Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B82EDBA6F44211EF9DE9C559762E951A.roa
File: B82EDBA6F44211EF9DE9C559762E951A.roa (raw, json)
Hash identifier: lxaLfQ0kvUCynVYd7KQLqA7BrNpByRzhuvMZfvyaXTA=
Subject key identifier: FB:41:5C:4A:71:E7:2D:33:5A:E2:61:D9:EE:95:CD:18:AC:DE:F2:59
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016388
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B82EDBA6F44211EF9DE9C559762E951A.roa
Signing time: Wed 26 Feb 2025 13:08:07 +0000
ROA not before: Wed 26 Feb 2025 13:08:03 +0000
ROA not after: Sat 19 Feb 2028 13:08:03 +0000
asID: 17561
IP address blocks: 154.82.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91016 (0x16388)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 13:08:03 2025 GMT
Not After : Feb 19 13:08:03 2028 GMT
Subject: CN=67bf1237-f800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:21:52:07:31:34:0e:a6:1f:a2:23:60:41:4b:
41:45:33:af:e3:9e:7d:71:5a:f4:29:12:81:3f:6b:
fc:73:5a:bc:6f:ce:7b:e1:21:bc:95:2a:72:41:ca:
e1:cb:ff:86:23:c6:15:2c:24:43:57:53:aa:1d:54:
b7:e6:80:ee:65:9c:c3:da:4e:ef:87:68:b9:63:a8:
43:be:72:29:bf:5b:42:4a:41:4f:44:c0:cc:d7:2c:
c2:de:cc:73:71:e6:e9:8e:00:d0:93:16:9d:0b:35:
98:f6:23:cc:c5:bb:ed:5e:92:c2:d5:fd:42:c5:36:
0f:c7:3a:ca:2b:c6:5c:b6:83:81:49:10:f7:e4:70:
b2:53:bc:85:90:7e:1f:ee:1d:5b:db:40:66:29:44:
ac:19:39:29:2f:91:d0:6a:3b:63:1f:48:65:5a:18:
f3:2e:6f:7c:ed:b6:92:2f:e1:b5:8f:2b:95:53:27:
4e:13:0c:ce:d8:54:e6:04:d7:56:a9:e0:7d:2d:33:
d3:d2:a8:92:3f:21:8f:8a:37:06:3b:dc:2d:2c:1d:
d5:64:c8:99:73:28:fb:ef:00:fa:ea:6b:ee:e5:cd:
21:c0:2b:41:f2:d2:19:80:ca:5e:41:10:fb:44:84:
34:84:b4:7d:fb:fb:08:0f:02:b0:6a:d6:22:16:e7:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:41:5C:4A:71:E7:2D:33:5A:E2:61:D9:EE:95:CD:18:AC:DE:F2:59
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B82EDBA6F44211EF9DE9C559762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.171.0/24
Signature Algorithm: sha256WithRSAEncryption
51:45:1e:59:c8:31:df:a7:2c:32:eb:f8:01:72:f0:a8:29:7a:
e4:55:a8:3b:81:22:a4:f6:f6:71:da:40:5c:03:a4:15:20:f8:
3e:f1:c5:23:6b:1f:ca:3b:30:06:3c:56:a0:4b:e1:41:9d:23:
30:b3:b3:47:8d:ff:af:e2:54:55:7a:a1:41:da:a4:3a:83:93:
d5:86:42:c2:c5:0b:d3:da:50:4a:b3:63:6f:da:30:ad:e9:d6:
ea:57:d6:fa:52:0f:95:95:f3:b6:07:00:bc:8f:8c:8e:69:11:
47:a4:cc:28:db:27:d7:7e:95:18:d7:1b:c4:ab:20:61:ce:2b:
73:53:a1:d9:cb:9f:b9:71:d9:43:74:0b:54:be:e3:8a:cf:26:
e7:64:92:ad:ae:7e:e8:62:2a:7b:70:46:00:63:c2:c5:2f:2b:
e6:24:61:21:37:fb:aa:f6:47:98:4b:cf:d5:e1:bc:a7:23:0f:
22:5b:ac:13:bb:f1:5c:84:ae:ee:10:9f:ab:ca:49:c7:de:99:
d6:69:95:85:03:74:3d:c1:2e:f4:f1:99:ff:79:8a:6f:4d:63:
53:4c:e8:b8:7d:0d:26:fa:02:ab:b1:c4:0c:6c:0a:bb:41:69:
93:23:4c:82:ce:21:00:59:4f:a7:f8:80:18:66:e3:cb:33:e2:
74:9e:65:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWOIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTMwODAzWhcNMjgwMjE5MTMwODAzWjAYMRYw
FAYDVQQDEw02N2JmMTIzNy1mODAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnCFSBzE0DqYfoiNgQUtBRTOv4559cVr0KRKBP2v8c1q8b8574SG8lSpy
Qcrhy/+GI8YVLCRDV1OqHVS35oDuZZzD2k7vh2i5Y6hDvnIpv1tCSkFPRMDM1yzC
3sxzcebpjgDQkxadCzWY9iPMxbvtXpLC1f1CxTYPxzrKK8ZctoOBSRD35HCyU7yF
kH4f7h1b20BmKUSsGTkpL5HQajtjH0hlWhjzLm987baSL+G1jyuVUydOEwzO2FTm
BNdWqeB9LTPT0qiSPyGPijcGO9wtLB3VZMiZcyj77wD66mvu5c0hwCtB8tIZgMpe
QRD7RIQ0hLR9+/sIDwKwatYiFufqcQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPtB
XEpx5y0zWuJh2e6VzRis3vJZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CODJFREJBNkY0NDIxMUVGOURFOUM1NTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlKrMA0GCSqGSIb3DQEB
CwUAA4IBAQBRRR5ZyDHfpywy6/gBcvCoKXrkVag7gSKk9vZx2kBcA6QVIPg+8cUj
ax/KOzAGPFagS+FBnSMws7NHjf+v4lRVeqFB2qQ6g5PVhkLCxQvT2lBKs2Nv2jCt
6dbqV9b6Ug+VlfO2BwC8j4yOaRFHpMwo2yfXfpUY1xvEqyBhzitzU6HZy5+5cdlD
dAtUvuOKzybnZJKtrn7oYip7cEYAY8LFLyvmJGEhN/uq9keYS8/V4bynIw8iW6wT
u/FchK7uEJ+ryknH3pnWaZWFA3Q9wS708Zn/eYpvTWNTTOi4fQ0m+gKrscQMbAq7
QWmTI0yCziEAWU+n+IAYZuPLM+J0nmWb
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:49:13 2025 by rpki-client