Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2C95A54C8BB11EFA7022594762E951A.roa
File: B2C95A54C8BB11EFA7022594762E951A.roa (raw, json)
Hash identifier: lXaCc6XNgWuaCcsPjhon6wpLUUwU1M17BYvoEP7aGWs=
Subject key identifier: 39:6A:CB:63:90:B1:A2:7F:89:B4:05:B6:8E:56:A8:A6:CD:27:CD:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0131D4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2C95A54C8BB11EFA7022594762E951A.roa
Signing time: Thu 02 Jan 2025 03:43:15 +0000
ROA not before: Thu 02 Jan 2025 03:43:12 +0000
ROA not after: Sat 13 Dec 2025 03:43:12 +0000
asID: 984
IP address blocks: 154.221.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78292 (0x131d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 03:43:12 2025 GMT
Not After : Dec 13 03:43:12 2025 GMT
Subject: CN=67760b53-0d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a8:83:fb:0a:d3:20:30:9a:63:a2:55:53:53:
c5:ba:3b:27:90:38:6c:7e:4c:22:2c:38:b4:9b:f4:
92:34:c7:97:d4:c2:bd:92:83:9c:33:ed:4a:12:31:
50:0e:85:67:28:51:ed:6a:17:6d:4d:30:aa:18:48:
f0:20:ed:12:91:86:a2:90:58:54:75:ca:2c:e9:78:
91:b8:5e:dc:22:e4:20:2e:91:1f:92:fe:cd:94:5d:
46:b6:45:6e:b8:e3:fb:36:d1:13:1e:58:de:b1:a4:
63:a8:b7:02:d4:ad:05:4f:cf:c5:41:50:91:e9:fc:
f8:5e:e2:9a:8c:83:3e:3f:bf:b0:14:1a:1e:67:a9:
c0:66:d4:50:6b:a3:20:63:14:31:f8:fe:ee:bd:fa:
b7:d3:51:23:4f:a2:bb:00:23:c7:0b:09:f2:61:46:
5d:35:9c:7e:27:6a:63:6e:88:d6:16:94:27:56:90:
70:50:a3:b6:e2:73:75:89:1a:42:37:b8:ff:11:ec:
ed:bf:61:46:9e:68:8e:0a:9b:b7:1a:8d:b7:49:46:
75:43:7b:b3:7b:04:ac:52:c6:9c:c3:9c:22:f1:9e:
ba:c3:35:20:d2:2a:3a:79:f2:3c:94:70:ae:bc:f6:
e5:b5:ac:cf:70:f9:5a:ff:e8:48:f7:5c:d0:b1:98:
59:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6A:CB:63:90:B1:A2:7F:89:B4:05:B6:8E:56:A8:A6:CD:27:CD:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2C95A54C8BB11EFA7022594762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.42.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:0c:1f:60:98:6c:23:ed:7e:18:b8:4c:4b:7f:07:05:56:07:
d5:fb:b8:7d:9d:6b:74:33:98:e6:5d:cf:8a:95:6d:8d:fa:10:
cf:1e:c2:88:86:3d:f4:50:75:b7:a2:11:a9:01:9d:6e:64:4f:
0b:3e:eb:a3:90:e2:05:a7:06:0e:5d:16:dd:5b:8e:d2:98:4e:
02:64:0c:b6:e8:dd:7e:51:5f:40:36:1a:cf:b6:59:08:9d:ff:
2f:47:48:65:79:e6:23:bd:0d:12:06:69:bc:97:4e:56:de:37:
60:e6:e4:0e:c3:fc:29:ca:37:58:ca:8d:a7:8c:f7:1c:93:92:
61:d8:ae:78:6a:0c:82:f0:a0:f0:7a:39:27:57:97:75:43:2a:
c9:3b:95:a7:b9:a5:9f:9b:43:40:cb:92:3e:16:76:bc:5a:c1:
50:c4:1c:1d:a9:03:d8:e3:71:b3:aa:61:d3:ee:a1:5c:94:59:
29:30:ca:9d:00:13:b4:9e:4e:5a:df:ff:8c:80:24:62:a3:ef:
b0:f6:77:8d:76:c3:4d:d2:ba:72:ba:56:4f:65:25:c8:fd:21:
a1:97:e6:aa:23:b4:4e:b3:09:4c:5b:e9:45:67:61:fa:e5:46:
44:20:3c:49:d3:42:4c:ae:d4:fe:ff:bb:55:7a:ec:7a:fd:ba:
eb:a7:9e:ac
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATHUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDM0MzEyWhcNMjUxMjEzMDM0MzEyWjAYMRYw
FAYDVQQDEw02Nzc2MGI1My0wZDkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq6iD+wrTIDCaY6JVU1PFujsnkDhsfkwiLDi0m/SSNMeX1MK9koOcM+1K
EjFQDoVnKFHtahdtTTCqGEjwIO0SkYaikFhUdcos6XiRuF7cIuQgLpEfkv7NlF1G
tkVuuOP7NtETHljesaRjqLcC1K0FT8/FQVCR6fz4XuKajIM+P7+wFBoeZ6nAZtRQ
a6MgYxQx+P7uvfq301EjT6K7ACPHCwnyYUZdNZx+J2pjbojWFpQnVpBwUKO24nN1
iRpCN7j/Eeztv2FGnmiOCpu3Go23SUZ1Q3uzewSsUsacw5wi8Z66wzUg0io6efI8
lHCuvPbltazPcPla/+hI91zQsZhZIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDlq
y2OQsaJ/ibQFto5WqKbNJ82PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMkM5NUE1NEM4QkIxMUVGQTcwMjI1OTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt0qMA0GCSqGSIb3DQEB
CwUAA4IBAQDNDB9gmGwj7X4YuExLfwcFVgfV+7h9nWt0M5jmXc+KlW2N+hDPHsKI
hj30UHW3ohGpAZ1uZE8LPuujkOIFpwYOXRbdW47SmE4CZAy26N1+UV9ANhrPtlkI
nf8vR0hleeYjvQ0SBmm8l05W3jdg5uQOw/wpyjdYyo2njPcck5Jh2K54agyC8KDw
ejknV5d1QyrJO5WnuaWfm0NAy5I+Fna8WsFQxBwdqQPY43GzqmHT7qFclFkpMMqd
ABO0nk5a3/+MgCRio++w9neNdsNN0rpyulZPZSXI/SGhl+aqI7ROswlMW+lFZ2H6
5UZEIDxJ00JMrtT+/7tVeux6/brrp56s
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:15:09 2025 by rpki-client