Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B572F00CC8AD11EF99AE8EAF762E951A.roa
File: B572F00CC8AD11EF99AE8EAF762E951A.roa (raw, json)
Hash identifier: Pd0MVyP/bhoneDBJExQXjeW2OPO4ZTiqXICL0jTc/WM=
Subject key identifier: 2B:39:1E:B6:32:4D:AC:5D:0C:07:58:60:31:E3:FA:24:58:B9:13:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01318C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B572F00CC8AD11EF99AE8EAF762E951A.roa
Signing time: Thu 02 Jan 2025 02:03:07 +0000
ROA not before: Thu 02 Jan 2025 02:03:03 +0000
ROA not after: Mon 13 Dec 2027 02:03:03 +0000
asID: 17561
IP address blocks: 154.220.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78220 (0x1318c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 02:03:03 2025 GMT
Not After : Dec 13 02:03:03 2027 GMT
Subject: CN=6775f3db-3e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e4:98:cf:1e:2b:35:96:01:55:4c:fa:86:f9:
34:64:9d:97:87:6d:d8:9f:9d:5e:c1:f5:63:e6:45:
f6:de:9f:cc:be:3b:1c:c8:c8:4b:24:f5:4d:45:01:
11:b1:a8:97:63:32:f4:81:23:2f:06:6f:aa:37:75:
76:70:5e:05:51:17:25:54:89:82:fb:ec:38:9a:d9:
48:28:a2:d3:0b:a3:9b:7f:b6:10:bb:85:8e:ca:af:
21:d3:45:9e:54:da:d3:1e:b6:8f:7a:f6:c1:ba:7f:
8b:6e:a1:e2:38:da:10:d2:a6:4a:c4:52:5c:d7:4c:
e6:1a:ce:0d:98:2d:59:bf:e5:47:30:80:e7:0f:da:
b6:9f:39:71:58:24:cb:67:98:14:94:be:ce:07:76:
59:e9:64:01:49:af:ce:fe:eb:5c:d4:b1:f9:07:f0:
db:f8:e2:9c:29:31:fb:8a:de:39:05:8d:9e:9e:df:
09:90:bc:f7:6d:eb:c3:1b:bf:fc:85:f7:b0:f8:e2:
92:1d:ee:93:4f:c3:9d:42:0b:9c:8c:77:da:0e:f8:
50:c2:d2:e3:50:ef:f5:b5:c1:5e:10:61:84:ca:b0:
52:27:17:a1:a4:ab:43:c4:09:c6:14:5c:1b:46:0a:
d2:2f:70:72:71:de:a3:64:4e:d8:e0:cc:98:a1:ca:
fc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:39:1E:B6:32:4D:AC:5D:0C:07:58:60:31:E3:FA:24:58:B9:13:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B572F00CC8AD11EF99AE8EAF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.161.0/24
Signature Algorithm: sha256WithRSAEncryption
29:de:08:19:51:da:fc:fc:ad:13:34:c8:01:fa:16:e7:e9:95:
52:eb:f5:ca:c4:3c:0e:d8:76:ed:38:09:57:01:42:35:2f:c0:
67:40:fb:1b:d6:8b:bd:1b:c3:01:d2:37:14:68:3e:92:a1:e9:
da:d8:a8:37:ef:03:e6:04:73:49:96:53:0c:85:72:2b:08:4b:
e7:ec:8c:d7:76:c0:27:d6:d2:57:a7:72:8c:70:c4:6a:70:fa:
25:c8:d2:e2:59:cd:a4:fa:f0:c2:a4:18:6a:4c:56:a0:7e:3f:
38:42:5b:2c:e9:ed:5f:ac:f8:26:4b:02:fa:d7:8c:ad:f3:a2:
b2:9b:36:9f:81:8d:67:3b:0a:43:3f:be:f9:31:ab:c9:a3:dc:
b9:f7:51:3f:fb:d7:21:2f:4a:e6:2d:36:bd:33:3d:f6:a6:1c:
d6:f1:92:1a:6d:fa:9f:1e:28:7e:10:7d:7f:d5:2b:85:cd:16:
75:39:b5:16:b6:89:02:b5:9a:32:3a:05:78:93:3c:3c:ec:6e:
75:ff:21:67:c8:42:41:a2:52:3d:a3:79:3e:b8:26:01:f0:fe:
63:27:c2:b7:46:7d:bb:14:86:b7:ae:73:ae:70:7d:2a:be:4e:
67:54:3e:43:03:43:a1:54:f7:ea:bb:c9:8f:7a:04:f5:e4:2e:
98:d4:b6:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATGMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDIwMzAzWhcNMjcxMjEzMDIwMzAzWjAYMRYw
FAYDVQQDEw02Nzc1ZjNkYi0zZTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAteSYzx4rNZYBVUz6hvk0ZJ2Xh23Yn51ewfVj5kX23p/MvjscyMhLJPVN
RQERsaiXYzL0gSMvBm+qN3V2cF4FURclVImC++w4mtlIKKLTC6Obf7YQu4WOyq8h
00WeVNrTHraPevbBun+LbqHiONoQ0qZKxFJc10zmGs4NmC1Zv+VHMIDnD9q2nzlx
WCTLZ5gUlL7OB3ZZ6WQBSa/O/utc1LH5B/Db+OKcKTH7it45BY2ent8JkLz3bevD
G7/8hfew+OKSHe6TT8OdQgucjHfaDvhQwtLjUO/1tcFeEGGEyrBSJxehpKtDxAnG
FFwbRgrSL3Bycd6jZE7Y4MyYocr8bQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCs5
HrYyTaxdDAdYYDHj+iRYuROkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNTcyRjAwQ0M4QUQxMUVGOTlBRThFQUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtyhMA0GCSqGSIb3DQEB
CwUAA4IBAQAp3ggZUdr8/K0TNMgB+hbn6ZVS6/XKxDwO2HbtOAlXAUI1L8BnQPsb
1ou9G8MB0jcUaD6Soena2Kg37wPmBHNJllMMhXIrCEvn7IzXdsAn1tJXp3KMcMRq
cPolyNLiWc2k+vDCpBhqTFagfj84Qlss6e1frPgmSwL614yt86KymzafgY1nOwpD
P775MavJo9y591E/+9chL0rmLTa9Mz32phzW8ZIabfqfHih+EH1/1SuFzRZ1ObUW
tokCtZoyOgV4kzw87G51/yFnyEJBolI9o3k+uCYB8P5jJ8K3Rn27FIa3rnOucH0q
vk5nVD5DA0OhVPfqu8mPegT15C6Y1LaG
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:09 2025 by rpki-client