Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89D6756AF42511EF8B9A6C8B762E951A.roa
File: 89D6756AF42511EF8B9A6C8B762E951A.roa (raw, json)
Hash identifier: 0l7M9hV3w3EwcNHMkZlQ8+yY4FsNVefa0erIPw6wSo0=
Subject key identifier: E9:AC:AD:8D:21:2E:80:30:2D:07:14:40:90:1F:C6:37:BB:84:8C:38
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0161EB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89D6756AF42511EF8B9A6C8B762E951A.roa
Signing time: Wed 26 Feb 2025 09:39:14 +0000
ROA not before: Wed 26 Feb 2025 09:39:10 +0000
ROA not after: Thu 19 Feb 2026 09:39:10 +0000
asID: 984
IP address blocks: 154.206.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90603 (0x161eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:39:10 2025 GMT
Not After : Feb 19 09:39:10 2026 GMT
Subject: CN=67bee141-ca6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5d:7d:18:b7:70:13:cd:a1:e0:48:8e:1b:17:
2e:ac:96:2e:08:9c:2e:6c:78:12:33:22:ab:3d:14:
99:33:7b:be:cc:ad:21:9b:bc:c3:47:2f:39:eb:43:
56:b5:c2:7a:e7:16:e0:4a:c6:f0:29:25:43:e9:ab:
d9:10:2f:8e:18:29:cd:f5:d9:57:1e:79:5f:b8:8c:
9b:fe:1c:7e:16:a5:de:50:ad:d7:e7:e9:22:f3:56:
13:8e:99:8d:b3:00:1e:bf:ee:44:47:7b:6f:b1:95:
ff:55:ea:cd:82:8d:08:cf:8a:bf:34:80:64:56:95:
7c:2b:27:ac:54:70:56:09:50:86:e1:5c:9f:14:a3:
2c:12:e3:99:5a:45:fa:c6:39:4a:c4:f6:99:bc:b4:
5d:4b:a6:ab:e0:1a:7c:bd:4e:fb:85:f7:e3:db:2f:
ac:e7:34:b0:df:08:7a:f3:ea:c0:ed:2c:56:2e:5f:
fa:90:19:4c:84:99:d5:9b:fa:e1:93:a8:4a:68:5a:
27:0a:cf:67:6a:9d:7c:ff:09:cf:45:9f:97:07:3e:
dd:26:e1:f5:21:70:49:98:bf:3c:0e:38:1c:f6:8e:
ae:6e:84:ac:a5:a4:27:97:10:3e:0b:9b:7e:e0:37:
20:e8:87:bf:d7:fb:9f:db:9f:51:39:6f:ae:ee:14:
a7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:AC:AD:8D:21:2E:80:30:2D:07:14:40:90:1F:C6:37:BB:84:8C:38
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89D6756AF42511EF8B9A6C8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.243.0/24
Signature Algorithm: sha256WithRSAEncryption
86:c6:26:40:d9:2d:e3:e1:1c:96:ce:9a:49:45:0a:d1:27:94:
89:6f:1f:93:07:fd:b6:a0:9b:ea:0b:61:b7:81:24:23:49:34:
65:98:97:1b:a2:b7:df:58:77:67:0e:8e:df:a9:d2:db:7d:30:
bd:04:a7:f9:07:14:bc:25:6a:19:12:00:5b:ee:22:6d:8f:70:
7e:36:56:3d:88:cd:d2:89:42:0d:5c:f0:27:47:e7:5f:8e:5b:
2e:e3:d1:68:f5:22:ca:85:22:50:1b:ba:18:86:92:85:9d:92:
61:09:85:66:63:2e:aa:47:a6:73:20:ad:da:35:8d:f1:20:d4:
37:1d:e5:61:43:8c:59:35:42:6b:4a:ee:f7:1f:e9:f5:80:39:
4c:25:00:bf:69:91:6d:67:c9:91:7f:3b:18:e0:7d:22:3b:90:
52:51:3e:2d:c2:45:c2:a1:34:15:b4:11:ac:ba:ed:13:67:ef:
d4:0f:09:47:0f:fc:1d:2d:c4:5d:b4:aa:65:03:d7:ae:c0:6d:
22:0a:11:63:76:2e:b9:6e:76:36:5a:7a:6f:fd:fa:a5:56:4a:
f6:f2:38:f0:a9:40:0e:a6:64:da:de:c6:5b:07:b9:50:53:62:
a3:fa:4d:83:03:7a:92:74:0b:00:19:5f:fc:fb:aa:40:8a:42:
35:be:dc:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWHrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDkzOTEwWhcNMjYwMjE5MDkzOTEwWjAYMRYw
FAYDVQQDEw02N2JlZTE0MS1jYTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuV19GLdwE82h4EiOGxcurJYuCJwubHgSMyKrPRSZM3u+zK0hm7zDRy85
60NWtcJ65xbgSsbwKSVD6avZEC+OGCnN9dlXHnlfuIyb/hx+FqXeUK3X5+ki81YT
jpmNswAev+5ER3tvsZX/VerNgo0Iz4q/NIBkVpV8KyesVHBWCVCG4VyfFKMsEuOZ
WkX6xjlKxPaZvLRdS6ar4Bp8vU77hffj2y+s5zSw3wh68+rA7SxWLl/6kBlMhJnV
m/rhk6hKaFonCs9nap18/wnPRZ+XBz7dJuH1IXBJmL88Djgc9o6uboSspaQnlxA+
C5t+4Dcg6Ie/1/uf259ROW+u7hSnFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOms
rY0hLoAwLQcUQJAfxje7hIw4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OUQ2NzU2QUY0MjUxMUVGOEI5QTZDOEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7zMA0GCSqGSIb3DQEB
CwUAA4IBAQCGxiZA2S3j4RyWzppJRQrRJ5SJbx+TB/22oJvqC2G3gSQjSTRlmJcb
orffWHdnDo7fqdLbfTC9BKf5BxS8JWoZEgBb7iJtj3B+NlY9iM3SiUINXPAnR+df
jlsu49Fo9SLKhSJQG7oYhpKFnZJhCYVmYy6qR6ZzIK3aNY3xINQ3HeVhQ4xZNUJr
Su73H+n1gDlMJQC/aZFtZ8mRfzsY4H0iO5BSUT4twkXCoTQVtBGsuu0TZ+/UDwlH
D/wdLcRdtKplA9euwG0iChFjdi65bnY2Wnpv/fqlVkr28jjwqUAOpmTa3sZbB7lQ
U2Kj+k2DA3qSdAsAGV/8+6pAikI1vtzS
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:17 2025 by rpki-client