Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B92EFB2F68E11EFB6A278A7762E951A.roa
File: 8B92EFB2F68E11EFB6A278A7762E951A.roa (raw, json)
Hash identifier: ahxAgQg6z6/10Pqwq4qpAWAwBukHVetE6hYqAmtVcr0=
Subject key identifier: F6:75:5C:FF:80:E7:A8:41:F3:B6:9A:9C:CF:7B:28:24:3D:CC:6E:A3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016DF9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B92EFB2F68E11EFB6A278A7762E951A.roa
Signing time: Sat 01 Mar 2025 11:15:56 +0000
ROA not before: Sat 01 Mar 2025 11:15:52 +0000
ROA not after: Sat 05 Apr 2025 11:15:52 +0000
asID: 203020
IP address blocks: 154.203.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 11:15:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93689 (0x16df9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 11:15:52 2025 GMT
Not After : Apr 5 11:15:52 2025 GMT
Subject: CN=67c2ec6c-aa03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:09:57:b9:23:03:81:9d:b4:7b:7a:89:5e:15:
3e:fc:5f:17:4b:87:18:bc:b4:51:d8:b8:2b:b6:77:
99:e1:fc:18:2b:d4:9a:96:0c:8d:27:40:e6:25:57:
20:24:ac:4f:10:41:2f:93:f4:ab:3e:c3:f2:ac:2d:
f5:23:0f:df:4f:19:4a:ae:6b:f3:c9:15:c0:89:8f:
fd:60:2f:0b:83:9a:a3:09:9d:14:db:2f:d0:31:4a:
e4:1b:ac:fc:1f:96:74:00:7a:b2:39:d4:c7:4d:eb:
b2:01:19:d6:d3:8c:d0:d5:75:1e:0e:a8:81:01:40:
33:91:07:70:c0:53:e5:54:62:ff:55:9c:36:59:20:
fd:37:fc:b4:20:21:ad:4e:c3:ce:e0:7e:c9:4f:cb:
dc:90:b7:ba:ba:0a:24:44:48:5b:8f:a2:3b:b7:0a:
de:f5:f6:26:0c:fe:d6:17:17:03:db:19:96:06:ed:
d9:c9:cd:61:2f:a2:5e:61:48:d7:bb:b8:18:ed:5c:
73:14:1d:86:de:50:81:ca:50:d0:44:3d:bd:2b:8d:
39:aa:d6:1e:14:29:d1:90:22:be:ed:68:a2:01:92:
16:40:d8:de:26:4c:66:2b:0d:54:c0:3b:25:42:69:
c3:5c:9c:e7:0c:16:e5:9b:ca:64:71:46:6c:87:d2:
43:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:75:5C:FF:80:E7:A8:41:F3:B6:9A:9C:CF:7B:28:24:3D:CC:6E:A3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B92EFB2F68E11EFB6A278A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.63.0/24
Signature Algorithm: sha256WithRSAEncryption
52:0e:9b:4f:ce:57:55:34:94:2e:0a:00:60:81:6c:1d:ba:c2:
f0:19:83:c7:b4:b5:ba:e4:7f:fe:2f:7b:5b:84:32:c7:22:9b:
c4:a0:7d:78:f3:98:cf:86:c6:e3:34:7c:6f:5d:75:8b:17:7a:
27:62:b7:6b:98:5c:9a:63:f7:d6:58:6b:64:b5:f4:5f:34:ea:
36:5d:03:fb:22:68:6f:4c:f8:87:02:3f:b8:4c:1b:84:a2:72:
e2:c2:d2:98:c7:eb:00:1d:5e:c3:90:ea:cb:f0:f5:67:5e:81:
f5:40:af:30:f8:5d:fc:8e:d8:61:3c:61:31:2f:eb:21:ba:ac:
31:c3:b7:4c:99:ba:bd:a6:0a:8d:a1:7e:5b:b9:61:9b:7e:2d:
6d:01:8d:b7:56:0f:fb:67:05:8a:b1:6a:54:60:1d:98:11:61:
eb:bc:c7:a7:4f:04:8b:3a:01:64:36:b1:0d:6e:3f:2c:88:7f:
3d:16:86:1f:b1:93:14:1c:34:60:d6:b7:e6:ef:f1:10:05:fb:
b7:71:3e:c2:1e:6f:84:94:0a:6d:8c:ce:a7:2d:ee:73:ea:97:
5b:ab:de:29:ba:c4:6a:e8:23:19:0b:37:b6:6d:ab:9e:90:60:
87:38:0f:72:58:c8:e4:07:73:ec:a7:c6:74:ea:6b:81:53:c8:
46:f7:5d:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW35MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTExNTUyWhcNMjUwNDA1MTExNTUyWjAYMRYw
FAYDVQQDEw02N2MyZWM2Yy1hYTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwglXuSMDgZ20e3qJXhU+/F8XS4cYvLRR2LgrtneZ4fwYK9SalgyNJ0Dm
JVcgJKxPEEEvk/SrPsPyrC31Iw/fTxlKrmvzyRXAiY/9YC8Lg5qjCZ0U2y/QMUrk
G6z8H5Z0AHqyOdTHTeuyARnW04zQ1XUeDqiBAUAzkQdwwFPlVGL/VZw2WSD9N/y0
ICGtTsPO4H7JT8vckLe6ugokREhbj6I7twre9fYmDP7WFxcD2xmWBu3Zyc1hL6Je
YUjXu7gY7VxzFB2G3lCBylDQRD29K405qtYeFCnRkCK+7WiiAZIWQNjeJkxmKw1U
wDslQmnDXJznDBblm8pkcUZsh9JDIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPZ1
XP+A56hB87aanM97KCQ9zG6jMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QjkyRUZCMkY2OEUxMUVGQjZBMjc4QTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmss/MA0GCSqGSIb3DQEB
CwUAA4IBAQBSDptPzldVNJQuCgBggWwdusLwGYPHtLW65H/+L3tbhDLHIpvEoH14
85jPhsbjNHxvXXWLF3onYrdrmFyaY/fWWGtktfRfNOo2XQP7ImhvTPiHAj+4TBuE
onLiwtKYx+sAHV7DkOrL8PVnXoH1QK8w+F38jthhPGExL+shuqwxw7dMmbq9pgqN
oX5buWGbfi1tAY23Vg/7ZwWKsWpUYB2YEWHrvMenTwSLOgFkNrENbj8siH89FoYf
sZMUHDRg1rfm7/EQBfu3cT7CHm+ElAptjM6nLe5z6pdbq94pusRq6CMZCze2baue
kGCHOA9yWMjkB3Psp8Z06muBU8hG911z
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:53 2025 by rpki-client