Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71FFC41AF46511EF91AC404C762E951A.roa
File: 71FFC41AF46511EF91AC404C762E951A.roa (raw, json)
Hash identifier: UNe8YyUc3k7EglbhueryL+me2vD3wXfO8zRNVpTL3qA=
Subject key identifier: 53:EB:27:AA:65:A7:94:C8:79:94:44:C2:47:3E:B1:A1:5C:C0:1C:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016542
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71FFC41AF46511EF91AC404C762E951A.roa
Signing time: Wed 26 Feb 2025 17:16:41 +0000
ROA not before: Wed 26 Feb 2025 17:16:38 +0000
ROA not after: Sat 19 Feb 2028 17:16:38 +0000
asID: 17561
IP address blocks: 154.197.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91458 (0x16542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 17:16:38 2025 GMT
Not After : Feb 19 17:16:38 2028 GMT
Subject: CN=67bf4c79-8965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:44:f9:82:66:4f:69:31:c1:67:5a:1f:fc:b5:
ef:d3:61:ca:c9:dc:28:28:d4:5b:dc:ac:1f:1c:dd:
0e:42:f1:51:f0:99:c0:4a:32:c0:37:e1:55:f4:ce:
69:fd:58:71:60:84:60:98:55:37:26:93:d4:fd:11:
9a:28:40:2c:a9:6b:31:c7:e9:b1:78:36:fc:7f:c9:
17:b0:c8:6d:e6:c3:49:01:a1:bb:ad:99:aa:ae:19:
32:e8:4a:02:f7:6d:7d:0d:a4:0d:03:4d:f3:5f:73:
9b:d5:7e:b5:39:fc:eb:76:f9:c6:00:15:df:67:2b:
07:0f:c4:66:80:69:88:44:45:88:d0:29:91:59:11:
69:ce:c6:2f:4d:88:61:0e:bc:e5:04:a6:d5:e8:4d:
00:a4:43:2b:e6:9b:c3:c4:fa:46:13:7b:03:71:4d:
a7:40:7d:60:73:c6:0f:32:39:c6:9e:a3:15:ca:af:
f9:ad:f9:1c:23:f8:0f:48:ca:b6:17:4c:72:7d:57:
44:47:c8:fb:c2:4a:25:2e:6c:3b:1a:58:9d:25:2c:
e3:fc:e9:21:9f:5c:eb:d5:38:8c:fd:f1:fe:05:e0:
d8:a9:2d:fa:fd:16:bb:8d:14:7f:c8:12:7c:27:1b:
1a:c6:26:e5:56:27:aa:47:3f:a4:d0:e0:7d:87:f3:
8b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EB:27:AA:65:A7:94:C8:79:94:44:C2:47:3E:B1:A1:5C:C0:1C:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71FFC41AF46511EF91AC404C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.88.0/24
Signature Algorithm: sha256WithRSAEncryption
99:6d:80:69:69:c7:f9:91:02:44:98:3a:ae:d8:f7:41:56:a6:
f9:7b:67:b3:54:9d:8c:51:74:23:42:df:ad:0e:32:07:3c:5e:
eb:a8:6e:ef:09:2f:86:b2:ed:e6:bd:e5:59:30:2d:29:0d:a5:
ce:be:38:17:f3:4a:2d:2a:7a:ae:a0:c7:d4:90:94:9b:a4:b2:
23:a4:3c:a3:48:cf:4e:58:b4:e9:49:97:53:d7:1b:a0:c4:12:
2f:20:51:9e:56:cd:14:3f:61:f2:39:e3:d0:1b:d7:dc:9b:63:
97:5b:50:f7:80:ab:39:4a:15:c1:9e:f6:a4:2e:54:01:7d:d6:
bc:1f:3c:0c:70:ae:47:89:cb:e3:b9:3f:14:16:96:20:b1:d7:
02:c1:b2:cf:93:71:7c:2f:68:68:01:28:6e:f6:ec:7d:62:b1:
81:86:3a:df:21:1f:0e:ed:df:e2:31:ee:bd:24:54:f2:88:67:
0d:41:55:20:3b:48:44:b1:9c:1b:ff:a0:32:a7:a3:00:93:20:
89:93:c3:a2:5f:82:6c:d0:0e:af:8d:fa:d5:78:5b:67:8c:69:
74:22:90:11:17:07:a1:2b:08:c6:3d:87:cf:b8:c7:39:6a:89:
8b:23:a0:7f:12:95:2b:8a:86:5a:fb:a4:86:a7:94:a6:e2:99:
7d:9c:7f:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWVCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTcxNjM4WhcNMjgwMjE5MTcxNjM4WjAYMRYw
FAYDVQQDEw02N2JmNGM3OS04OTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvET5gmZPaTHBZ1of/LXv02HKydwoKNRb3KwfHN0OQvFR8JnASjLAN+FV
9M5p/VhxYIRgmFU3JpPU/RGaKEAsqWsxx+mxeDb8f8kXsMht5sNJAaG7rZmqrhky
6EoC9219DaQNA03zX3Ob1X61OfzrdvnGABXfZysHD8RmgGmIREWI0CmRWRFpzsYv
TYhhDrzlBKbV6E0ApEMr5pvDxPpGE3sDcU2nQH1gc8YPMjnGnqMVyq/5rfkcI/gP
SMq2F0xyfVdER8j7wkolLmw7GlidJSzj/Okhn1zr1TiM/fH+BeDYqS36/Ra7jRR/
yBJ8JxsaxiblVieqRz+k0OB9h/OLwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFPr
J6plp5TIeZREwkc+saFcwByrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MUZGQzQxQUY0NjUxMUVGOTFBQzQwNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVYMA0GCSqGSIb3DQEB
CwUAA4IBAQCZbYBpacf5kQJEmDqu2PdBVqb5e2ezVJ2MUXQjQt+tDjIHPF7rqG7v
CS+Gsu3mveVZMC0pDaXOvjgX80otKnquoMfUkJSbpLIjpDyjSM9OWLTpSZdT1xug
xBIvIFGeVs0UP2HyOePQG9fcm2OXW1D3gKs5ShXBnvakLlQBfda8HzwMcK5Hicvj
uT8UFpYgsdcCwbLPk3F8L2hoAShu9ux9YrGBhjrfIR8O7d/iMe69JFTyiGcNQVUg
O0hEsZwb/6Ayp6MAkyCJk8OiX4Js0A6vjfrVeFtnjGl0IpARFwehKwjGPYfPuMc5
aomLI6B/EpUrioZa+6SGp5Sm4pl9nH/V
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:56 2025 by rpki-client