Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7FB5C648C8B111EFA7A0594D762E951A.roa
File: 7FB5C648C8B111EFA7A0594D762E951A.roa (raw, json)
Hash identifier: TD8vF1G9wJ0syvtkF7YabppyuiplHJzz/3l+st0afgM=
Subject key identifier: 8D:BE:EF:D6:1C:91:72:AF:47:6E:EE:6D:6F:E0:74:75:1D:A9:2F:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0131AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7FB5C648C8B111EFA7A0594D762E951A.roa
Signing time: Thu 02 Jan 2025 02:30:15 +0000
ROA not before: Thu 02 Jan 2025 02:30:11 +0000
ROA not after: Mon 13 Dec 2027 02:30:11 +0000
asID: 17561
IP address blocks: 154.220.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78252 (0x131ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 02:30:11 2025 GMT
Not After : Dec 13 02:30:11 2027 GMT
Subject: CN=6775fa37-d24d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a2:1c:7f:33:ec:c9:2c:83:2e:86:17:ff:1b:
b7:be:76:69:f7:39:4c:f6:dc:94:0e:42:d5:7a:9b:
b6:33:25:9f:90:7f:42:13:d7:6c:6c:6b:06:b5:0e:
d5:a6:64:e4:9e:c8:47:b2:f8:06:87:70:e0:21:98:
28:68:41:8f:9c:8a:6b:c5:01:c4:08:77:31:e6:70:
c9:a3:de:1c:e5:3f:64:ec:8d:1b:42:1a:56:6c:f1:
a3:9c:16:be:17:13:27:5a:5d:15:1c:75:da:1b:e2:
88:6f:88:9d:a1:5d:26:96:44:97:7a:d5:58:8c:cb:
d5:ca:56:27:36:d0:7f:e7:0b:bb:57:36:bb:f5:58:
98:09:59:89:e6:2f:08:2d:e3:e2:c6:d3:92:7b:68:
c6:9e:f9:10:fd:8f:cd:96:86:7a:8a:aa:55:22:b3:
ec:9b:c6:38:72:de:68:6b:7b:2d:92:95:c2:1f:a8:
11:a3:a7:7e:42:66:52:8b:c2:21:55:e4:c0:71:91:
1a:63:a5:01:15:ff:90:f1:79:0a:e4:d0:30:c5:01:
dc:19:2e:93:66:86:97:a5:07:25:7c:9b:b0:fb:1a:
46:b0:06:2e:a0:b7:a4:e1:96:a9:98:d4:9e:11:17:
c3:cd:52:b0:7e:02:6d:12:76:d2:51:27:7e:3b:27:
89:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:BE:EF:D6:1C:91:72:AF:47:6E:EE:6D:6F:E0:74:75:1D:A9:2F:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7FB5C648C8B111EFA7A0594D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.178.0/24
Signature Algorithm: sha256WithRSAEncryption
85:63:a9:64:7e:5e:71:d7:46:30:d3:bd:00:fa:aa:60:e7:5a:
e2:b6:91:a1:e0:11:ca:75:37:4c:2d:7d:a1:34:e6:7e:3c:c6:
bb:18:31:b6:2f:fa:ae:86:af:0d:70:65:6d:8b:47:0e:92:ca:
69:5a:dd:1a:a6:35:d8:1e:e5:cb:24:84:e4:a6:c6:bc:da:f6:
d9:13:da:53:cf:2e:fe:89:90:5a:74:0e:05:6d:11:31:49:31:
1e:52:bf:d6:1e:ab:66:71:fb:49:71:74:12:1a:4a:d8:1b:e7:
a7:36:75:c1:73:fd:43:e8:6c:31:8c:fd:20:e2:8f:1c:20:1f:
72:ea:97:14:e2:d4:a1:71:d8:80:98:98:4c:47:de:7f:3d:80:
3b:4d:80:8b:47:90:7e:c6:fc:27:2d:cf:a2:7f:e8:be:c2:32:
51:14:92:60:10:3f:a0:28:97:14:90:f0:a8:f7:e5:e3:41:47:
7a:4c:57:fa:12:3b:d6:cd:f9:22:6e:08:36:80:81:0e:f3:42:
16:77:26:f9:e0:bd:b4:aa:ab:70:1f:7a:8d:dc:e7:1c:c0:4e:
c5:d1:c9:d8:f5:10:c6:95:b9:b7:c7:45:c0:82:79:3f:9e:18:
1d:35:a0:cd:f5:34:1a:6d:e7:1f:6a:ed:fb:aa:6c:5e:ec:11:
fe:bd:fa:71
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATGsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDIzMDExWhcNMjcxMjEzMDIzMDExWjAYMRYw
FAYDVQQDEw02Nzc1ZmEzNy1kMjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAraIcfzPsySyDLoYX/xu3vnZp9zlM9tyUDkLVepu2MyWfkH9CE9dsbGsG
tQ7VpmTknshHsvgGh3DgIZgoaEGPnIprxQHECHcx5nDJo94c5T9k7I0bQhpWbPGj
nBa+FxMnWl0VHHXaG+KIb4idoV0mlkSXetVYjMvVylYnNtB/5wu7Vza79ViYCVmJ
5i8ILePixtOSe2jGnvkQ/Y/NloZ6iqpVIrPsm8Y4ct5oa3stkpXCH6gRo6d+QmZS
i8IhVeTAcZEaY6UBFf+Q8XkK5NAwxQHcGS6TZoaXpQclfJuw+xpGsAYuoLek4Zap
mNSeERfDzVKwfgJtEnbSUSd+OyeJaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI2+
79YckXKvR27ubW/gdHUdqS8oMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RkI1QzY0OEM4QjExMUVGQTdBMDU5NEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtyyMA0GCSqGSIb3DQEB
CwUAA4IBAQCFY6lkfl5x10Yw070A+qpg51ritpGh4BHKdTdMLX2hNOZ+PMa7GDG2
L/quhq8NcGVti0cOksppWt0apjXYHuXLJITkpsa82vbZE9pTzy7+iZBadA4FbREx
STEeUr/WHqtmcftJcXQSGkrYG+enNnXBc/1D6GwxjP0g4o8cIB9y6pcU4tShcdiA
mJhMR95/PYA7TYCLR5B+xvwnLc+if+i+wjJRFJJgED+gKJcUkPCo9+XjQUd6TFf6
EjvWzfkibgg2gIEO80IWdyb54L20qqtwH3qN3OccwE7F0cnY9RDGlbm3x0XAgnk/
nhgdNaDN9TQabecfau37qmxe7BH+vfpx
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:05 2025 by rpki-client