Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6AFBA928F61211EF8E0B5D51762E951A.roa
File: 6AFBA928F61211EF8E0B5D51762E951A.roa (raw, json)
Hash identifier: 8TRCTrnmS5GcYZNstcg6M6lb1L2kB6z/WBQHilQ/0rA=
Subject key identifier: D8:20:67:26:55:CE:7E:F9:28:68:17:56:2B:FC:E2:DC:37:58:14:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016BF9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6AFBA928F61211EF8E0B5D51762E951A.roa
Signing time: Fri 28 Feb 2025 20:27:24 +0000
ROA not before: Fri 28 Feb 2025 20:27:20 +0000
ROA not after: Sun 13 Apr 2025 20:27:20 +0000
asID: 138915
IP address blocks: 154.206.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93177 (0x16bf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 20:27:20 2025 GMT
Not After : Apr 13 20:27:20 2025 GMT
Subject: CN=67c21c2c-df6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:17:2d:9a:dc:db:fb:08:59:aa:05:2f:e0:3b:
c9:f6:de:8e:61:1c:28:a4:bd:d0:e9:4f:65:c2:43:
ef:84:9b:fa:00:8f:e9:87:87:0f:e6:41:c5:a7:b5:
53:fd:5e:d7:16:ff:32:65:0e:6a:03:f2:b0:47:9f:
55:07:19:f0:78:99:12:f1:9b:2e:5c:ab:b5:7d:e7:
c3:94:39:fc:3c:e8:98:ee:50:ef:bf:06:75:e4:34:
e6:ff:c3:61:18:96:4e:0a:d0:ea:e1:27:18:0c:2b:
df:61:95:f7:0c:bf:77:30:d2:5c:67:c6:ab:5b:b5:
82:f8:ee:19:ea:4d:eb:6e:fc:0b:dc:34:fb:e3:33:
5a:f1:dd:4e:aa:d3:3c:be:8c:b1:10:ec:17:ca:25:
a9:a2:a2:48:57:d8:95:0e:4e:3c:84:e9:bf:0f:75:
f5:bb:09:f5:0e:53:e8:87:de:1c:fa:21:b9:5d:22:
57:18:1e:3c:6b:e7:cf:e5:a5:4a:97:2b:4c:c7:45:
81:00:64:db:1a:72:bd:25:ee:b0:ba:04:c5:9d:17:
21:4a:64:d1:6b:ff:2e:68:20:f2:21:9c:ba:c0:ca:
0f:29:08:7d:84:99:50:24:d2:a8:8c:3f:bc:7b:7c:
b6:f2:dc:de:f9:10:76:3d:e0:85:41:b9:84:96:fd:
52:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:20:67:26:55:CE:7E:F9:28:68:17:56:2B:FC:E2:DC:37:58:14:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6AFBA928F61211EF8E0B5D51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.79.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:70:6d:a6:08:ab:2d:a7:a2:59:28:42:7a:a3:56:f0:18:44:
aa:cc:46:d4:58:d3:77:aa:63:d7:3b:20:db:3f:b1:79:5b:70:
0f:f8:d3:04:92:b4:54:f8:29:b4:da:c0:af:e5:2c:85:dc:45:
6e:ff:c8:f6:65:cd:9a:0d:9b:57:31:30:d9:1b:8d:e2:e6:f0:
2c:d4:6d:d4:eb:e9:92:49:ca:3d:51:03:a5:ca:86:7a:3c:bb:
71:3a:00:c0:d0:8c:f5:37:1d:1d:44:cd:c7:ac:11:51:77:25:
ae:58:6b:4a:53:81:f9:cf:4a:ac:5f:26:89:9c:5e:01:d1:51:
63:2e:02:45:39:fe:c7:2c:3d:eb:29:b9:a6:a8:c6:f9:de:bc:
54:bd:65:e9:29:a7:b3:21:20:00:1b:4e:19:e1:9e:cb:67:02:
6a:32:9d:f7:b6:20:fc:1e:ad:ef:75:83:b8:4e:eb:63:d2:ee:
74:c2:72:7f:e0:5a:76:7c:39:e6:82:b3:45:fb:4b:f0:49:d0:
d9:af:17:bb:1f:e6:83:7c:05:7d:c0:1d:c3:68:11:61:36:eb:
5e:d9:e8:5f:3e:a9:91:2b:b0:4f:bd:73:76:89:f2:de:7a:2b:
65:08:60:55:a2:db:df:d9:5d:ba:f2:4a:fb:b4:59:e8:e3:cd:
de:ad:f8:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWv5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjAyNzIwWhcNMjUwNDEzMjAyNzIwWjAYMRYw
FAYDVQQDEw02N2MyMWMyYy1kZjZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxRctmtzb+whZqgUv4DvJ9t6OYRwopL3Q6U9lwkPvhJv6AI/ph4cP5kHF
p7VT/V7XFv8yZQ5qA/KwR59VBxnweJkS8ZsuXKu1fefDlDn8POiY7lDvvwZ15DTm
/8NhGJZOCtDq4ScYDCvfYZX3DL93MNJcZ8arW7WC+O4Z6k3rbvwL3DT74zNa8d1O
qtM8voyxEOwXyiWpoqJIV9iVDk48hOm/D3X1uwn1DlPoh94c+iG5XSJXGB48a+fP
5aVKlytMx0WBAGTbGnK9Je6wugTFnRchSmTRa/8uaCDyIZy6wMoPKQh9hJlQJNKo
jD+8e3y28tze+RB2PeCFQbmElv1SnwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNgg
ZyZVzn75KGgXViv84tw3WBSuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QUZCQTkyOEY2MTIxMUVGOEUwQjVENTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms5PMA0GCSqGSIb3DQEB
CwUAA4IBAQB7cG2mCKstp6JZKEJ6o1bwGESqzEbUWNN3qmPXOyDbP7F5W3AP+NME
krRU+Cm02sCv5SyF3EVu/8j2Zc2aDZtXMTDZG43i5vAs1G3U6+mSSco9UQOlyoZ6
PLtxOgDA0Iz1Nx0dRM3HrBFRdyWuWGtKU4H5z0qsXyaJnF4B0VFjLgJFOf7HLD3r
KbmmqMb53rxUvWXpKaezISAAG04Z4Z7LZwJqMp33tiD8Hq3vdYO4Tutj0u50wnJ/
4Fp2fDnmgrNF+0vwSdDZrxe7H+aDfAV9wB3DaBFhNute2ehfPqmRK7BPvXN2ifLe
eitlCGBVotvf2V268kr7tFno483erfi8
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:12:03 2025 by rpki-client