Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9AB6E1AC92A11EF857AF44A762E951A.roa
File: B9AB6E1AC92A11EF857AF44A762E951A.roa (raw, json)
Hash identifier: uaaAWCPOUazRa5O9OIDXugC1MnYNAsikfkJyhg9c5Uo=
Subject key identifier: 20:CD:30:AE:1F:CA:66:A0:00:81:2A:96:F7:0F:3A:11:34:AB:31:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013379
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9AB6E1AC92A11EF857AF44A762E951A.roa
Signing time: Thu 02 Jan 2025 16:58:01 +0000
ROA not before: Thu 02 Jan 2025 16:57:58 +0000
ROA not after: Sat 13 Dec 2025 16:57:58 +0000
asID: 984
IP address blocks: 154.222.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78713 (0x13379)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 16:57:58 2025 GMT
Not After : Dec 13 16:57:58 2025 GMT
Subject: CN=6776c599-2918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a4:59:4a:c4:da:44:29:ad:a4:b0:47:1d:c7:
0e:41:d5:9a:15:3e:83:17:69:00:a6:78:d9:8b:3d:
f6:e0:ab:72:f0:ef:99:16:6b:02:14:fb:7f:0d:dc:
58:1d:7f:49:fe:b8:c9:2e:94:fe:f9:99:29:78:9a:
4a:17:f9:23:5c:37:ad:fc:2a:d6:d6:c5:f9:e9:f9:
4a:73:ac:49:fe:3f:52:d0:ff:5f:a9:cd:f4:80:99:
51:90:9f:61:ee:a4:c3:bb:26:36:05:b1:dc:78:a2:
7d:6f:87:e7:ca:ae:4b:15:e2:ad:72:22:f3:5c:f6:
5a:16:b7:ed:6f:55:79:5b:90:d8:89:1d:9f:0b:f9:
db:1b:c5:d9:4b:ae:b9:bb:0c:32:64:b6:94:4a:4d:
bf:86:72:f2:4c:20:49:be:c1:8c:23:c7:e5:a8:5c:
71:5d:c2:9b:b6:30:90:8c:4e:dd:14:82:ae:0c:91:
d5:3b:06:55:36:43:d6:f6:5e:cf:f0:36:0b:df:d8:
39:f5:0d:0d:c6:64:9c:54:72:cf:e2:dd:1a:2c:b3:
e9:37:08:7b:b5:a1:96:9a:a9:45:99:5b:58:15:2d:
a9:52:a5:3b:8a:1b:a4:31:01:ef:34:e9:51:a9:a3:
be:34:ab:b5:ee:6b:84:1f:13:85:39:d3:f8:e1:44:
37:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:CD:30:AE:1F:CA:66:A0:00:81:2A:96:F7:0F:3A:11:34:AB:31:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9AB6E1AC92A11EF857AF44A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.136.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:93:99:53:c1:4e:38:b7:cb:49:0b:39:6c:9b:f3:7d:5d:87:
8d:a2:52:4e:df:e9:81:1a:0e:ff:50:e5:15:cc:b7:66:d2:b6:
a9:4f:bb:9e:3d:86:69:4e:c0:2f:a2:57:f5:45:44:85:d0:aa:
8a:48:1a:54:44:cc:0f:30:45:85:06:5e:1c:3a:c0:30:f8:f9:
67:63:db:82:9d:db:51:50:77:37:59:98:5c:c9:6d:be:5b:db:
68:0d:6f:e6:f7:d2:9a:f0:2d:91:ee:a2:ff:de:80:43:63:50:
d6:00:35:4b:b0:61:38:25:50:86:0d:61:a8:bc:02:c8:fd:ac:
b4:a8:cc:7b:cb:37:02:9a:af:7a:46:11:af:70:e5:49:2d:e1:
f9:f6:56:c7:d5:4f:dc:99:d9:35:01:7d:8f:7b:b6:5c:95:4a:
68:4d:ed:10:90:f6:9c:b4:a2:29:d7:3d:1f:0a:2f:da:3b:8b:
c1:97:0c:cf:93:59:78:1a:9c:6e:c1:cb:b9:07:28:51:fe:0a:
a8:7e:94:7d:4e:38:b3:bb:a9:5d:46:26:99:45:4b:91:c5:fd:
e7:da:b5:c9:38:3e:0c:c7:f1:19:2a:4b:c1:14:17:68:55:c3:
94:c9:e8:cf:67:d0:6f:d1:3e:d9:e0:06:c3:8a:8e:79:16:01:
aa:2c:6e:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATN5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTY1NzU4WhcNMjUxMjEzMTY1NzU4WjAYMRYw
FAYDVQQDEw02Nzc2YzU5OS0yOTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx6RZSsTaRCmtpLBHHccOQdWaFT6DF2kApnjZiz324Kty8O+ZFmsCFPt/
DdxYHX9J/rjJLpT++ZkpeJpKF/kjXDet/CrW1sX56flKc6xJ/j9S0P9fqc30gJlR
kJ9h7qTDuyY2BbHceKJ9b4fnyq5LFeKtciLzXPZaFrftb1V5W5DYiR2fC/nbG8XZ
S665uwwyZLaUSk2/hnLyTCBJvsGMI8flqFxxXcKbtjCQjE7dFIKuDJHVOwZVNkPW
9l7P8DYL39g59Q0NxmScVHLP4t0aLLPpNwh7taGWmqlFmVtYFS2pUqU7ihukMQHv
NOlRqaO+NKu17muEHxOFOdP44UQ37QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCDN
MK4fymagAIEqlvcPOhE0qzH3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COUFCNkUxQUM5MkExMUVGODU3QUY0NEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6IMA0GCSqGSIb3DQEB
CwUAA4IBAQAbk5lTwU44t8tJCzlsm/N9XYeNolJO3+mBGg7/UOUVzLdm0rapT7ue
PYZpTsAvolf1RUSF0KqKSBpURMwPMEWFBl4cOsAw+PlnY9uCndtRUHc3WZhcyW2+
W9toDW/m99Ka8C2R7qL/3oBDY1DWADVLsGE4JVCGDWGovALI/ay0qMx7yzcCmq96
RhGvcOVJLeH59lbH1U/cmdk1AX2Pe7ZclUpoTe0QkPactKIp1z0fCi/aO4vBlwzP
k1l4Gpxuwcu5ByhR/gqofpR9Tjizu6ldRiaZRUuRxf3n2rXJOD4Mx/EZKkvBFBdo
VcOUyejPZ9Bv0T7Z4AbDio55FgGqLG5v
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:29:48 2025 by rpki-client