Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70F82B3EF42411EFAEEC7582762E951A.roa
File: 70F82B3EF42411EFAEEC7582762E951A.roa (raw, json)
Hash identifier: HA2OTa9t9UkHR8al5HaCmcJiI9zzf4BahkTrhifRoqo=
Subject key identifier: 5B:8D:AE:DE:04:8F:90:B9:50:92:31:EB:6E:C7:5E:CB:24:16:CE:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0161D7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70F82B3EF42411EFAEEC7582762E951A.roa
Signing time: Wed 26 Feb 2025 09:31:22 +0000
ROA not before: Wed 26 Feb 2025 09:31:19 +0000
ROA not after: Thu 19 Feb 2026 09:31:19 +0000
asID: 984
IP address blocks: 154.206.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90583 (0x161d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:31:19 2025 GMT
Not After : Feb 19 09:31:19 2026 GMT
Subject: CN=67bedf6a-d1b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:74:46:15:47:19:ca:8c:82:14:e4:6e:38:85:
78:5d:c7:5f:ec:67:5a:53:95:02:47:65:c1:38:a8:
27:20:d1:bc:ef:71:39:ea:8f:f0:8d:54:86:fe:e6:
9f:3c:07:bd:38:bb:d1:ba:99:08:32:b6:ae:d2:df:
03:95:4a:87:2a:d8:85:f5:ad:fa:4e:b6:ff:35:af:
7f:f3:05:bb:d8:6e:b6:cc:d8:2e:c8:9c:76:7e:29:
fc:67:67:af:f0:17:fe:e4:c9:a8:8a:fe:78:77:98:
1a:3f:6a:91:ad:8f:2c:53:48:4f:66:3b:38:05:2c:
66:e6:35:73:11:4b:0b:d7:c5:ce:0c:ee:e8:ef:6c:
5e:18:6d:3f:13:6b:19:05:8d:d8:54:68:07:84:c5:
1d:18:91:ba:3f:6b:00:76:b8:44:46:38:11:2b:6e:
dd:f9:1a:d6:2a:58:12:10:a4:3a:a0:f6:48:d4:db:
fc:60:c8:c5:43:a7:56:2c:14:d1:53:ec:eb:b2:b5:
0b:a6:ff:8c:64:37:5d:4f:0f:d7:cc:7f:7c:0a:78:
da:07:0b:f1:58:35:cc:ef:ea:14:22:eb:37:4b:e9:
68:45:7c:1d:ea:c6:7a:c2:05:a6:b2:74:63:8b:34:
23:cc:2a:1e:fa:be:f1:35:25:08:67:56:1a:ec:9d:
88:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:8D:AE:DE:04:8F:90:B9:50:92:31:EB:6E:C7:5E:CB:24:16:CE:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70F82B3EF42411EFAEEC7582762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.239.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:92:25:dc:0e:f9:07:49:9d:48:85:6f:8b:16:90:99:df:be:
1d:1a:47:0c:2d:62:a3:ce:98:e0:56:5e:35:1d:01:52:94:80:
2b:48:2a:0c:c4:eb:3c:d8:a2:a2:dd:ee:2f:ed:4a:c9:c9:98:
75:df:3c:ec:cb:9b:3f:9d:52:80:52:17:55:f3:24:ab:e2:6c:
3f:27:68:c5:e6:ec:16:83:b8:59:10:3d:42:3b:4e:40:3d:a4:
09:2a:f6:49:8f:28:d8:29:2e:9e:60:84:c3:70:26:87:13:b0:
4f:37:be:94:e2:7b:73:bf:2b:f0:af:69:87:17:a5:2d:85:f4:
b6:08:59:33:4a:2e:74:8e:99:43:2b:73:22:a3:b0:b1:ff:6f:
40:28:26:bf:e1:0f:0d:63:5d:a3:be:ce:cb:b8:ba:27:07:78:
34:34:8f:12:ab:5d:c6:56:d8:b6:47:eb:e6:7d:e1:d1:0e:d0:
ce:5b:cf:9f:bd:58:af:e8:73:ec:f2:63:3f:2e:3a:42:8c:85:
7d:f0:54:4f:7d:a6:f4:72:1f:a6:4d:7e:e2:df:ab:e4:af:88:
83:63:6b:bc:f2:92:7e:af:4e:b7:f4:b4:6c:c0:2e:8e:dd:a6:
52:dc:0c:7f:b2:2f:fe:a2:25:14:53:07:4c:dd:b1:51:38:77:
51:68:86:5a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWHXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDkzMTE5WhcNMjYwMjE5MDkzMTE5WjAYMRYw
FAYDVQQDEw02N2JlZGY2YS1kMWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsXRGFUcZyoyCFORuOIV4Xcdf7GdaU5UCR2XBOKgnING873E56o/wjVSG
/uafPAe9OLvRupkIMrau0t8DlUqHKtiF9a36Trb/Na9/8wW72G62zNguyJx2fin8
Z2ev8Bf+5Mmoiv54d5gaP2qRrY8sU0hPZjs4BSxm5jVzEUsL18XODO7o72xeGG0/
E2sZBY3YVGgHhMUdGJG6P2sAdrhERjgRK27d+RrWKlgSEKQ6oPZI1Nv8YMjFQ6dW
LBTRU+zrsrULpv+MZDddTw/XzH98CnjaBwvxWDXM7+oUIus3S+loRXwd6sZ6wgWm
snRjizQjzCoe+r7xNSUIZ1Ya7J2IKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFuN
rt4Ej5C5UJIx627HXsskFs48MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MEY4MkIzRUY0MjQxMUVGQUVFQzc1ODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7vMA0GCSqGSIb3DQEB
CwUAA4IBAQANkiXcDvkHSZ1IhW+LFpCZ374dGkcMLWKjzpjgVl41HQFSlIArSCoM
xOs82KKi3e4v7UrJyZh13zzsy5s/nVKAUhdV8ySr4mw/J2jF5uwWg7hZED1CO05A
PaQJKvZJjyjYKS6eYITDcCaHE7BPN76U4ntzvyvwr2mHF6UthfS2CFkzSi50jplD
K3Mio7Cx/29AKCa/4Q8NY12jvs7LuLonB3g0NI8Sq13GVti2R+vmfeHRDtDOW8+f
vViv6HPs8mM/LjpCjIV98FRPfab0ch+mTX7i36vkr4iDY2u88pJ+r0639LRswC6O
3aZS3Ax/si/+oiUUUwdM3bFROHdRaIZa
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:11 2025 by rpki-client