Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/938D8ADCF42811EFA9652B9F762E951A.roa
File: 938D8ADCF42811EFA9652B9F762E951A.roa (raw, json)
Hash identifier: T+ipzDzjLeLPDsgYRCUnNrck7LJhdrnu0gP5mgFELPI=
Subject key identifier: D4:3C:70:ED:8A:AD:D6:F8:2E:9B:7A:88:6D:99:30:08:7E:87:19:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016216
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/938D8ADCF42811EFA9652B9F762E951A.roa
Signing time: Wed 26 Feb 2025 10:00:58 +0000
ROA not before: Wed 26 Feb 2025 10:00:55 +0000
ROA not after: Thu 19 Feb 2026 10:00:55 +0000
asID: 984
IP address blocks: 154.208.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90646 (0x16216)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 10:00:55 2025 GMT
Not After : Feb 19 10:00:55 2026 GMT
Subject: CN=67bee65a-47f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:94:4c:11:cf:fd:a0:f3:d0:ab:af:89:9a:95:
35:ab:a6:0c:96:95:6d:29:94:ca:70:bc:81:32:e2:
cc:0c:c2:85:ed:69:1a:b1:53:36:d3:38:51:2a:44:
1c:26:a4:c5:35:57:01:03:51:f4:04:76:5b:01:c2:
3c:fc:92:69:96:bf:a0:b7:c2:e8:64:e7:0c:66:35:
87:9d:b2:45:8c:2d:46:c0:ad:b8:b7:10:6c:2b:90:
18:89:e7:69:30:ca:8f:7b:47:fb:7e:72:95:2b:f6:
53:3b:b9:08:81:fc:58:bb:2f:ca:2b:46:74:e4:95:
62:37:7b:25:88:54:63:17:54:91:73:c3:48:c3:6d:
af:f6:bf:e7:4a:de:21:a2:61:73:5f:70:7f:24:17:
6d:29:3c:6d:34:8a:13:a9:62:97:41:47:a4:3d:8a:
55:81:87:c8:18:67:68:8b:e5:a2:bf:3d:a8:a7:4d:
02:07:b6:65:81:4a:15:4a:58:8a:12:8e:d1:86:e5:
c3:03:5b:2c:a4:21:bd:f2:04:c9:aa:52:c1:e8:d3:
33:fd:a0:e1:98:47:78:9a:95:58:ac:ab:01:c2:aa:
84:8a:c5:e7:14:42:b8:1c:13:4f:b2:fd:55:11:b1:
13:b0:b6:96:79:2c:8c:d8:0b:56:60:94:0f:17:92:
83:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3C:70:ED:8A:AD:D6:F8:2E:9B:7A:88:6D:99:30:08:7E:87:19:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/938D8ADCF42811EFA9652B9F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.64.0/24
Signature Algorithm: sha256WithRSAEncryption
39:cc:db:66:e9:32:54:a4:4b:28:92:a3:17:f3:ee:2d:81:8c:
41:c9:15:d7:3b:99:84:27:26:0b:a0:24:a4:90:44:04:20:45:
98:ef:33:77:b6:30:65:37:4b:87:71:3f:1f:92:81:1b:31:5a:
2f:f4:34:a3:7b:92:24:61:f4:93:52:fb:2a:2a:1f:64:03:e8:
2b:d1:dc:d6:f5:63:ab:ad:6c:2c:43:99:ee:d6:2e:18:3c:16:
b9:9e:fc:01:63:b7:ec:3f:be:e7:7f:a6:32:7c:b3:31:46:59:
92:f7:eb:75:b1:b9:e2:ae:74:a4:85:ac:8d:6b:9a:d7:94:3c:
70:e8:ba:98:e6:63:0f:b3:b0:0f:4a:21:88:ac:98:f7:06:af:
6b:d0:81:de:12:cf:c1:3d:0c:b2:e2:3b:cc:e0:1b:97:3a:a4:
51:68:33:84:38:49:96:b5:e4:fd:68:89:44:2b:a5:a5:d1:14:
97:5f:3e:fd:1d:be:5e:7b:2b:be:40:5d:39:1d:f4:21:76:6c:
88:0e:e7:c3:21:cd:8e:23:4f:00:22:b3:77:f4:2a:54:7a:ef:
e9:9f:10:0d:5e:bf:5d:26:b8:45:f1:c8:f1:86:52:9a:82:37:
15:09:4e:28:8e:a3:42:30:24:00:0a:b4:ae:43:9f:ad:9e:36:
fd:81:c2:c9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWIWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTAwMDU1WhcNMjYwMjE5MTAwMDU1WjAYMRYw
FAYDVQQDEw02N2JlZTY1YS00N2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuZRMEc/9oPPQq6+JmpU1q6YMlpVtKZTKcLyBMuLMDMKF7WkasVM20zhR
KkQcJqTFNVcBA1H0BHZbAcI8/JJplr+gt8LoZOcMZjWHnbJFjC1GwK24txBsK5AY
iedpMMqPe0f7fnKVK/ZTO7kIgfxYuy/KK0Z05JViN3sliFRjF1SRc8NIw22v9r/n
St4homFzX3B/JBdtKTxtNIoTqWKXQUekPYpVgYfIGGdoi+Wivz2op00CB7ZlgUoV
SliKEo7RhuXDA1sspCG98gTJqlLB6NMz/aDhmEd4mpVYrKsBwqqEisXnFEK4HBNP
sv1VEbETsLaWeSyM2AtWYJQPF5KDcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNQ8
cO2Krdb4Lpt6iG2ZMAh+hxnYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MzhEOEFEQ0Y0MjgxMUVGQTk2NTJCOUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBAMA0GCSqGSIb3DQEB
CwUAA4IBAQA5zNtm6TJUpEsokqMX8+4tgYxByRXXO5mEJyYLoCSkkEQEIEWY7zN3
tjBlN0uHcT8fkoEbMVov9DSje5IkYfSTUvsqKh9kA+gr0dzW9WOrrWwsQ5nu1i4Y
PBa5nvwBY7fsP77nf6YyfLMxRlmS9+t1sbnirnSkhayNa5rXlDxw6LqY5mMPs7AP
SiGIrJj3Bq9r0IHeEs/BPQyy4jvM4BuXOqRRaDOEOEmWteT9aIlEK6Wl0RSXXz79
Hb5eeyu+QF05HfQhdmyIDufDIc2OI08AIrN39CpUeu/pnxANXr9dJrhF8cjxhlKa
gjcVCU4ojqNCMCQACrSuQ5+tnjb9gcLJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:17:09 2025 by rpki-client