Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B466FC6E2D511EFA2BA3850762E951A.roa
File: 6B466FC6E2D511EFA2BA3850762E951A.roa (raw, json)
Hash identifier: cWTqKY2hIE1TGXpDW1Q90vhPTYMfOiLPUW1MF8zg/Cw=
Subject key identifier: A4:7A:FA:87:DC:25:6B:8D:DA:FD:B5:B5:29:18:FD:72:AA:7B:38:86
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0150BA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B466FC6E2D511EFA2BA3850762E951A.roa
Signing time: Tue 04 Feb 2025 08:52:53 +0000
ROA not before: Tue 04 Feb 2025 08:52:49 +0000
ROA not after: Wed 30 Apr 2025 08:52:49 +0000
asID: 18229
IP address blocks: 154.210.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86202 (0x150ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 08:52:49 2025 GMT
Not After : Apr 30 08:52:49 2025 GMT
Subject: CN=67a1d565-2ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8c:3a:9f:bf:ed:8e:3a:c0:48:fa:08:15:53:
c0:c9:9d:7f:c2:7f:00:bd:ef:9a:cc:40:f1:d3:9d:
57:fc:b2:5c:99:08:ff:be:12:da:66:fa:9c:b1:1d:
d7:ab:19:e2:bc:ce:91:ee:73:18:cb:19:51:33:d1:
b5:31:32:1f:f5:e9:a4:4e:14:9e:8d:72:86:5e:9c:
d7:d7:d9:d6:1a:e0:36:c7:77:1e:05:31:ac:b9:d2:
d3:f9:5a:77:e8:64:e5:a9:ab:24:59:4a:c0:6f:af:
59:f5:9e:11:a8:76:1c:dc:43:bb:88:68:e8:44:47:
40:6e:55:c0:73:99:c1:dc:82:83:e1:ad:08:80:d5:
61:b3:57:0b:c2:65:2d:a1:42:65:b4:ef:4b:6a:fc:
2b:45:4f:a2:69:f5:e3:a4:02:91:b9:91:bd:18:71:
64:ed:ba:2e:8e:bc:96:62:bd:88:ee:69:fb:26:1f:
8d:5b:f4:4e:9d:d2:2f:30:65:04:9d:de:ad:10:55:
b5:16:ad:16:f2:78:f3:a1:a5:79:97:64:c0:1c:63:
84:59:f2:9f:0d:87:89:51:69:c9:f5:70:bb:f3:93:
16:28:b3:c5:f7:50:43:66:3e:f8:a7:80:d8:1e:da:
0b:14:2f:fc:ab:fc:21:00:3e:3f:91:c8:ba:aa:ff:
24:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:7A:FA:87:DC:25:6B:8D:DA:FD:B5:B5:29:18:FD:72:AA:7B:38:86
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B466FC6E2D511EFA2BA3850762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.183.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:4f:ff:ec:c6:e4:2b:6b:42:9a:46:2b:bc:86:d8:66:7e:c4:
8d:2d:14:f1:3c:44:b0:98:b2:ef:d1:57:4f:be:74:ca:db:8c:
5c:80:d8:b7:8a:44:83:3d:a0:f8:6f:bf:5f:f6:18:5e:d2:b2:
b5:2d:fd:8f:44:50:d8:79:17:4d:b0:0a:f9:0a:4d:57:81:14:
00:d1:f8:19:c9:a7:a0:dd:76:13:d5:c4:c7:f3:d9:0b:d9:7d:
c7:7f:52:ee:e4:f5:35:e1:bb:b3:0c:12:16:00:6e:50:41:a9:
5d:22:69:cb:fd:4f:7c:08:ae:54:57:70:21:67:57:da:fa:88:
77:e4:30:d6:68:6f:39:03:ad:b4:2c:c5:3a:be:9b:79:d9:51:
0b:3b:45:36:b0:64:c7:97:a6:fa:93:18:af:4a:58:77:df:ad:
b7:d0:a6:b7:ff:4c:99:64:5c:bf:53:9f:ce:cc:fb:3c:5b:8e:
70:70:ed:2d:cf:90:bd:cb:75:03:cb:93:de:48:52:4c:9c:b2:
b9:f3:0a:20:a5:f5:c4:50:b8:e0:a8:48:55:3d:5e:be:e4:0e:
8c:c0:62:e6:56:5d:2f:2f:6f:d2:28:6f:11:2f:7e:6b:cf:e2:
84:57:b8:6a:da:44:8a:67:eb:db:f0:d4:5b:b2:52:e0:f4:7b:
b0:13:b1:97
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVC6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDg1MjQ5WhcNMjUwNDMwMDg1MjQ5WjAYMRYw
FAYDVQQDEw02N2ExZDU2NS0yYWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlow6n7/tjjrASPoIFVPAyZ1/wn8Ave+azEDx051X/LJcmQj/vhLaZvqc
sR3XqxnivM6R7nMYyxlRM9G1MTIf9emkThSejXKGXpzX19nWGuA2x3ceBTGsudLT
+Vp36GTlqaskWUrAb69Z9Z4RqHYc3EO7iGjoREdAblXAc5nB3IKD4a0IgNVhs1cL
wmUtoUJltO9LavwrRU+iafXjpAKRuZG9GHFk7boujryWYr2I7mn7Jh+NW/ROndIv
MGUEnd6tEFW1Fq0W8njzoaV5l2TAHGOEWfKfDYeJUWnJ9XC785MWKLPF91BDZj74
p4DYHtoLFC/8q/whAD4/kci6qv8kDwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKR6
+ofcJWuN2v21tSkY/XKqeziGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QjQ2NkZDNkUyRDUxMUVGQTJCQTM4NTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtK3MA0GCSqGSIb3DQEB
CwUAA4IBAQA7T//sxuQra0KaRiu8hthmfsSNLRTxPESwmLLv0VdPvnTK24xcgNi3
ikSDPaD4b79f9hhe0rK1Lf2PRFDYeRdNsAr5Ck1XgRQA0fgZyaeg3XYT1cTH89kL
2X3Hf1Lu5PU14buzDBIWAG5QQaldImnL/U98CK5UV3AhZ1fa+oh35DDWaG85A620
LMU6vpt52VELO0U2sGTHl6b6kxivSlh336230Ka3/0yZZFy/U5/OzPs8W45wcO0t
z5C9y3UDy5PeSFJMnLK58wogpfXEULjgqEhVPV6+5A6MwGLmVl0vL2/SKG8RL35r
z+KEV7hq2kSKZ+vb8NRbslLg9HuwE7GX
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:05:03 2025 by rpki-client