Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7027AD52F43211EFA57CEB65762E951A.roa
File: 7027AD52F43211EFA57CEB65762E951A.roa (raw, json)
Hash identifier: Bho/YDv+YvlCS5Dnvv1ZtHmDAlnxhU0vSnC6mOVwy1Q=
Subject key identifier: C9:25:55:E5:4F:64:29:13:7E:A7:A4:40:1B:A6:0E:78:01:C6:79:B3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01627B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7027AD52F43211EFA57CEB65762E951A.roa
Signing time: Wed 26 Feb 2025 11:11:34 +0000
ROA not before: Wed 26 Feb 2025 11:11:30 +0000
ROA not after: Thu 19 Feb 2026 11:11:30 +0000
asID: 984
IP address blocks: 154.208.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90747 (0x1627b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:11:30 2025 GMT
Not After : Feb 19 11:11:30 2026 GMT
Subject: CN=67bef6e6-a789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:62:d7:39:82:99:1b:f3:5a:16:21:b3:f0:01:
11:a8:9d:2d:a4:af:19:94:59:33:4b:f9:45:f1:a9:
b8:a8:34:48:25:f8:ae:cc:05:81:ad:ec:c4:73:c9:
ec:ad:17:07:b1:d4:9f:0f:a4:98:b2:2c:41:2b:3d:
74:13:6e:74:6c:d4:be:7e:09:58:ec:84:b4:26:78:
63:82:26:e6:88:da:ca:d1:3d:3c:32:0a:87:95:27:
28:ad:b5:0a:51:b0:31:25:b8:68:b2:22:e4:b8:6f:
47:27:63:c1:44:b7:3e:1f:e3:d0:2e:aa:94:b2:95:
32:b2:dc:fc:be:55:c8:3c:7e:96:70:9f:07:89:57:
90:17:4f:d4:07:34:53:b5:bf:95:92:d1:23:b1:47:
00:ac:7a:08:d5:f0:82:c0:5f:81:17:df:9c:16:7c:
c9:db:e3:fc:81:b7:ca:4f:b0:aa:5e:76:de:3e:5e:
eb:db:47:49:73:fb:34:31:a4:4e:2b:e7:af:fd:1e:
ef:29:fd:59:78:44:91:8a:0e:b1:67:aa:77:df:05:
15:fb:c1:7a:63:e2:0c:7f:26:b0:1f:39:f3:45:ac:
52:b4:aa:aa:7d:9b:df:86:37:b3:a8:10:05:91:ba:
a7:04:14:f2:c7:62:32:c9:73:de:1f:bd:54:28:2a:
dc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:25:55:E5:4F:64:29:13:7E:A7:A4:40:1B:A6:0E:78:01:C6:79:B3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7027AD52F43211EFA57CEB65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.91.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:ad:4e:d4:2d:8b:19:ec:03:13:f6:87:b2:4f:13:82:d7:01:
c2:1f:20:d4:28:47:f8:09:34:40:78:e7:97:11:e3:7f:3f:82:
08:bc:3a:7d:98:cf:73:3f:7e:dc:bf:36:36:3b:15:34:4e:30:
d2:a5:23:df:fb:e8:c9:51:d3:01:e7:2c:96:56:7b:1f:60:e9:
0d:5c:6f:26:92:ab:ef:a5:28:c8:bb:04:0d:36:fa:07:a0:7a:
23:16:6c:35:21:cf:df:1e:3f:c7:66:b3:76:15:b0:bb:fa:04:
bb:84:93:08:13:b7:c0:be:6f:8a:d4:88:19:1b:8c:72:f6:2b:
6e:da:5e:b6:0a:26:01:e4:c5:e6:e4:70:9b:cf:c6:b1:19:c7:
5c:9f:07:15:d0:28:77:05:95:73:e1:7f:3b:3b:34:0b:24:0c:
f1:72:06:f8:4d:0f:f6:a9:46:81:01:b3:06:92:9f:b0:2a:84:
0f:d4:04:39:38:0f:a0:73:65:b6:dc:52:8b:44:be:bf:a3:be:
bb:b4:dc:d4:13:7d:4d:07:ec:8f:db:e1:6a:3d:db:6f:e7:9e:
f4:5f:5a:48:30:ec:48:fc:87:fa:08:2e:0c:32:e3:5a:ee:ad:
4a:0f:4c:9b:ca:d7:60:1f:11:e2:0c:af:d9:e3:db:55:31:1b:
a2:8c:c4:8f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWJ7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTExMTMwWhcNMjYwMjE5MTExMTMwWjAYMRYw
FAYDVQQDEw02N2JlZjZlNi1hNzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn2LXOYKZG/NaFiGz8AERqJ0tpK8ZlFkzS/lF8am4qDRIJfiuzAWBrezE
c8nsrRcHsdSfD6SYsixBKz10E250bNS+fglY7IS0JnhjgibmiNrK0T08MgqHlSco
rbUKUbAxJbhosiLkuG9HJ2PBRLc+H+PQLqqUspUystz8vlXIPH6WcJ8HiVeQF0/U
BzRTtb+VktEjsUcArHoI1fCCwF+BF9+cFnzJ2+P8gbfKT7CqXnbePl7r20dJc/s0
MaROK+ev/R7vKf1ZeESRig6xZ6p33wUV+8F6Y+IMfyawHznzRaxStKqqfZvfhjez
qBAFkbqnBBTyx2IyyXPeH71UKCrcPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMkl
VeVPZCkTfqekQBumDngBxnmzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MDI3QUQ1MkY0MzIxMUVGQTU3Q0VCNjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBbMA0GCSqGSIb3DQEB
CwUAA4IBAQBbrU7ULYsZ7AMT9oeyTxOC1wHCHyDUKEf4CTRAeOeXEeN/P4IIvDp9
mM9zP37cvzY2OxU0TjDSpSPf++jJUdMB5yyWVnsfYOkNXG8mkqvvpSjIuwQNNvoH
oHojFmw1Ic/fHj/HZrN2FbC7+gS7hJMIE7fAvm+K1IgZG4xy9itu2l62CiYB5MXm
5HCbz8axGcdcnwcV0Ch3BZVz4X87OzQLJAzxcgb4TQ/2qUaBAbMGkp+wKoQP1AQ5
OA+gc2W23FKLRL6/o767tNzUE31NB+yP2+FqPdtv5570X1pIMOxI/If6CC4MMuNa
7q1KD0ybytdgHxHiDK/Z49tVMRuijMSP
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:04 2025 by rpki-client