Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69EA1FC20B9A11F0B5FA0492762E951A.roa
File: 69EA1FC20B9A11F0B5FA0492762E951A.roa (raw, json)
Hash identifier: 6kXFzCn7secRG+aeX5f3hBW/1MX6mFGMK265MtN/dcM=
Subject key identifier: 21:86:80:98:68:A8:56:41:7C:EB:D5:BC:91:34:5C:06:29:5D:2B:46
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017696
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69EA1FC20B9A11F0B5FA0492762E951A.roa
Signing time: Fri 28 Mar 2025 06:03:48 +0000
ROA not before: Fri 28 Mar 2025 06:03:44 +0000
ROA not after: Thu 17 Apr 2025 06:03:44 +0000
asID: 55020
IP address blocks: 154.222.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95894 (0x17696)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 28 06:03:44 2025 GMT
Not After : Apr 17 06:03:44 2025 GMT
Subject: CN=67e63bc4-7379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a2:06:09:e8:0b:20:cf:c3:ea:e7:ec:92:e5:
18:0e:32:5e:2d:f5:d4:88:31:20:20:90:23:07:1e:
e8:3b:f1:2e:d6:ce:ea:62:f9:aa:b3:44:c8:cb:63:
00:a9:bf:cb:ce:a5:38:b3:57:f0:98:2d:b4:b7:a7:
49:bd:06:e1:ed:3c:1a:8e:10:08:d6:29:e0:23:6c:
c6:b2:f5:79:1f:1f:74:da:b1:d2:14:c6:98:1c:57:
17:cd:7a:e6:54:eb:bd:59:93:4e:5b:03:f2:56:20:
15:d3:f4:1e:99:fb:36:1f:a9:90:4a:49:74:ad:49:
25:23:14:36:a8:77:48:6b:3d:e1:69:bf:18:d8:b8:
a0:34:6a:37:60:ff:3a:89:fc:4c:32:7c:35:7b:62:
b0:8c:6d:bf:2a:76:03:f0:c1:36:07:11:48:e4:10:
ff:2f:17:bb:06:53:95:72:61:25:14:1d:4a:fa:7c:
81:fc:46:b9:c5:0f:ae:34:65:44:da:14:36:2c:71:
7a:db:2b:81:95:cb:1f:20:a5:01:0c:08:76:7e:f9:
f6:52:ba:e6:71:9d:9e:30:0a:16:99:cc:1b:b7:6f:
e0:81:f3:0c:0f:31:c5:2f:56:0f:90:d2:c2:64:0b:
e8:6a:38:09:7e:b0:ee:63:ce:b5:76:39:8d:9d:bb:
a4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:86:80:98:68:A8:56:41:7C:EB:D5:BC:91:34:5C:06:29:5D:2B:46
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69EA1FC20B9A11F0B5FA0492762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.224.0/20
Signature Algorithm: sha256WithRSAEncryption
26:4c:f2:1a:ad:d4:7b:68:10:63:8e:f0:e3:2a:63:49:b8:1e:
5f:17:b0:33:4e:b3:ef:20:ca:3a:11:0b:1b:42:1f:c1:de:d2:
8f:84:0c:d4:10:35:2e:a1:5a:fa:8f:9d:e5:ea:39:94:4d:86:
a1:fa:3c:47:1a:14:5f:aa:04:15:e6:87:26:99:04:b1:9b:91:
cb:6a:4b:02:5b:3d:99:27:42:0f:cb:db:f4:b1:25:c4:bc:ef:
1f:32:12:7a:ca:d2:19:8e:7f:98:48:f4:5f:f7:78:6c:bc:b4:
02:64:44:4e:0b:15:02:9b:06:90:42:fb:7d:4c:14:b7:da:fe:
9b:48:af:a2:66:40:cc:a4:73:a9:ed:f2:4c:91:e4:9c:be:21:
c7:e5:b3:15:4a:ee:99:19:e1:38:57:72:b6:cf:da:c9:2a:38:
9a:74:b5:7b:83:42:cb:3d:9a:89:96:f6:e2:2b:64:60:75:43:
64:17:f8:f8:d7:a8:db:0b:69:a5:fc:41:d3:7f:be:64:26:ab:
94:4c:db:14:0b:cf:fb:5d:44:9e:48:a6:51:10:3a:c9:7a:a6:
e7:22:5e:60:90:92:6b:0e:07:9e:8f:6d:4f:ef:4f:94:be:67:
11:0f:39:c3:24:3e:01:de:2f:4d:0f:dc:e7:41:aa:86:24:e4:
95:0a:0b:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXaWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI4MDYwMzQ0WhcNMjUwNDE3MDYwMzQ0WjAYMRYw
FAYDVQQDEw02N2U2M2JjNC03Mzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA76IGCegLIM/D6ufskuUYDjJeLfXUiDEgIJAjBx7oO/Eu1s7qYvmqs0TI
y2MAqb/LzqU4s1fwmC20t6dJvQbh7TwajhAI1ingI2zGsvV5Hx902rHSFMaYHFcX
zXrmVOu9WZNOWwPyViAV0/Qemfs2H6mQSkl0rUklIxQ2qHdIaz3hab8Y2LigNGo3
YP86ifxMMnw1e2KwjG2/KnYD8ME2BxFI5BD/Lxe7BlOVcmElFB1K+nyB/Ea5xQ+u
NGVE2hQ2LHF62yuBlcsfIKUBDAh2fvn2UrrmcZ2eMAoWmcwbt2/ggfMMDzHFL1YP
kNLCZAvoajgJfrDuY861djmNnbuk8wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCGG
gJhoqFZBfOvVvJE0XAYpXStGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OUVBMUZDMjBCOUExMUYwQjVGQTA0OTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt7gMA0GCSqGSIb3DQEB
CwUAA4IBAQAmTPIardR7aBBjjvDjKmNJuB5fF7AzTrPvIMo6EQsbQh/B3tKPhAzU
EDUuoVr6j53l6jmUTYah+jxHGhRfqgQV5ocmmQSxm5HLaksCWz2ZJ0IPy9v0sSXE
vO8fMhJ6ytIZjn+YSPRf93hsvLQCZEROCxUCmwaQQvt9TBS32v6bSK+iZkDMpHOp
7fJMkeScviHH5bMVSu6ZGeE4V3K2z9rJKjiadLV7g0LLPZqJlvbiK2RgdUNkF/j4
16jbC2ml/EHTf75kJquUTNsUC8/7XUSeSKZREDrJeqbnIl5gkJJrDgeej21P70+U
vmcRDznDJD4B3i9ND9znQaqGJOSVCguz
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:21 2025 by rpki-client