Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B733B528C92211EFAD1AB696762E951A.roa
File: B733B528C92211EFAD1AB696762E951A.roa (raw, json)
Hash identifier: bG8zUnHh6rWW49fODGqZJpBmO9f8aehZxR6I5odrBso=
Subject key identifier: B2:89:56:D7:5F:7B:BE:A7:88:59:D0:95:DB:D4:AF:11:9C:E0:7D:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013339
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B733B528C92211EFAD1AB696762E951A.roa
Signing time: Thu 02 Jan 2025 16:00:41 +0000
ROA not before: Thu 02 Jan 2025 16:00:37 +0000
ROA not after: Sat 13 Dec 2025 16:00:37 +0000
asID: 984
IP address blocks: 154.222.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78649 (0x13339)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 16:00:37 2025 GMT
Not After : Dec 13 16:00:37 2025 GMT
Subject: CN=6776b829-d289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c0:68:42:26:e9:10:f8:69:ef:e5:36:6e:f9:
6c:16:ad:4b:23:65:7b:cf:a3:5b:55:11:d7:e7:13:
df:3a:48:a3:d9:a8:21:51:ad:63:01:64:dc:c5:f6:
74:f9:c1:f0:31:9c:af:ab:57:5e:5f:d3:50:e9:3d:
fd:85:31:48:6c:6e:04:fe:54:9e:c3:8b:5d:3e:bb:
ba:8c:89:fd:a1:4f:59:db:7e:2b:eb:2b:7d:9c:e3:
29:1d:39:16:fb:df:6a:b9:3c:a1:23:7a:34:a9:b9:
3a:bd:c8:b0:9a:f7:77:98:f8:3f:ad:9a:f2:36:2f:
48:ba:8b:39:00:be:48:1d:06:39:77:a2:50:92:ed:
b5:6c:20:f9:b8:e7:f1:3f:1d:e7:1c:91:db:9f:f9:
88:94:fd:3f:fa:7e:6d:9a:14:2e:c6:93:42:2a:83:
96:ad:a9:aa:6c:83:1c:87:0f:dc:d5:7d:55:3d:5e:
5d:33:69:10:7b:a1:f9:ea:6e:36:5d:3b:04:6f:2a:
8e:50:a8:1d:45:83:57:b8:56:6d:6f:1c:83:3b:13:
53:15:a9:31:11:68:0e:13:57:3a:5b:3d:7d:0a:db:
15:b4:53:08:0a:91:dc:19:24:de:2e:20:8a:5c:99:
a3:02:6e:e6:30:ea:45:e3:f0:62:b9:40:03:86:15:
1d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:89:56:D7:5F:7B:BE:A7:88:59:D0:95:DB:D4:AF:11:9C:E0:7D:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B733B528C92211EFAD1AB696762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.98.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:8f:f3:00:85:78:8e:1a:f2:3b:51:86:42:72:0e:fb:76:f4:
fa:c6:90:e9:aa:c0:d1:d0:69:d0:6c:c4:de:b3:0a:ee:af:f3:
74:ac:14:45:15:5e:e8:a9:9c:f7:14:8d:ad:a1:01:bd:6a:04:
f0:3c:d7:22:c8:f7:39:89:f1:be:22:85:29:6e:34:19:b7:86:
2a:05:9c:88:a5:14:32:2b:d5:94:f3:5f:ef:d1:a8:d2:7d:81:
02:50:9d:59:c6:e3:d8:79:8a:ee:d3:e0:f1:29:04:44:e8:31:
d9:fa:3b:0b:39:51:16:a6:48:20:d3:47:90:f9:d9:b0:95:d0:
dc:9a:6d:9f:ad:85:61:0e:5b:2b:96:7e:4c:59:dd:0f:4e:54:
7a:95:de:22:24:de:6b:ad:00:4f:f5:e6:51:53:af:66:26:83:
f1:ac:85:f6:78:ee:65:7a:9e:0a:9f:26:56:cc:fb:c9:a6:99:
a9:f6:98:a3:af:ec:2c:c5:a7:0f:61:ba:75:0b:38:fd:07:66:
72:ff:23:a1:0d:4f:da:bd:69:5c:15:9a:9c:bd:78:ff:7a:ff:
e0:81:04:0f:f1:fd:5a:dc:8f:70:fa:78:45:77:d2:2b:61:cb:
7a:7d:d0:e5:ab:e6:2d:cd:db:a8:ee:50:35:87:66:92:54:78:
ba:b5:2c:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATM5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTYwMDM3WhcNMjUxMjEzMTYwMDM3WjAYMRYw
FAYDVQQDEw02Nzc2YjgyOS1kMjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtMBoQibpEPhp7+U2bvlsFq1LI2V7z6NbVRHX5xPfOkij2aghUa1jAWTc
xfZ0+cHwMZyvq1deX9NQ6T39hTFIbG4E/lSew4tdPru6jIn9oU9Z234r6yt9nOMp
HTkW+99quTyhI3o0qbk6vciwmvd3mPg/rZryNi9Iuos5AL5IHQY5d6JQku21bCD5
uOfxPx3nHJHbn/mIlP0/+n5tmhQuxpNCKoOWramqbIMchw/c1X1VPV5dM2kQe6H5
6m42XTsEbyqOUKgdRYNXuFZtbxyDOxNTFakxEWgOE1c6Wz19CtsVtFMICpHcGSTe
LiCKXJmjAm7mMOpF4/BiuUADhhUd0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLKJ
Vtdfe76niFnQldvUrxGc4H1iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNzMzQjUyOEM5MjIxMUVGQUQxQUI2OTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5iMA0GCSqGSIb3DQEB
CwUAA4IBAQCPj/MAhXiOGvI7UYZCcg77dvT6xpDpqsDR0GnQbMTeswrur/N0rBRF
FV7oqZz3FI2toQG9agTwPNciyPc5ifG+IoUpbjQZt4YqBZyIpRQyK9WU81/v0ajS
fYECUJ1ZxuPYeYru0+DxKQRE6DHZ+jsLOVEWpkgg00eQ+dmwldDcmm2frYVhDlsr
ln5MWd0PTlR6ld4iJN5rrQBP9eZRU69mJoPxrIX2eO5lep4KnyZWzPvJppmp9pij
r+wsxacPYbp1Czj9B2Zy/yOhDU/avWlcFZqcvXj/ev/ggQQP8f1a3I9w+nhFd9Ir
Yct6fdDlq+Ytzduo7lA1h2aSVHi6tSyl
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:08 2025 by rpki-client