Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79346FDAF44011EF834CB64A762E951A.roa
File: 79346FDAF44011EF834CB64A762E951A.roa (raw, json)
Hash identifier: Lw7aQ3h53BZYDopxKuB/7lmlcLKdA3eQc37CAh6C6Oc=
Subject key identifier: D4:17:C6:83:90:5A:05:9E:05:BE:11:BF:D6:5A:4C:DA:04:BC:E6:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016356
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79346FDAF44011EF834CB64A762E951A.roa
Signing time: Wed 26 Feb 2025 12:52:02 +0000
ROA not before: Wed 26 Feb 2025 12:51:58 +0000
ROA not after: Thu 19 Feb 2026 12:51:58 +0000
asID: 984
IP address blocks: 154.208.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90966 (0x16356)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:51:58 2025 GMT
Not After : Feb 19 12:51:58 2026 GMT
Subject: CN=67bf0e72-bb77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f3:14:93:b7:0d:bc:52:c3:66:ea:97:5f:e9:
20:e2:bf:e4:d8:00:32:39:b9:b8:0f:03:f5:48:b5:
15:40:72:06:bf:35:99:65:dc:1b:d2:bf:56:91:60:
02:68:c2:a1:cf:42:f5:11:c8:dc:86:44:a9:b4:52:
a2:53:28:24:de:02:3e:45:be:cc:ba:19:60:7b:29:
ab:6b:93:2e:5f:a3:cb:ff:14:5b:64:e1:e2:cf:4c:
a7:ee:ff:50:ee:1b:a0:ea:66:55:83:2f:04:c9:f3:
8c:4a:60:d5:ad:26:73:ca:f1:3c:ed:4e:15:92:55:
de:6c:c6:b1:0a:5d:07:b1:35:25:c4:8b:19:5f:92:
b5:f1:c6:9f:f2:15:c3:26:ac:89:59:2d:f0:2a:6e:
a9:4d:80:85:67:e9:a7:1d:19:05:e2:9f:8d:e1:b2:
6d:8d:d4:d6:2a:c8:94:2d:73:4d:ad:6d:53:ea:14:
a4:5f:d8:74:ef:e0:b1:ab:18:30:8b:4e:a8:82:99:
6d:50:30:96:e9:a9:a8:c6:6a:54:d0:04:f0:f0:22:
42:4d:56:5c:76:d2:83:bc:58:6a:77:14:91:3d:65:
25:cb:a6:db:f0:1a:5a:7b:6d:55:67:29:ec:fc:df:
24:a0:4e:97:0f:c6:7b:c3:a9:93:bd:74:f9:e9:c6:
db:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:17:C6:83:90:5A:05:9E:05:BE:11:BF:D6:5A:4C:DA:04:BC:E6:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79346FDAF44011EF834CB64A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.178.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:4c:38:79:ff:62:a2:bb:23:6c:d3:0e:35:2e:5b:17:50:7d:
49:71:f7:95:eb:b6:94:8f:eb:45:96:b8:34:c7:32:ff:09:2b:
48:bd:1b:d0:26:f6:78:8c:10:06:6c:da:f1:0c:f0:28:e9:06:
87:cc:d0:d6:86:99:9f:4a:b9:2e:18:b0:d6:4b:4a:f2:43:19:
86:a8:8b:84:0a:8e:60:87:36:b6:5f:e0:1b:51:14:45:ab:aa:
86:d3:d7:97:a9:5f:de:cd:51:0d:70:29:cb:c3:e0:1e:53:fa:
6c:67:47:fc:79:c2:80:5e:e0:e4:f8:f8:fa:0f:65:0c:d4:66:
64:74:5d:0b:1b:cc:ee:1f:1a:0a:b5:a6:66:16:9b:f4:e0:f4:
e6:1c:aa:96:4e:83:d4:ab:b6:1d:e9:3e:53:da:35:f0:20:53:
87:4a:36:50:42:42:9c:e1:86:1c:01:0b:c0:42:c2:cd:37:71:
64:47:91:58:b4:72:2e:39:3f:d5:a4:2d:23:ed:39:a7:2e:da:
42:38:17:ba:9b:1a:f7:7b:21:eb:a8:bf:44:2b:14:7e:55:97:
4a:65:af:30:96:35:8a:3f:6d:30:68:56:26:63:ce:e5:16:f7:
40:97:3a:56:6c:1e:d5:ab:02:7d:96:36:f7:4f:a4:52:d0:05:
b6:8d:3d:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWNWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTI1MTU4WhcNMjYwMjE5MTI1MTU4WjAYMRYw
FAYDVQQDEw02N2JmMGU3Mi1iYjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvPMUk7cNvFLDZuqXX+kg4r/k2AAyObm4DwP1SLUVQHIGvzWZZdwb0r9W
kWACaMKhz0L1EcjchkSptFKiUygk3gI+Rb7Muhlgeymra5MuX6PL/xRbZOHiz0yn
7v9Q7hug6mZVgy8EyfOMSmDVrSZzyvE87U4VklXebMaxCl0HsTUlxIsZX5K18caf
8hXDJqyJWS3wKm6pTYCFZ+mnHRkF4p+N4bJtjdTWKsiULXNNrW1T6hSkX9h07+Cx
qxgwi06ogpltUDCW6amoxmpU0ATw8CJCTVZcdtKDvFhqdxSRPWUly6bb8Bpae21V
Zyns/N8koE6XD8Z7w6mTvXT56cbbywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNQX
xoOQWgWeBb4Rv9ZaTNoEvOa7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83OTM0NkZEQUY0NDAxMUVGODM0Q0I2NEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtCyMA0GCSqGSIb3DQEB
CwUAA4IBAQAtTDh5/2KiuyNs0w41LlsXUH1JcfeV67aUj+tFlrg0xzL/CStIvRvQ
JvZ4jBAGbNrxDPAo6QaHzNDWhpmfSrkuGLDWS0ryQxmGqIuECo5ghza2X+AbURRF
q6qG09eXqV/ezVENcCnLw+AeU/psZ0f8ecKAXuDk+Pj6D2UM1GZkdF0LG8zuHxoK
taZmFpv04PTmHKqWToPUq7Yd6T5T2jXwIFOHSjZQQkKc4YYcAQvAQsLNN3FkR5FY
tHIuOT/VpC0j7TmnLtpCOBe6mxr3eyHrqL9EKxR+VZdKZa8wljWKP20waFYmY87l
FvdAlzpWbB7VqwJ9ljb3T6RS0AW2jT1p
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:03 2025 by rpki-client