Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC9B886A0CB711F09EFEB77B762E951A.roa
File: AC9B886A0CB711F09EFEB77B762E951A.roa (raw, json)
Hash identifier: DZ6YrAMLjCvaT18+HZTz4LfagFeMqBpEiAvsWe+ECDA=
Subject key identifier: 58:CB:FF:83:5B:1B:69:5C:7E:C9:50:63:A3:7F:C9:94:79:6B:D5:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC9B886A0CB711F09EFEB77B762E951A.roa
Signing time: Sat 29 Mar 2025 16:05:46 +0000
ROA not before: Sat 29 Mar 2025 16:05:42 +0000
ROA not after: Sun 06 Apr 2025 16:05:42 +0000
asID: 136970
IP address blocks: 154.92.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95934 (0x176be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 16:05:42 2025 GMT
Not After : Apr 6 16:05:42 2025 GMT
Subject: CN=67e81a5a-c4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:13:e9:88:56:6e:cf:47:d6:de:ff:bd:51:12:
4b:e5:58:dc:a3:e1:4e:20:62:bc:ff:d0:36:17:35:
57:46:1d:a5:2b:de:75:e9:01:60:4e:1f:84:ec:fa:
ac:d4:f8:c3:be:00:21:cc:aa:29:4c:03:2e:67:ef:
f8:6c:73:73:40:9d:81:54:71:c3:39:72:17:98:1d:
5a:7d:04:f2:de:de:f7:c8:5c:9d:d6:93:bc:0b:2d:
db:6b:67:83:61:a3:bf:24:83:0a:03:1a:12:5f:d3:
8b:0f:6e:a1:88:89:33:4a:cc:0b:57:c6:ad:99:cb:
bb:99:f4:3a:08:44:bb:e3:25:75:bb:2b:db:79:7e:
98:79:fa:95:5e:99:a0:49:99:ee:6a:46:1e:bb:54:
00:2a:e2:2b:f4:88:69:b6:48:a9:cf:90:49:87:88:
bc:87:b0:f4:c5:47:25:45:bf:30:3c:e8:df:8b:56:
71:5f:9f:fd:1f:cd:39:61:fa:07:d2:44:fa:0f:a8:
1f:d1:98:20:2f:54:db:90:c6:e5:cc:53:b1:0a:89:
63:79:a2:22:14:89:68:76:95:47:22:53:f7:5a:b5:
36:b5:d9:dd:f0:35:95:31:32:cf:93:9c:f2:77:23:
e9:94:7e:16:a9:69:78:b5:db:0c:4f:f1:82:23:6c:
06:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CB:FF:83:5B:1B:69:5C:7E:C9:50:63:A3:7F:C9:94:79:6B:D5:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC9B886A0CB711F09EFEB77B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.20.0/24
Signature Algorithm: sha256WithRSAEncryption
00:54:2f:c3:b5:88:ea:59:2e:04:34:f0:d5:b3:83:61:9d:c8:
05:92:6f:f7:0f:92:1a:3d:81:c5:f4:b1:d5:c6:6f:09:8f:e2:
0d:1f:b4:bf:95:32:25:d1:ba:74:6d:24:79:8b:26:1c:c9:a1:
b7:e6:8d:9a:e8:d3:03:dc:95:69:62:53:16:67:dd:9b:56:ab:
74:96:a9:98:27:21:db:17:91:e6:3e:6d:83:b0:2a:cd:a3:dc:
dd:fc:5f:74:3e:19:f6:70:39:e9:1e:42:40:2c:47:74:bf:83:
0c:e9:03:f1:34:34:fa:c2:0d:d3:4b:84:a8:f4:be:39:ed:88:
61:4e:83:97:82:dd:eb:58:ed:6f:a1:d7:e6:2d:19:8a:e8:98:
ad:47:f8:a9:67:92:de:32:19:67:e1:5b:28:b5:45:6a:44:34:
a2:9c:a4:c4:73:b6:c4:67:4a:73:b4:43:09:03:80:ff:7c:00:
6c:bf:02:48:a0:f2:85:7f:a8:b3:c2:78:26:1f:f6:74:8c:5e:
f0:11:33:bc:d7:42:33:c9:66:6f:7e:87:2e:69:2a:99:73:08:
9e:60:17:6f:88:38:95:26:9b:b4:99:3a:4d:8d:29:e2:89:86:
8c:e7:cf:02:7b:d6:98:da:d5:ee:3c:aa:cf:1b:0b:72:96:cc:
dd:a5:ff:f8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXa+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTYwNTQyWhcNMjUwNDA2MTYwNTQyWjAYMRYw
FAYDVQQDEw02N2U4MWE1YS1jNGNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyBPpiFZuz0fW3v+9URJL5Vjco+FOIGK8/9A2FzVXRh2lK9516QFgTh+E
7Pqs1PjDvgAhzKopTAMuZ+/4bHNzQJ2BVHHDOXIXmB1afQTy3t73yFyd1pO8Cy3b
a2eDYaO/JIMKAxoSX9OLD26hiIkzSswLV8atmcu7mfQ6CES74yV1uyvbeX6YefqV
XpmgSZnuakYeu1QAKuIr9Ihptkipz5BJh4i8h7D0xUclRb8wPOjfi1ZxX5/9H805
YfoH0kT6D6gf0ZggL1TbkMblzFOxColjeaIiFIlodpVHIlP3WrU2tdnd8DWVMTLP
k5zydyPplH4WqWl4tdsMT/GCI2wGgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFjL
/4NbG2lcfslQY6N/yZR5a9XtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQzlCODg2QTBDQjcxMUYwOUVGRUI3N0I3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlwUMA0GCSqGSIb3DQEB
CwUAA4IBAQAAVC/DtYjqWS4ENPDVs4NhncgFkm/3D5IaPYHF9LHVxm8Jj+INH7S/
lTIl0bp0bSR5iyYcyaG35o2a6NMD3JVpYlMWZ92bVqt0lqmYJyHbF5HmPm2DsCrN
o9zd/F90Phn2cDnpHkJALEd0v4MM6QPxNDT6wg3TS4So9L457YhhToOXgt3rWO1v
odfmLRmK6JitR/ipZ5LeMhln4VsotUVqRDSinKTEc7bEZ0pztEMJA4D/fABsvwJI
oPKFf6izwngmH/Z0jF7wETO810IzyWZvfocuaSqZcwieYBdviDiVJpu0mTpNjSni
iYaM588Ce9aY2tXuPKrPGwtylszdpf/4
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:47:10 2025 by rpki-client