Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B247872F2C911EFB6F7FB42762E951A.roa
File: 6B247872F2C911EFB6F7FB42762E951A.roa (raw, json)
Hash identifier: pijeJTN/og/W46Eb8716s/wjAevRRiepzyzJRClzmpk=
Subject key identifier: E2:B6:DD:2C:97:92:03:00:01:94:FB:0B:38:26:60:99:6D:64:EF:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015C52
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B247872F2C911EFB6F7FB42762E951A.roa
Signing time: Mon 24 Feb 2025 16:07:17 +0000
ROA not before: Mon 24 Feb 2025 16:07:13 +0000
ROA not after: Sun 23 Mar 2025 16:07:13 +0000
asID: 137899
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89170 (0x15c52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 24 16:07:13 2025 GMT
Not After : Mar 23 16:07:13 2025 GMT
Subject: CN=67bc9935-d601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f6:92:25:19:f8:4a:c2:98:97:5f:21:e0:1a:
48:a5:6b:35:b1:fa:06:94:f3:24:46:da:c6:d2:88:
3a:4d:0f:b0:ec:23:51:33:27:99:25:f4:11:4c:ac:
34:59:6b:d8:84:f3:fc:61:39:9e:5c:23:c7:ac:e8:
2a:a2:85:08:b2:56:1f:7c:52:54:0b:65:3c:40:a7:
0b:af:c5:53:c0:82:97:ae:8d:84:2a:b4:13:b4:be:
c0:89:57:2b:5a:fd:ff:c4:6d:b5:14:53:69:de:da:
fd:fa:74:56:86:cf:b1:cc:5f:4a:8a:ec:f2:cf:84:
c0:32:37:57:a0:01:fc:f5:4a:c5:24:3e:b6:d2:28:
13:eb:fe:7b:ab:39:ee:e1:20:f8:8e:12:06:5c:60:
8a:36:38:47:12:e9:cc:b9:53:5f:96:72:9a:d4:ec:
cf:77:8c:c4:b8:cb:11:87:31:2b:ca:ba:07:c3:b1:
d0:e1:65:41:e2:9d:62:cc:fa:c5:92:40:9c:b7:2f:
c9:83:c1:9d:19:ff:43:02:a8:83:42:28:e8:a5:e8:
35:9d:9f:f3:7d:64:e6:0c:63:92:9a:74:2d:8d:27:
02:3f:1a:41:0a:50:74:e5:e0:b9:ad:2c:4b:bc:23:
1a:b7:24:6c:d1:cc:65:df:83:a8:54:af:b0:0c:5f:
b4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B6:DD:2C:97:92:03:00:01:94:FB:0B:38:26:60:99:6D:64:EF:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B247872F2C911EFB6F7FB42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
cc:57:a8:0d:47:2f:f5:08:1d:09:d3:1e:50:03:39:66:ae:2a:
5a:ab:3a:cb:49:7c:7e:61:a5:7b:bc:df:37:e8:ef:f5:1f:bf:
5c:58:af:b1:1b:22:16:14:2e:41:a7:9f:88:c8:5b:a1:91:20:
6d:f8:2f:64:aa:10:17:2b:29:2c:b4:7f:fd:18:a2:70:6d:f8:
ea:d5:7f:b2:e1:b4:a6:6f:73:c9:79:6a:85:5a:c5:2a:e3:ff:
89:05:2d:5c:65:b9:66:54:94:3d:01:82:17:91:e3:d9:be:c9:
96:c3:3e:b0:ef:7b:49:6f:87:50:21:67:b9:2e:81:e6:59:4b:
1c:63:ce:63:2f:59:3a:57:5a:d5:ec:8d:2f:7e:9b:7c:df:c2:
6e:7c:34:91:78:73:40:5c:0a:ff:f4:97:f4:b1:03:bd:f1:9d:
6a:9d:dd:8a:25:66:80:ef:38:26:cc:80:b3:d8:59:ff:65:fd:
96:48:0a:d6:fc:a0:77:c5:f8:56:3a:01:3e:74:e8:eb:a2:14:
89:b6:89:2a:00:d0:da:68:38:98:f4:a1:46:2c:67:8b:63:7a:
d4:47:d6:40:50:df:03:22:1f:32:b1:0b:2d:eb:02:bc:6f:0c:
be:9b:01:b6:f4:85:fa:ad:ca:42:3f:81:b4:47:84:70:44:6e:
b4:19:5f:89
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVxSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTYwNzEzWhcNMjUwMzIzMTYwNzEzWjAYMRYw
FAYDVQQDEw02N2JjOTkzNS1kNjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqvaSJRn4SsKYl18h4BpIpWs1sfoGlPMkRtrG0og6TQ+w7CNRMyeZJfQR
TKw0WWvYhPP8YTmeXCPHrOgqooUIslYffFJUC2U8QKcLr8VTwIKXro2EKrQTtL7A
iVcrWv3/xG21FFNp3tr9+nRWhs+xzF9Kiuzyz4TAMjdXoAH89UrFJD620igT6/57
qznu4SD4jhIGXGCKNjhHEunMuVNflnKa1OzPd4zEuMsRhzEryroHw7HQ4WVB4p1i
zPrFkkCcty/Jg8GdGf9DAqiDQijopeg1nZ/zfWTmDGOSmnQtjScCPxpBClB05eC5
rSxLvCMatyRs0cxl34OoVK+wDF+0TQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOK2
3SyXkgMAAZT7CzgmYJltZO/gMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QjI0Nzg3MkYyQzkxMUVGQjZGN0ZCNDI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQDMV6gNRy/1CB0J0x5QAzlmripaqzrLSXx+YaV7vN836O/1H79cWK+x
GyIWFC5Bp5+IyFuhkSBt+C9kqhAXKykstH/9GKJwbfjq1X+y4bSmb3PJeWqFWsUq
4/+JBS1cZblmVJQ9AYIXkePZvsmWwz6w73tJb4dQIWe5LoHmWUscY85jL1k6V1rV
7I0vfpt838JufDSReHNAXAr/9Jf0sQO98Z1qnd2KJWaA7zgmzICz2Fn/Zf2WSArW
/KB3xfhWOgE+dOjrohSJtokqANDaaDiY9KFGLGeLY3rUR9ZAUN8DIh8ysQst6wK8
bwy+mwG29IX6rcpCP4G0R4RwRG60GV+J
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:56:02 2025 by rpki-client