Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A902E5D0D2E311EF84E45B89762E951A.roa
File: A902E5D0D2E311EF84E45B89762E951A.roa (raw, json)
Hash identifier: hKrWjydpyB2EAPMCdXLWMfBCNXdA7H3/srXPWY6u604=
Subject key identifier: BC:EE:5E:EB:C3:17:18:41:3C:C2:77:14:35:58:C3:2A:E4:CA:49:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B80
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A902E5D0D2E311EF84E45B89762E951A.roa
Signing time: Wed 15 Jan 2025 01:54:31 +0000
ROA not before: Wed 15 Jan 2025 01:54:27 +0000
ROA not after: Sat 03 Jan 2026 01:54:27 +0000
asID: 984
IP address blocks: 154.211.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80768 (0x13b80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 01:54:27 2025 GMT
Not After : Jan 3 01:54:27 2026 GMT
Subject: CN=67871557-f16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b0:1a:43:ff:de:9b:77:b0:03:61:2e:da:ae:
a9:87:9c:df:2a:76:9b:e4:3e:f3:18:3a:1b:a7:92:
a5:a0:3a:6c:e1:e4:48:c4:d1:10:16:f9:74:eb:fb:
a2:40:25:98:0a:2e:42:93:9e:7f:8b:96:b6:70:be:
22:19:f6:cb:af:11:46:c7:13:64:07:d6:79:10:83:
ab:6f:cd:01:e8:fe:df:2e:2a:d7:40:ea:4f:ab:6b:
36:a6:06:ed:22:0a:ba:7c:e2:ac:9c:7d:60:28:12:
c8:42:1f:a5:e7:58:5b:ea:ba:34:29:5e:5d:a3:f2:
b2:36:86:bb:8f:e8:d1:07:58:ea:ce:a6:1e:1a:cc:
8e:95:79:b7:38:0a:01:3e:35:b6:88:c4:ad:92:f1:
b7:bf:ec:45:08:87:9a:45:1d:8a:15:f7:90:6b:4c:
5a:cd:7a:34:d5:bd:16:0e:5d:97:91:1f:2a:d2:8e:
3f:b4:6c:46:eb:de:49:5e:63:95:31:3e:7f:04:60:
b7:1f:c9:d2:cf:4d:93:78:95:3f:62:70:36:9d:bd:
89:c0:ce:8e:38:a7:db:0a:ca:d2:41:61:dd:00:3b:
2f:6c:60:09:ba:8f:9b:e8:5e:a9:12:87:29:78:42:
b9:60:80:e3:dd:37:0f:42:62:a6:25:2a:60:9b:71:
81:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EE:5E:EB:C3:17:18:41:3C:C2:77:14:35:58:C3:2A:E4:CA:49:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A902E5D0D2E311EF84E45B89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.132.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:a6:5b:49:e7:09:7e:d0:6c:b9:ca:a9:f7:d3:96:31:fb:31:
ab:bd:3d:72:a9:cd:c5:0b:23:ef:bb:bc:9e:05:de:d4:f3:a8:
c7:9b:48:e2:a3:5c:60:b0:00:d7:87:00:29:76:ad:59:38:4d:
1c:45:27:8e:14:94:d5:f7:16:c9:3e:b5:e8:d0:a4:c9:3f:80:
8b:86:3c:6a:b3:2e:75:2f:79:76:40:17:cd:9d:59:c9:e1:af:
13:dd:1c:f9:01:ac:f5:7e:af:cc:79:72:59:5b:17:a1:4f:e0:
30:35:db:b9:2c:e2:a4:70:84:c9:dc:59:15:8f:b3:ab:55:2e:
67:bb:67:7f:c6:89:83:50:ff:43:6e:6b:cd:3b:dc:07:b5:e2:
d9:48:87:44:c4:e3:40:15:85:51:cc:61:aa:07:00:a0:0b:23:
b0:58:1d:54:e9:05:5a:4c:30:8b:69:24:72:bc:d5:d4:f2:57:
6b:c2:a7:2a:a9:f2:37:79:76:d9:a4:8d:99:c8:03:c8:f3:21:
b1:72:1f:ba:39:1b:9a:60:8c:c4:68:49:e9:51:f3:63:35:0f:
4f:bc:e4:1c:4c:08:f6:ab:ca:3f:36:ce:57:c7:a8:a4:bc:48:
88:81:2b:2a:ed:bb:81:b5:6a:d8:c8:c2:df:99:ec:4c:cf:c7:
a8:ec:09:d8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATuAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDE1NDI3WhcNMjYwMTAzMDE1NDI3WjAYMRYw
FAYDVQQDEw02Nzg3MTU1Ny1mMTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwLAaQ//em3ewA2Eu2q6ph5zfKnab5D7zGDobp5KloDps4eRIxNEQFvl0
6/uiQCWYCi5Ck55/i5a2cL4iGfbLrxFGxxNkB9Z5EIOrb80B6P7fLirXQOpPq2s2
pgbtIgq6fOKsnH1gKBLIQh+l51hb6ro0KV5do/KyNoa7j+jRB1jqzqYeGsyOlXm3
OAoBPjW2iMStkvG3v+xFCIeaRR2KFfeQa0xazXo01b0WDl2XkR8q0o4/tGxG695J
XmOVMT5/BGC3H8nSz02TeJU/YnA2nb2JwM6OOKfbCsrSQWHdADsvbGAJuo+b6F6p
EocpeEK5YIDj3TcPQmKmJSpgm3GBrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLzu
XuvDFxhBPMJ3FDVYwyrkykniMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOTAyRTVEMEQyRTMxMUVGODRFNDVCODk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtOEMA0GCSqGSIb3DQEB
CwUAA4IBAQAqpltJ5wl+0Gy5yqn305Yx+zGrvT1yqc3FCyPvu7yeBd7U86jHm0ji
o1xgsADXhwApdq1ZOE0cRSeOFJTV9xbJPrXo0KTJP4CLhjxqsy51L3l2QBfNnVnJ
4a8T3Rz5Aaz1fq/MeXJZWxehT+AwNdu5LOKkcITJ3FkVj7OrVS5nu2d/xomDUP9D
bmvNO9wHteLZSIdExONAFYVRzGGqBwCgCyOwWB1U6QVaTDCLaSRyvNXU8ldrwqcq
qfI3eXbZpI2ZyAPI8yGxch+6ORuaYIzEaEnpUfNjNQ9PvOQcTAj2q8o/Ns5Xx6ik
vEiIgSsq7buBtWrYyMLfmexMz8eo7AnY
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:00 2025 by rpki-client