Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A65B97FAF47B11EFBE446265762E951A.roa
File: A65B97FAF47B11EFBE446265762E951A.roa (raw, json)
Hash identifier: tExbvVcKIugnygFCBEifvOpApTntFTWgm/cRCivRlDY=
Subject key identifier: EA:D0:1B:7B:1C:C6:83:D0:F0:BE:3F:86:68:E0:98:BF:C0:E8:44:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0165CF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A65B97FAF47B11EFBE446265762E951A.roa
Signing time: Wed 26 Feb 2025 19:55:38 +0000
ROA not before: Wed 26 Feb 2025 19:55:34 +0000
ROA not after: Sat 19 Feb 2028 19:55:34 +0000
asID: 17561
IP address blocks: 154.218.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91599 (0x165cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 19:55:34 2025 GMT
Not After : Feb 19 19:55:34 2028 GMT
Subject: CN=67bf71ba-4871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1a:62:23:74:52:03:2c:52:89:d6:29:61:05:
fa:86:e8:b1:57:62:07:23:94:3c:31:28:33:5f:8b:
49:14:70:83:64:b2:b4:b6:32:32:3d:89:c5:fe:46:
10:66:8b:4a:73:f3:61:fd:57:28:6c:93:c9:20:86:
c4:60:d2:9b:f5:8f:19:df:9d:c5:3d:35:4e:4a:8f:
97:27:26:e6:2e:55:c7:02:44:fa:51:01:6b:5d:e9:
b9:f8:e7:65:f2:ea:b5:b1:8c:85:e1:24:53:e5:dd:
57:ac:0b:e3:58:04:0b:c7:7a:eb:80:7b:74:3a:6a:
fa:5b:83:9a:0a:a6:1f:47:82:a0:ed:d4:3e:66:59:
e0:70:3b:2a:32:ef:b7:70:cd:12:6d:ce:b5:c5:8c:
eb:91:1f:0f:fb:b0:de:1d:56:5d:04:92:ed:1b:0c:
1e:f8:82:db:5f:ac:dd:67:1a:ea:42:ef:e1:3e:92:
2d:e2:60:f0:b2:28:54:dd:54:06:cd:96:4e:3e:4d:
1c:d2:a9:f9:f8:c9:5a:62:c0:47:20:b5:62:b2:f3:
4e:1e:4a:4f:79:3d:86:85:e7:43:49:92:33:79:bd:
b3:93:60:0b:48:fe:74:98:d0:b8:8a:f0:52:cf:35:
94:73:cd:a4:4c:e3:46:b8:e9:93:4f:ab:31:f4:59:
46:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D0:1B:7B:1C:C6:83:D0:F0:BE:3F:86:68:E0:98:BF:C0:E8:44:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A65B97FAF47B11EFBE446265762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.55.0/24
Signature Algorithm: sha256WithRSAEncryption
18:2e:5c:d7:08:d3:62:85:18:36:80:76:52:9f:90:f4:b1:32:
a6:1b:52:fb:95:87:e5:f2:00:6e:36:cb:f0:ec:de:6d:52:a0:
6b:ce:98:91:60:ef:a9:b5:80:f6:30:4b:8a:f9:fe:6b:59:65:
06:fa:bd:17:0e:02:f1:63:1b:3e:06:aa:59:ef:24:3a:5f:ad:
ce:a8:b7:0a:ab:68:66:bd:9f:5f:4b:68:4d:13:76:7c:1c:ed:
da:db:60:3c:f4:ee:35:8a:22:f3:27:2c:14:df:10:9a:df:49:
99:00:02:78:20:a4:89:dd:b9:f9:7e:2c:4a:ee:69:79:03:c1:
5e:fd:cb:c3:d3:6e:87:9d:1d:b3:b5:90:da:df:14:4f:5e:b5:
20:cf:56:0d:66:0a:f4:c5:c2:b4:f8:4f:48:c5:b3:5c:8b:81:
3c:8b:7d:c3:48:0d:36:96:4b:b5:a5:1d:06:65:0c:30:23:1a:
5c:b0:5e:78:51:9c:94:ef:e1:7f:c1:e5:ac:ce:a6:e3:66:e6:
d3:b3:f9:50:b3:64:30:f3:15:24:d1:2c:09:3b:5d:9e:07:8c:
a2:65:bf:e1:ce:32:06:c1:e2:2d:21:ff:28:68:9e:f1:71:56:
0b:88:f6:e8:c3:64:0f:41:21:fb:a0:35:ac:5c:40:4b:88:40:
71:2d:49:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWXPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTk1NTM0WhcNMjgwMjE5MTk1NTM0WjAYMRYw
FAYDVQQDEw02N2JmNzFiYS00ODcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2RpiI3RSAyxSidYpYQX6huixV2IHI5Q8MSgzX4tJFHCDZLK0tjIyPYnF
/kYQZotKc/Nh/VcobJPJIIbEYNKb9Y8Z353FPTVOSo+XJybmLlXHAkT6UQFrXem5
+Odl8uq1sYyF4SRT5d1XrAvjWAQLx3rrgHt0Omr6W4OaCqYfR4Kg7dQ+ZlngcDsq
Mu+3cM0Sbc61xYzrkR8P+7DeHVZdBJLtGwwe+ILbX6zdZxrqQu/hPpIt4mDwsihU
3VQGzZZOPk0c0qn5+MlaYsBHILVisvNOHkpPeT2GhedDSZIzeb2zk2ALSP50mNC4
ivBSzzWUc82kTONGuOmTT6sx9FlGxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOrQ
G3scxoPQ8L4/hmjgmL/A6ERNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNjVCOTdGQUY0N0IxMUVGQkU0NDYyNjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmto3MA0GCSqGSIb3DQEB
CwUAA4IBAQAYLlzXCNNihRg2gHZSn5D0sTKmG1L7lYfl8gBuNsvw7N5tUqBrzpiR
YO+ptYD2MEuK+f5rWWUG+r0XDgLxYxs+BqpZ7yQ6X63OqLcKq2hmvZ9fS2hNE3Z8
HO3a22A89O41iiLzJywU3xCa30mZAAJ4IKSJ3bn5fixK7ml5A8Fe/cvD026HnR2z
tZDa3xRPXrUgz1YNZgr0xcK0+E9IxbNci4E8i33DSA02lku1pR0GZQwwIxpcsF54
UZyU7+F/weWszqbjZubTs/lQs2Qw8xUk0SwJO12eB4yiZb/hzjIGweItIf8oaJ7x
cVYLiPbow2QPQSH7oDWsXEBLiEBxLUn1
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:43 2025 by rpki-client