Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8BECCB607B111F0BB4DCB43762E951A.roa
File: B8BECCB607B111F0BB4DCB43762E951A.roa (raw, json)
Hash identifier: y90YB+e0pLnyd5OpPPuocigwIDPbUmpsliLs1Wr00z8=
Subject key identifier: D5:75:69:0B:6B:24:F0:2D:78:BF:CA:1E:87:92:1F:A3:0F:5D:9B:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0175AD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8BECCB607B111F0BB4DCB43762E951A.roa
Signing time: Sun 23 Mar 2025 06:40:34 +0000
ROA not before: Sun 23 Mar 2025 06:40:30 +0000
ROA not after: Sat 03 May 2025 06:40:30 +0000
asID: 174
IP address blocks: 154.202.105.0/24 maxlen: 24
154.202.134.0/24 maxlen: 24
154.202.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95661 (0x175ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 23 06:40:30 2025 GMT
Not After : May 3 06:40:30 2025 GMT
Subject: CN=67dface2-e1aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:44:9c:30:43:b3:6c:e6:ce:bf:34:99:df:7c:
e8:8b:63:38:a6:05:7d:75:e3:1e:db:c4:39:be:7c:
a6:27:ea:32:79:1f:4e:f7:9e:1d:2a:e5:73:7e:09:
9e:28:18:88:3c:a0:b5:1e:ec:aa:3f:58:fc:e0:73:
14:4c:6e:d3:55:5b:dc:3e:2f:c0:4c:8f:d1:5b:0e:
7b:9b:b5:59:d9:6c:fe:34:53:7d:8d:60:a6:20:54:
be:91:b6:e6:9c:fb:b5:39:ec:6f:60:e2:2a:a2:c5:
33:d2:e5:c0:ab:98:e5:95:20:18:c3:f2:d6:56:b6:
1a:a6:ad:01:fa:c2:71:6c:e2:be:30:4f:44:96:e9:
2c:05:6e:e2:87:03:f6:e8:bf:3a:e7:d9:b5:7a:91:
17:9a:cf:22:77:05:6d:35:2a:63:62:02:c3:2e:c9:
23:76:8c:68:b3:31:0b:2c:74:89:46:46:03:77:9f:
62:1f:e7:25:82:ba:c5:52:6f:e3:12:2c:d4:87:4e:
51:5b:0e:74:d1:ea:1c:9a:40:a1:b6:8a:d3:aa:81:
64:b6:47:da:27:8d:61:26:6a:98:d3:2d:ec:ea:36:
fc:50:15:6a:09:ea:f8:05:82:2b:42:eb:b8:ac:51:
3b:a3:70:0b:11:97:d9:27:bd:1d:90:ac:c3:db:68:
e3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:75:69:0B:6B:24:F0:2D:78:BF:CA:1E:87:92:1F:A3:0F:5D:9B:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8BECCB607B111F0BB4DCB43762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.105.0/24
154.202.134.0/23
Signature Algorithm: sha256WithRSAEncryption
69:3f:6a:60:1d:d0:d8:14:56:a7:13:57:59:91:58:aa:7b:05:
25:7c:b9:ff:a6:14:60:77:e2:0a:10:ec:71:97:3d:cc:19:86:
d3:b7:b8:fe:11:fa:57:a8:98:b9:4a:67:e7:90:3e:42:00:da:
10:43:53:fc:5d:20:17:10:ee:f2:b9:ac:f2:d0:9a:14:2d:95:
ec:68:bc:32:84:62:a9:52:9a:58:b4:df:0a:90:5d:7c:fa:02:
54:1b:f2:5b:8c:6f:a6:c9:cc:da:18:c7:e5:05:88:11:bc:d9:
76:87:ab:d2:9b:96:b0:db:50:3e:db:80:0f:5f:8f:55:43:a6:
c7:07:30:1c:74:80:fb:c2:e9:b0:7e:c5:19:49:42:02:79:8d:
0c:15:47:09:b0:52:59:64:66:e7:ac:8a:7f:80:17:cf:2e:a0:
f6:61:ae:73:5a:71:22:08:2d:b9:f8:12:89:7f:cf:8c:d4:5f:
c7:38:97:76:63:71:f2:a3:58:a7:87:87:5e:2a:a7:d8:d6:c2:
17:f6:0c:0b:4c:a2:34:54:60:b7:4d:53:77:69:c7:bb:14:e3:
8e:57:84:a6:bf:b8:40:a9:d5:73:59:16:90:7a:05:c7:7f:99:
26:25:cc:bf:76:9c:ae:c5:25:8a:e9:8c:5c:40:ec:be:2f:64:
c7:6b:1d:0d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXWtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIzMDY0MDMwWhcNMjUwNTAzMDY0MDMwWjAYMRYw
FAYDVQQDEw02N2RmYWNlMi1lMWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA30ScMEOzbObOvzSZ33zoi2M4pgV9deMe28Q5vnymJ+oyeR9O954dKuVz
fgmeKBiIPKC1HuyqP1j84HMUTG7TVVvcPi/ATI/RWw57m7VZ2Wz+NFN9jWCmIFS+
kbbmnPu1OexvYOIqosUz0uXAq5jllSAYw/LWVrYapq0B+sJxbOK+ME9EluksBW7i
hwP26L8659m1epEXms8idwVtNSpjYgLDLskjdoxoszELLHSJRkYDd59iH+clgrrF
Um/jEizUh05RWw500eocmkChtorTqoFktkfaJ41hJmqY0y3s6jb8UBVqCer4BYIr
Quu4rFE7o3ALEZfZJ70dkKzD22jjcQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNV1
aQtrJPAteL/KHoeSH6MPXZuBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COEJFQ0NCNjA3QjExMUYwQkI0RENCNDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsppAwQBmsqGMA0GCSqG
SIb3DQEBCwUAA4IBAQBpP2pgHdDYFFanE1dZkViqewUlfLn/phRgd+IKEOxxlz3M
GYbTt7j+EfpXqJi5SmfnkD5CANoQQ1P8XSAXEO7yuazy0JoULZXsaLwyhGKpUppY
tN8KkF18+gJUG/JbjG+myczaGMflBYgRvNl2h6vSm5aw21A+24APX49VQ6bHBzAc
dID7wumwfsUZSUICeY0MFUcJsFJZZGbnrIp/gBfPLqD2Ya5zWnEiCC25+BKJf8+M
1F/HOJd2Y3Hyo1inh4deKqfY1sIX9gwLTKI0VGC3TVN3ace7FOOOV4Smv7hAqdVz
WRaQegXHf5kmJcy/dpyuxSWK6YxcQOy+L2THax0N
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:27:20 2025 by rpki-client