Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81C871ACF42A11EF85F3EDAC762E951A.roa
File: 81C871ACF42A11EF85F3EDAC762E951A.roa (raw, json)
Hash identifier: PtfRvy9PxbZ+AhRu/AgSmPBLV3MPJuJS3CKqSdK5Gv4=
Subject key identifier: 31:24:1E:DB:8A:C2:03:78:12:60:F6:A4:C2:7D:ED:6D:6E:4D:96:2D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016229
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81C871ACF42A11EF85F3EDAC762E951A.roa
Signing time: Wed 26 Feb 2025 10:14:48 +0000
ROA not before: Wed 26 Feb 2025 10:14:44 +0000
ROA not after: Thu 19 Feb 2026 10:14:44 +0000
asID: 984
IP address blocks: 154.208.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90665 (0x16229)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 10:14:44 2025 GMT
Not After : Feb 19 10:14:44 2026 GMT
Subject: CN=67bee997-a9c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:55:b9:7c:5d:27:6b:52:8f:b9:74:b9:9f:58:
7d:90:a8:09:3b:c8:74:cc:5c:f1:48:26:a3:67:01:
a4:ce:30:bc:39:aa:c5:72:e2:46:27:9d:f8:61:ea:
6b:43:34:45:5b:ff:55:41:14:68:43:28:a9:c0:05:
76:26:1b:6c:9d:0e:a0:ae:d5:57:f6:d7:98:03:1f:
58:47:8d:b0:67:6d:ed:d2:fb:b8:35:a2:61:6a:8d:
30:64:2e:62:9e:c3:fa:f0:77:9a:cb:d5:0a:bc:a6:
bb:e6:04:26:25:4e:8b:5c:94:73:a2:01:5a:19:57:
5c:91:9c:88:4d:2e:1b:bc:c1:15:e8:e5:5f:39:d1:
5e:56:60:c8:47:95:f8:f6:b8:ad:bf:57:e3:52:dd:
4a:35:95:70:49:19:a7:e9:00:67:fe:4c:be:81:67:
a3:0e:67:f8:9b:f9:ab:89:f9:86:2e:03:03:93:de:
7e:f4:1e:3a:e1:07:60:f4:81:f6:b9:af:6e:e8:dd:
b2:0d:8b:fc:8b:a6:a6:6f:c6:f9:de:14:f9:ec:70:
9b:05:38:71:6b:c4:05:f4:ea:51:9f:16:09:91:e7:
d8:3e:66:b0:9e:09:ce:76:4e:e3:c5:f1:70:59:8a:
53:67:c8:8e:48:66:cf:bd:5e:10:75:b2:57:85:f2:
d9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:24:1E:DB:8A:C2:03:78:12:60:F6:A4:C2:7D:ED:6D:6E:4D:96:2D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81C871ACF42A11EF85F3EDAC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.70.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:0a:de:2b:16:03:dd:21:a7:80:46:37:ac:a1:0c:03:bd:53:
12:73:c3:a9:e9:15:09:26:fc:5a:ed:a9:b8:f6:db:7e:3c:09:
51:ca:52:db:07:c5:28:55:9c:3c:5c:68:94:eb:b0:d2:e0:4e:
ad:09:0c:b7:fa:d3:bf:a3:e6:f4:08:1b:3e:f9:c3:af:a6:3e:
3b:88:69:22:aa:69:d3:3b:74:ab:a1:d3:d3:5c:fd:a5:58:57:
d7:d8:a4:4f:7c:2a:28:12:db:33:1f:5a:eb:41:c8:b1:f3:30:
49:62:fe:8d:85:4a:a6:b1:34:d0:92:fe:93:0c:ba:a5:32:35:
0f:7b:f8:6b:95:e1:4d:8f:98:29:79:9b:a2:69:ef:a5:f2:2e:
83:48:f5:72:18:e7:d1:ae:7b:c0:10:8d:ff:f9:0f:b1:0b:d8:
c2:65:c2:8c:1d:8c:d5:bf:36:23:c0:e8:5c:2b:df:b3:5b:06:
39:ee:79:67:68:dc:29:07:59:31:ae:af:71:0f:9f:fd:d0:f5:
67:83:45:ca:ed:8a:66:8a:ae:0e:a3:06:21:94:25:39:3d:43:
f5:c2:eb:3d:41:ea:80:70:db:97:53:1d:9a:e7:4b:17:57:a2:
41:c7:8c:ab:f0:81:a0:ca:06:f8:ad:5e:3d:cf:6e:e9:b4:ac:
29:e6:e2:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWIpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTAxNDQ0WhcNMjYwMjE5MTAxNDQ0WjAYMRYw
FAYDVQQDEw02N2JlZTk5Ny1hOWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0lW5fF0na1KPuXS5n1h9kKgJO8h0zFzxSCajZwGkzjC8OarFcuJGJ534
YeprQzRFW/9VQRRoQyipwAV2JhtsnQ6grtVX9teYAx9YR42wZ23t0vu4NaJhao0w
ZC5insP68Heay9UKvKa75gQmJU6LXJRzogFaGVdckZyITS4bvMEV6OVfOdFeVmDI
R5X49ritv1fjUt1KNZVwSRmn6QBn/ky+gWejDmf4m/mrifmGLgMDk95+9B464Qdg
9IH2ua9u6N2yDYv8i6amb8b53hT57HCbBThxa8QF9OpRnxYJkefYPmawngnOdk7j
xfFwWYpTZ8iOSGbPvV4QdbJXhfLZjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDEk
HtuKwgN4EmD2pMJ97W1uTZYtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MUM4NzFBQ0Y0MkExMUVGODVGM0VEQUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBGMA0GCSqGSIb3DQEB
CwUAA4IBAQBsCt4rFgPdIaeARjesoQwDvVMSc8Op6RUJJvxa7am49tt+PAlRylLb
B8UoVZw8XGiU67DS4E6tCQy3+tO/o+b0CBs++cOvpj47iGkiqmnTO3SrodPTXP2l
WFfX2KRPfCooEtszH1rrQcix8zBJYv6NhUqmsTTQkv6TDLqlMjUPe/hrleFNj5gp
eZuiae+l8i6DSPVyGOfRrnvAEI3/+Q+xC9jCZcKMHYzVvzYjwOhcK9+zWwY57nln
aNwpB1kxrq9xD5/90PVng0XK7Ypmiq4OowYhlCU5PUP1wus9QeqAcNuXUx2a50sX
V6JBx4yr8IGgygb4rV49z27ptKwp5uKL
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:47:30 2025 by rpki-client