/FC5WWkhFXBr8q/Ayxo/LVKjneUNRAGByCGxEsR8RlZjTMZokbL73vsUO
Kaok/f4bOtUtjmds2ZfclFLX+y1VXtmi0Im4dFIGHtpCMa2Ohs13SiWRpnGHDcw4
ZxrcVdcYdQyiQT8G+YOcEc05zNZsgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAV7
WcampMapv1ftV/M0RqmR6tSfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OTNFREU3MkQyRTMxMUVGQUQ1NDMxODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsj/MA0GCSqGSIb3DQEB
CwUAA4IBAQA73CltIc3L6X7w39hb8AvjujYtpn2X2uKbfpha1gCl5cs2WoMiZOZv
8MXqTWiQAxs6Wc6cZDl+NOFn/aWyb3gKJCuoMKeZca079Ikv/6+bi38DPELN54X8
UcZvE5EUfUzDozRYoZesEIm+XcP3CVoJCyoo+Uc6bcPXc1H4yKzaLiMWHbotPI+5
Uxo1tySDvuXLKjfBOnCXCmHpM5Rp7l7W4w4UBpAWnYXNm1uaKa8VmMzL4Y1E1ZlF
yYeAYXiBFEHqtf/GbO7cOeopo26V8M7IbPDdO+aJ5vetS7OZ8LaRlyncRuIbnbK0
v5+cqEBSSddRVrOxzHFauKlNP7g75gVD
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:21 2025 by rpki-client