Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1C2C630D99211EF90E4F355762E951A.roa
File: B1C2C630D99211EF90E4F355762E951A.roa (raw, json)
Hash identifier: 5ie0hNqmh5Lj0oQpAASFr/x3gNF/mp77RUwzA2bVhHU=
Subject key identifier: 0B:08:27:A8:77:93:4C:60:D6:7D:D9:8F:6C:8F:B2:4F:A4:95:76:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01429C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1C2C630D99211EF90E4F355762E951A.roa
Signing time: Thu 23 Jan 2025 14:02:34 +0000
ROA not before: Thu 23 Jan 2025 14:02:31 +0000
ROA not after: Tue 13 May 2025 14:02:31 +0000
asID: 138915
IP address blocks: 154.205.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82588 (0x1429c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 23 14:02:31 2025 GMT
Not After : May 13 14:02:31 2025 GMT
Subject: CN=67924bfa-26e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ef:a7:e8:84:70:99:2d:ff:29:60:93:01:27:
57:1f:0e:61:36:74:0a:20:36:5b:ee:8d:ec:fc:8d:
b5:17:db:21:04:21:07:80:72:45:5d:11:d7:98:e7:
80:1a:dd:bf:0a:53:8b:ea:1a:66:f3:7c:a4:2b:f5:
e6:f4:2f:8f:ce:c4:92:90:49:14:df:1f:ea:e6:53:
fb:6d:36:16:92:13:b9:8e:56:02:f7:81:d4:42:43:
27:c7:bd:f9:c6:55:ae:8b:b9:21:ce:4f:9c:60:9d:
5e:1c:97:ff:67:f6:64:8d:ee:c0:72:e4:52:e0:e2:
d6:90:45:15:00:8f:dd:3f:20:cb:59:ad:cf:a5:08:
c3:3d:f1:e7:17:92:ae:ce:67:3e:08:30:be:54:d2:
4d:82:74:3e:c3:72:bb:35:46:26:6e:82:62:e7:ac:
b8:fc:d4:9e:c5:ca:1d:a5:2d:53:d7:4f:56:9e:cd:
a0:a3:1d:f1:86:9b:5e:5b:de:3b:29:ea:51:fe:91:
bf:ee:cb:cd:9c:b3:cc:b7:2e:e9:dc:1f:6a:b1:73:
5d:d6:42:c4:0d:86:2f:1a:2a:91:6c:f4:f0:bd:14:
3a:f0:b3:d1:2e:b4:79:e8:60:c3:d6:c6:fe:1e:90:
8f:2e:dc:02:4a:f7:eb:7b:95:8c:5e:31:5a:29:55:
f6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:08:27:A8:77:93:4C:60:D6:7D:D9:8F:6C:8F:B2:4F:A4:95:76:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1C2C630D99211EF90E4F355762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.144.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a5:b1:49:22:98:04:14:ba:6f:c9:cd:5b:5f:49:43:96:d2:
b5:ae:16:30:c4:68:31:77:ae:da:06:72:4f:d7:39:14:38:69:
b6:05:6b:6f:10:55:45:9d:e5:71:8c:b9:ec:dc:24:b2:a2:dc:
02:e0:af:50:e1:d0:4c:e7:c0:6f:9b:ad:2e:93:b7:12:7b:59:
5c:21:8f:ea:6c:38:83:8d:4f:1b:61:d8:b5:3e:2f:da:90:db:
7d:7f:84:78:99:85:e7:de:21:fc:99:e7:27:bb:b8:ad:40:bf:
52:a5:03:a6:8e:95:23:48:b6:47:18:1f:07:e5:02:2a:ed:4a:
dd:6f:a2:d1:fd:b5:a3:6b:31:10:9b:58:5e:31:cf:14:56:2d:
af:39:34:e0:34:03:5c:b0:82:43:e7:79:12:e2:c5:36:de:d7:
df:37:1e:3a:6c:18:00:b3:85:b0:a0:ba:ae:bb:25:85:69:50:
dd:bd:55:bd:36:68:15:1e:75:f8:b4:47:bb:1f:c4:58:a7:b5:
c8:a4:21:9b:15:b7:ca:2e:28:60:1d:75:3d:5c:20:ba:b0:9f:
0d:19:4b:77:7a:50:60:33:9a:4c:2b:a1:fc:56:88:17:a9:43:
38:a0:ee:97:dd:7a:82:6e:b2:9f:4b:6e:de:f5:b0:83:c4:15:
44:39:12:83
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUKcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTQwMjMxWhcNMjUwNTEzMTQwMjMxWjAYMRYw
FAYDVQQDEw02NzkyNGJmYS0yNmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr++n6IRwmS3/KWCTASdXHw5hNnQKIDZb7o3s/I21F9shBCEHgHJFXRHX
mOeAGt2/ClOL6hpm83ykK/Xm9C+PzsSSkEkU3x/q5lP7bTYWkhO5jlYC94HUQkMn
x735xlWui7khzk+cYJ1eHJf/Z/Zkje7AcuRS4OLWkEUVAI/dPyDLWa3PpQjDPfHn
F5Kuzmc+CDC+VNJNgnQ+w3K7NUYmboJi56y4/NSexcodpS1T109Wns2gox3xhpte
W947KepR/pG/7svNnLPMty7p3B9qsXNd1kLEDYYvGiqRbPTwvRQ68LPRLrR56GDD
1sb+HpCPLtwCSvfre5WMXjFaKVX2ZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAsI
J6h3k0xg1n3Zj2yPsk+klXZRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMUMyQzYzMEQ5OTIxMUVGOTBFNEYzNTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2QMA0GCSqGSIb3DQEB
CwUAA4IBAQBIpbFJIpgEFLpvyc1bX0lDltK1rhYwxGgxd67aBnJP1zkUOGm2BWtv
EFVFneVxjLns3CSyotwC4K9Q4dBM58Bvm60uk7cSe1lcIY/qbDiDjU8bYdi1Pi/a
kNt9f4R4mYXn3iH8mecnu7itQL9SpQOmjpUjSLZHGB8H5QIq7Urdb6LR/bWjazEQ
m1heMc8UVi2vOTTgNANcsIJD53kS4sU23tffNx46bBgAs4WwoLquuyWFaVDdvVW9
NmgVHnX4tEe7H8RYp7XIpCGbFbfKLihgHXU9XCC6sJ8NGUt3elBgM5pMK6H8VogX
qUM4oO6X3XqCbrKfS27e9bCDxBVEORKD
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:58:56 2025 by rpki-client