Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8C27C56E31011EFB54E7456762E951A.roa
File: A8C27C56E31011EFB54E7456762E951A.roa (raw, json)
Hash identifier: n5/F9QTVEqhFWf52Y5sdq+fRgvQMRmwgQYm2W8Psd8s=
Subject key identifier: 24:C1:5C:41:CA:51:F5:D5:D7:07:22:8E:13:2E:5D:D6:08:61:DD:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015103
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8C27C56E31011EFB54E7456762E951A.roa
Signing time: Tue 04 Feb 2025 15:56:56 +0000
ROA not before: Tue 04 Feb 2025 15:56:52 +0000
ROA not after: Wed 30 Apr 2025 15:56:52 +0000
asID: 18229
IP address blocks: 154.210.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86275 (0x15103)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 15:56:52 2025 GMT
Not After : Apr 30 15:56:52 2025 GMT
Subject: CN=67a238c8-aff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:60:87:d5:38:3b:bc:11:00:c7:fb:fe:65:89:
ad:fd:6e:97:84:41:62:d1:c6:fc:c5:40:da:77:9f:
b2:42:f4:27:40:c4:60:0a:b4:c0:a6:6b:61:f5:5a:
71:ed:be:1d:74:ab:5f:cf:d4:91:bb:04:8e:9e:cb:
68:bf:06:bb:19:ba:c2:9a:90:8c:b2:e5:72:d1:df:
b8:32:80:38:59:11:13:07:2f:9c:e8:18:45:72:20:
bb:7e:a1:0f:6e:e9:4c:40:43:bb:3b:4b:1f:2c:7a:
1b:16:26:b6:c9:9d:5e:49:35:da:a6:5d:a8:a4:df:
ce:f8:2b:28:0b:04:de:f2:ca:04:60:7d:2c:c7:89:
fa:df:5b:b5:9b:0c:e4:86:d7:5e:ec:7b:1e:cb:82:
4f:e1:ae:0b:b7:12:11:85:2e:11:8a:fe:e6:75:48:
78:40:47:0b:0c:16:20:e5:bc:a3:55:42:67:82:9e:
d8:59:3b:dd:55:8c:70:4d:49:1f:a9:55:a8:5c:8d:
23:39:09:2f:bd:57:8d:72:45:f5:30:51:e9:1f:8d:
78:24:58:7b:1f:86:41:b2:b1:e2:1c:1b:c7:35:9e:
d1:6e:27:13:09:d7:4c:6e:7a:17:39:90:56:ab:cf:
80:39:65:dd:70:36:67:92:67:b7:55:89:20:5f:c5:
71:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C1:5C:41:CA:51:F5:D5:D7:07:22:8E:13:2E:5D:D6:08:61:DD:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8C27C56E31011EFB54E7456762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.129.0/24
Signature Algorithm: sha256WithRSAEncryption
35:12:f3:4c:c6:e6:7c:99:a9:6d:fb:b1:a8:5d:1d:db:c4:f7:
c7:fd:24:f1:55:99:c6:c1:65:84:e2:d1:41:40:b5:a2:c2:9e:
04:5b:d0:f9:62:03:f3:64:96:b0:35:19:fc:42:9f:8c:47:ab:
f8:d8:db:b2:4f:5e:4c:90:f6:99:d2:39:d3:14:87:2e:9e:50:
64:b0:02:c7:26:f8:a2:5b:b7:50:26:fd:de:83:6b:de:99:35:
e0:7a:b3:b0:cd:d2:94:a7:04:30:02:9a:03:45:4a:c4:f0:83:
28:f5:ad:56:d9:4a:4d:5f:df:91:bb:6d:1d:c0:18:c0:c0:a0:
70:46:26:ff:b8:bf:2a:72:0b:9d:eb:39:65:64:44:ac:df:04:
b0:7b:89:97:69:57:fb:b6:5f:4e:c5:48:51:bb:10:a4:87:82:
04:b0:d6:0a:ab:49:f1:bc:df:78:8a:2b:cd:91:6e:ad:e8:df:
79:b0:f5:4b:2e:17:7e:58:60:12:e3:23:6e:f9:cb:b7:c8:f4:
2a:63:bf:31:b7:dd:83:d8:eb:ea:3a:0f:ca:ff:e9:bf:4e:3d:
db:ed:83:b1:50:d4:dd:83:f3:b3:e2:bd:1e:99:0a:20:58:f6:
9d:18:53:05:58:da:a7:9e:65:f2:21:49:48:b1:c9:22:5c:be:
95:f2:cd:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVEDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MTU1NjUyWhcNMjUwNDMwMTU1NjUyWjAYMRYw
FAYDVQQDEw02N2EyMzhjOC1hZmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo2CH1Tg7vBEAx/v+ZYmt/W6XhEFi0cb8xUDad5+yQvQnQMRgCrTApmth
9Vpx7b4ddKtfz9SRuwSOnstovwa7GbrCmpCMsuVy0d+4MoA4WRETBy+c6BhFciC7
fqEPbulMQEO7O0sfLHobFia2yZ1eSTXapl2opN/O+CsoCwTe8soEYH0sx4n631u1
mwzkhtde7Hsey4JP4a4LtxIRhS4Riv7mdUh4QEcLDBYg5byjVUJngp7YWTvdVYxw
TUkfqVWoXI0jOQkvvVeNckX1MFHpH414JFh7H4ZBsrHiHBvHNZ7RbicTCddMbnoX
OZBWq8+AOWXdcDZnkme3VYkgX8VxewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCTB
XEHKUfXV1wcijhMuXdYIYd0rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOEMyN0M1NkUzMTAxMUVGQjU0RTc0NTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKBMA0GCSqGSIb3DQEB
CwUAA4IBAQA1EvNMxuZ8malt+7GoXR3bxPfH/STxVZnGwWWE4tFBQLWiwp4EW9D5
YgPzZJawNRn8Qp+MR6v42NuyT15MkPaZ0jnTFIcunlBksALHJviiW7dQJv3eg2ve
mTXgerOwzdKUpwQwApoDRUrE8IMo9a1W2UpNX9+Ru20dwBjAwKBwRib/uL8qcgud
6zllZESs3wSwe4mXaVf7tl9OxUhRuxCkh4IEsNYKq0nxvN94iivNkW6t6N95sPVL
Lhd+WGAS4yNu+cu3yPQqY78xt92D2OvqOg/K/+m/Tj3b7YOxUNTdg/Oz4r0emQog
WPadGFMFWNqnnmXyIUlIsckiXL6V8s0a
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:26:40 2025 by rpki-client