Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FA27A16D2DD11EFB2C0725B762E951A.roa
File: 8FA27A16D2DD11EFB2C0725B762E951A.roa (raw, json)
Hash identifier: 1TZMDTRO4BAZ+3M9820+3G7EsyYRo0oApq+6SR45NuY=
Subject key identifier: 5C:04:29:BA:E0:8A:F7:B9:0D:3E:B7:0A:0F:B9:09:82:3E:78:A1:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B72
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FA27A16D2DD11EFB2C0725B762E951A.roa
Signing time: Wed 15 Jan 2025 01:10:51 +0000
ROA not before: Wed 15 Jan 2025 01:10:47 +0000
ROA not after: Fri 12 Dec 2025 01:10:47 +0000
asID: 984
IP address blocks: 154.81.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80754 (0x13b72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 01:10:47 2025 GMT
Not After : Dec 12 01:10:47 2025 GMT
Subject: CN=67870b1b-ce86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:43:d3:5f:1c:62:61:f8:e0:50:74:38:73:c3:
d9:66:b5:73:2e:40:c7:3f:1d:64:06:33:48:11:eb:
21:42:c5:8e:67:7d:e7:8b:c7:2c:64:63:10:ef:aa:
9e:cc:16:4d:06:4f:60:0c:69:52:16:8c:43:9b:64:
a6:1d:1d:eb:f4:1f:20:83:29:58:19:bc:5f:41:ec:
d0:74:0c:cf:c9:b0:51:d1:a6:5d:ea:a7:01:80:70:
38:9d:50:b8:cb:06:2d:ac:18:d8:db:53:ff:7b:6d:
6e:fc:dc:a2:70:28:21:9f:d0:16:32:f5:57:c2:69:
b4:ba:43:59:b7:1b:15:61:45:5b:93:80:a6:ca:81:
a5:2c:2c:c4:03:c0:87:50:d0:d5:c2:83:40:37:9a:
e5:be:84:db:97:12:64:24:fa:71:84:82:52:3f:76:
f7:54:f6:e1:4f:b8:8f:07:d3:59:d9:a5:5a:57:3a:
77:84:70:07:d0:78:68:33:87:e3:a2:04:a1:07:b4:
91:c6:53:ae:87:f8:c6:d5:f3:63:e6:9e:52:3e:3c:
58:99:3d:da:41:37:ae:cb:29:bf:c9:58:4d:51:0a:
7b:c6:1b:20:e0:2d:fc:9c:d3:d8:cf:a2:ee:a8:24:
70:7a:ee:65:d2:31:86:45:0a:80:30:0c:cb:4c:16:
bc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:04:29:BA:E0:8A:F7:B9:0D:3E:B7:0A:0F:B9:09:82:3E:78:A1:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FA27A16D2DD11EFB2C0725B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.190.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:bf:a5:0f:e9:3b:a7:6e:ba:3f:da:fa:21:cb:eb:d7:77:46:
da:09:10:b2:6f:1d:cc:ce:9b:91:ed:92:5f:52:2f:c9:89:7e:
b0:e7:fe:91:78:d7:c3:33:67:9d:1d:04:5a:8d:3d:f4:b3:84:
33:d6:e4:9c:0a:6d:ca:89:a6:4a:5c:38:8a:9a:0a:61:4c:2d:
01:a9:4f:70:ce:51:d7:2f:15:21:c5:dc:87:76:ec:6a:55:e7:
49:da:44:41:f2:7d:40:0a:89:dd:bd:3e:52:b4:25:5e:0a:4b:
e3:f8:b5:88:97:8d:8c:71:92:f8:12:59:0d:f6:95:1f:bb:a3:
49:53:5b:b4:ae:8b:53:6e:46:6c:57:b6:d1:39:69:df:43:ab:
19:f0:ae:12:7c:1a:48:a1:0e:20:7f:bb:c0:b1:cc:9d:93:5c:
af:a3:7b:02:57:c9:17:8f:18:bb:53:90:ab:c5:bc:35:3d:fb:
ec:06:fa:aa:cb:d4:60:19:dd:3b:55:e6:01:ab:4b:fe:99:19:
ad:2c:d6:47:39:3a:c7:b9:a5:35:87:f2:80:c2:3c:7c:3d:a2:
a4:91:fa:16:0c:e3:a3:ab:f8:13:17:ce:98:4c:24:da:56:bd:
58:2b:48:9b:63:64:d7:fb:80:15:f8:f6:11:5a:98:22:2f:ed:
a1:ee:38:34
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATtyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDExMDQ3WhcNMjUxMjEyMDExMDQ3WjAYMRYw
FAYDVQQDEw02Nzg3MGIxYi1jZTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsEPTXxxiYfjgUHQ4c8PZZrVzLkDHPx1kBjNIEeshQsWOZ33ni8csZGMQ
76qezBZNBk9gDGlSFoxDm2SmHR3r9B8ggylYGbxfQezQdAzPybBR0aZd6qcBgHA4
nVC4ywYtrBjY21P/e21u/NyicCghn9AWMvVXwmm0ukNZtxsVYUVbk4CmyoGlLCzE
A8CHUNDVwoNAN5rlvoTblxJkJPpxhIJSP3b3VPbhT7iPB9NZ2aVaVzp3hHAH0Hho
M4fjogShB7SRxlOuh/jG1fNj5p5SPjxYmT3aQTeuyym/yVhNUQp7xhsg4C38nNPY
z6LuqCRweu5l0jGGRQqAMAzLTBa8KwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFwE
Kbrgive5DT63Cg+5CYI+eKG4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RkEyN0ExNkQyREQxMUVGQjJDMDcyNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlG+MA0GCSqGSIb3DQEB
CwUAA4IBAQA9v6UP6Tunbro/2vohy+vXd0baCRCybx3MzpuR7ZJfUi/JiX6w5/6R
eNfDM2edHQRajT30s4Qz1uScCm3KiaZKXDiKmgphTC0BqU9wzlHXLxUhxdyHduxq
VedJ2kRB8n1ACondvT5StCVeCkvj+LWIl42McZL4ElkN9pUfu6NJU1u0rotTbkZs
V7bROWnfQ6sZ8K4SfBpIoQ4gf7vAscydk1yvo3sCV8kXjxi7U5Crxbw1PfvsBvqq
y9RgGd07VeYBq0v+mRmtLNZHOTrHuaU1h/KAwjx8PaKkkfoWDOOjq/gTF86YTCTa
Vr1YK0ibY2TX+4AV+PYRWpgiL+2h7jg0
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:24 2025 by rpki-client