Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A58C6948DA1E11EF97A37686762E951A.roa
File: A58C6948DA1E11EF97A37686762E951A.roa (raw, json)
Hash identifier: QXxGd3aQDIyYuSWDd6gjIeP0rpfQGwKegtlUMFcnPYs=
Subject key identifier: 4A:D5:A0:67:05:DA:5B:39:65:FE:15:85:FF:5F:E9:13:C6:72:74:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0143F6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A58C6948DA1E11EF97A37686762E951A.roa
Signing time: Fri 24 Jan 2025 06:44:23 +0000
ROA not before: Fri 24 Jan 2025 06:44:20 +0000
ROA not after: Tue 13 May 2025 06:44:20 +0000
asID: 138915
IP address blocks: 154.205.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82934 (0x143f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 06:44:20 2025 GMT
Not After : May 13 06:44:20 2025 GMT
Subject: CN=679336c7-3898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f6:52:25:21:a6:b8:a1:65:20:bb:66:79:06:
69:d1:2b:6b:3b:a8:df:40:85:b3:91:aa:12:b7:b1:
93:c6:ac:14:92:db:18:22:8c:de:7d:00:2f:d2:91:
f3:24:07:56:e0:bb:c2:76:8e:3a:fd:f0:1a:a9:b7:
98:5f:4a:11:0a:91:d4:f4:82:3a:4b:c6:73:f1:b4:
81:0f:a9:cb:e9:28:a4:fa:01:d3:c8:82:e6:a2:68:
00:28:77:aa:c5:31:ef:c9:90:21:1d:fb:a8:ad:ce:
87:67:ed:33:05:3c:ad:34:a7:af:a4:7f:4c:d8:91:
9a:fe:bb:4c:55:e8:9e:4e:da:9b:f1:4a:6a:4b:3a:
54:35:79:1b:e1:1b:b6:f4:e5:ec:81:e2:64:c6:f3:
d4:ec:55:ce:94:0d:5b:7c:69:38:32:ff:9e:dc:74:
08:e0:c9:d3:e1:d3:90:1d:80:a3:d4:0b:d4:9b:99:
1f:45:7d:87:cf:0f:56:31:59:f4:78:33:7c:bd:54:
51:3b:d5:4c:41:95:75:68:d8:40:e6:43:9a:5c:41:
af:a6:6d:a2:80:ad:fb:22:e9:60:a6:f4:f9:82:bc:
77:e3:74:7c:0e:44:f2:36:76:d1:45:cb:4a:cf:bd:
d8:eb:b3:50:dd:96:6c:90:49:e2:6d:2d:63:fe:5c:
46:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D5:A0:67:05:DA:5B:39:65:FE:15:85:FF:5F:E9:13:C6:72:74:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A58C6948DA1E11EF97A37686762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.135.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:5d:72:e1:27:1e:6f:ef:f3:43:5a:1f:c9:00:c2:bb:b0:e7:
06:f4:fc:eb:a6:e3:83:7d:86:80:43:8a:5e:d3:3f:c7:bf:07:
ea:87:8d:15:a1:ef:4a:10:46:e3:7d:ba:69:65:70:5a:40:fe:
16:f8:0f:84:7f:fb:8b:a6:46:95:c2:d6:b8:c2:aa:11:e3:cc:
64:c9:ca:41:e7:6a:53:f0:7a:d1:e7:ac:81:41:0e:24:17:34:
b1:e6:6d:98:93:92:60:e6:34:b5:ba:83:ad:d0:e7:69:3c:52:
b1:1c:55:38:ff:d6:bd:d8:ff:ba:41:11:07:f8:6c:f4:ed:3a:
de:1d:4b:fb:b1:96:76:54:56:1d:d7:bb:aa:65:9a:7b:b4:db:
ee:f3:05:e9:7a:92:37:15:5c:96:30:d2:2f:7a:b9:6c:6a:04:
db:f1:79:72:b3:7e:7f:b5:b5:80:47:d6:c8:6b:d4:0c:82:38:
f9:d1:8e:99:a8:52:6c:5a:98:15:95:d5:7f:62:3a:3b:cd:60:
4c:50:38:11:72:83:ed:41:c1:94:93:ba:f0:15:61:26:da:87:
55:52:31:1e:e5:6f:31:d0:ef:5d:89:2b:9a:ca:cc:46:bd:86:
39:8d:63:0d:a1:61:c7:e0:6e:f6:aa:e0:2f:08:72:fe:97:bf:
d7:73:17:ba
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUP2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDY0NDIwWhcNMjUwNTEzMDY0NDIwWjAYMRYw
FAYDVQQDEw02NzkzMzZjNy0zODk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1vZSJSGmuKFlILtmeQZp0StrO6jfQIWzkaoSt7GTxqwUktsYIozefQAv
0pHzJAdW4LvCdo46/fAaqbeYX0oRCpHU9II6S8Zz8bSBD6nL6Sik+gHTyILmomgA
KHeqxTHvyZAhHfuorc6HZ+0zBTytNKevpH9M2JGa/rtMVeieTtqb8UpqSzpUNXkb
4Ru29OXsgeJkxvPU7FXOlA1bfGk4Mv+e3HQI4MnT4dOQHYCj1AvUm5kfRX2Hzw9W
MVn0eDN8vVRRO9VMQZV1aNhA5kOaXEGvpm2igK37IulgpvT5grx343R8DkTyNnbR
RctKz73Y67NQ3ZZskEnibS1j/lxG/wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFErV
oGcF2ls5Zf4Vhf9f6RPGcnRNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNThDNjk0OERBMUUxMUVGOTdBMzc2ODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2HMA0GCSqGSIb3DQEB
CwUAA4IBAQBsXXLhJx5v7/NDWh/JAMK7sOcG9PzrpuODfYaAQ4pe0z/Hvwfqh40V
oe9KEEbjfbppZXBaQP4W+A+Ef/uLpkaVwta4wqoR48xkycpB52pT8HrR56yBQQ4k
FzSx5m2Yk5Jg5jS1uoOt0OdpPFKxHFU4/9a92P+6QREH+Gz07TreHUv7sZZ2VFYd
17uqZZp7tNvu8wXpepI3FVyWMNIverlsagTb8Xlys35/tbWAR9bIa9QMgjj50Y6Z
qFJsWpgVldV/Yjo7zWBMUDgRcoPtQcGUk7rwFWEm2odVUjEe5W8x0O9diSuaysxG
vYY5jWMNoWHH4G72quAvCHL+l7/Xcxe6
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:23:09 2025 by rpki-client