Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85D17E16C93111EF9E85DC73762E951A.roa
File: 85D17E16C93111EF9E85DC73762E951A.roa (raw, json)
Hash identifier: zFrcmLfQ+Lz6mZIWuYSt6cgRPxpK6X3hVaPbePySRKU=
Subject key identifier: 51:0B:A6:B4:7B:15:50:18:C8:E4:D6:66:D4:69:A2:01:1E:AD:93:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0133AF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85D17E16C93111EF9E85DC73762E951A.roa
Signing time: Thu 02 Jan 2025 17:46:41 +0000
ROA not before: Thu 02 Jan 2025 17:46:37 +0000
ROA not after: Mon 13 Dec 2027 17:46:37 +0000
asID: 17561
IP address blocks: 154.222.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78767 (0x133af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 17:46:37 2025 GMT
Not After : Dec 13 17:46:37 2027 GMT
Subject: CN=6776d101-a7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:2e:a0:d8:8b:0c:f6:8a:47:25:6d:7b:cf:27:
a9:a6:6c:41:98:5d:3b:29:06:4d:dd:df:66:e3:f8:
0d:ef:80:13:bb:b5:57:e3:c7:30:92:50:e6:5d:a0:
ab:67:84:15:ef:4c:6e:6a:48:2a:54:61:c0:84:34:
90:45:3a:c6:2f:89:a9:25:dc:e4:68:d3:03:a2:23:
0c:27:37:e6:54:2b:79:97:ec:d6:b8:79:83:ee:e9:
80:4b:9a:4d:82:c7:2d:52:45:c8:0c:13:e6:d4:ef:
d7:dd:06:00:6d:66:ed:1a:a5:ea:4e:fe:02:95:ca:
8d:40:3e:88:dc:1a:41:65:5c:ca:70:41:6d:d3:02:
30:d3:fb:4d:ec:51:2e:61:9d:a7:4a:fb:f0:2e:aa:
7e:db:d9:80:2c:30:ee:9a:eb:ff:64:30:fd:2c:ad:
92:22:7d:31:e2:32:66:b7:fa:09:be:5a:0c:ec:d3:
cc:c3:d8:be:f4:5a:da:5c:ed:ec:3d:48:0e:13:5c:
f1:d1:07:22:9d:a7:57:17:74:b5:86:e8:09:a9:95:
5b:c0:7a:bb:83:fe:fa:60:78:8d:bb:88:4e:17:59:
bf:dd:80:37:64:9e:be:e4:a1:1d:f4:8e:51:90:4d:
aa:a3:b8:e8:91:ff:b0:ee:ce:94:44:e2:dd:e2:39:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0B:A6:B4:7B:15:50:18:C8:E4:D6:66:D4:69:A2:01:1E:AD:93:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85D17E16C93111EF9E85DC73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.165.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:e8:3f:70:8f:ae:ee:29:a1:7e:20:3d:a2:fc:21:eb:7b:18:
00:e0:de:a4:8a:1d:df:88:6c:97:a0:86:4c:ce:3f:97:1f:dc:
09:48:7c:2f:10:a0:c4:cd:e7:a9:9f:7f:52:8f:09:4a:7c:9a:
fe:39:05:7c:f0:64:8e:ab:47:e8:db:6f:11:47:d5:a3:34:b9:
b9:c0:8e:bc:28:e7:57:c1:a3:32:17:84:b8:6b:d3:8a:44:3e:
05:15:31:9d:1c:ed:11:38:85:fa:64:f2:3e:95:8d:ad:01:e3:
e1:ad:67:7b:f3:c5:fc:86:96:45:8c:75:68:24:a3:21:bb:d2:
ea:18:97:dd:f1:bd:8f:06:ed:b2:85:e1:b8:85:64:c8:34:fb:
85:96:94:3a:3c:ce:23:2c:a1:4f:42:fe:52:d7:0c:94:3f:e2:
f6:c5:bb:16:1d:c3:98:e0:4b:c0:e7:b8:a3:b6:ce:ff:e9:77:
45:1e:7a:7b:f6:43:64:4c:ce:37:80:39:aa:01:c0:76:70:a9:
85:d7:51:31:ea:d4:4e:be:e4:e0:8c:52:2c:6a:a0:69:3d:af:
06:1b:2f:94:12:e6:d4:6b:50:9c:81:56:0d:26:0b:27:c8:79:
32:f9:d7:c8:d6:af:80:b8:58:a2:30:be:ba:c2:13:29:26:43:
52:c6:4d:5d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATOvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTc0NjM3WhcNMjcxMjEzMTc0NjM3WjAYMRYw
FAYDVQQDEw02Nzc2ZDEwMS1hN2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7C6g2IsM9opHJW17zyeppmxBmF07KQZN3d9m4/gN74ATu7VX48cwklDm
XaCrZ4QV70xuakgqVGHAhDSQRTrGL4mpJdzkaNMDoiMMJzfmVCt5l+zWuHmD7umA
S5pNgsctUkXIDBPm1O/X3QYAbWbtGqXqTv4ClcqNQD6I3BpBZVzKcEFt0wIw0/tN
7FEuYZ2nSvvwLqp+29mALDDumuv/ZDD9LK2SIn0x4jJmt/oJvloM7NPMw9i+9Fra
XO3sPUgOE1zx0QcinadXF3S1hugJqZVbwHq7g/76YHiNu4hOF1m/3YA3ZJ6+5KEd
9I5RkE2qo7jokf+w7s6UROLd4jnQ3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFEL
prR7FVAYyOTWZtRpogEerZM8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NUQxN0UxNkM5MzExMUVGOUU4NURDNzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6lMA0GCSqGSIb3DQEB
CwUAA4IBAQDX6D9wj67uKaF+ID2i/CHrexgA4N6kih3fiGyXoIZMzj+XH9wJSHwv
EKDEzeepn39SjwlKfJr+OQV88GSOq0fo228RR9WjNLm5wI68KOdXwaMyF4S4a9OK
RD4FFTGdHO0ROIX6ZPI+lY2tAePhrWd788X8hpZFjHVoJKMhu9LqGJfd8b2PBu2y
heG4hWTINPuFlpQ6PM4jLKFPQv5S1wyUP+L2xbsWHcOY4EvA57ijts7/6XdFHnp7
9kNkTM43gDmqAcB2cKmF11Ex6tROvuTgjFIsaqBpPa8GGy+UEubUa1CcgVYNJgsn
yHky+dfI1q+AuFiiML66whMpJkNSxk1d
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:18 2025 by rpki-client