Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB5E2E9AF41E11EFAE8F635B762E951A.roa
File: BB5E2E9AF41E11EFAE8F635B762E951A.roa (raw, json)
Hash identifier: vZDTCfiAUYZkkRnC7nQVxadtIVSHcRWWvUU+424fWHA=
Subject key identifier: B5:2B:8F:D3:63:79:C3:17:6F:8C:82:2B:4C:F0:11:C1:EA:01:76:58
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01617B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB5E2E9AF41E11EFAE8F635B762E951A.roa
Signing time: Wed 26 Feb 2025 08:50:30 +0000
ROA not before: Wed 26 Feb 2025 08:50:26 +0000
ROA not after: Thu 19 Feb 2026 08:50:26 +0000
asID: 984
IP address blocks: 154.206.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90491 (0x1617b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 08:50:26 2025 GMT
Not After : Feb 19 08:50:26 2026 GMT
Subject: CN=67bed5d6-9d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:21:93:2d:b6:5c:2c:93:da:70:65:d4:f4:7b:
b7:4d:4b:13:d8:49:62:b3:fb:75:ec:23:db:e2:44:
8b:d4:c9:0d:8d:57:9b:ae:d4:a9:10:0f:40:f2:8d:
0d:10:73:a7:1b:a7:d2:ab:c3:dc:9f:e1:d8:7c:8c:
c3:78:57:17:66:d8:0f:40:78:89:5e:b6:c5:d3:84:
d8:11:c2:c9:ee:33:28:83:99:b9:fc:17:e0:e5:26:
41:89:9c:ff:03:f0:00:41:ec:62:49:ce:86:69:b6:
67:ff:b5:dd:82:21:10:86:61:13:a3:dc:c5:96:7e:
1e:60:c4:bd:74:92:ed:0b:fd:43:91:45:84:46:cd:
9b:c0:fb:72:8c:22:29:63:10:a3:02:79:34:79:c1:
6a:35:9c:67:81:23:87:6a:3c:4f:b7:e2:ff:f4:d8:
39:5a:2f:04:4e:55:d5:08:8f:21:59:70:1e:e6:e8:
ba:19:2e:bf:af:4f:d1:91:71:80:61:9c:f5:b0:d7:
ff:27:79:a5:b9:a2:1a:db:57:e5:6e:67:60:66:5e:
fb:8d:e9:b0:df:57:2d:76:b1:04:5e:3d:ab:c2:89:
b5:bd:8e:74:9a:a8:04:f9:71:eb:41:e6:1f:51:fa:
a5:ad:f8:63:28:00:8f:4e:6a:7d:aa:a9:94:e8:6e:
b3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:2B:8F:D3:63:79:C3:17:6F:8C:82:2B:4C:F0:11:C1:EA:01:76:58
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB5E2E9AF41E11EFAE8F635B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.220.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:94:bf:18:5b:61:45:43:6e:92:bb:ec:31:d7:ea:21:8c:be:
3f:e2:7f:c2:8a:41:3e:34:54:88:9f:7c:fb:bb:65:6f:10:a6:
f9:8b:86:57:cc:82:f0:22:d2:cb:c6:eb:dc:75:19:1e:5a:58:
ef:93:f4:00:ec:5d:37:8e:08:08:42:9f:51:79:ab:fa:83:65:
a5:be:7d:93:dc:02:33:f4:da:e3:03:7d:fa:07:01:85:dc:74:
f8:ba:bf:2b:f6:21:26:ba:93:e7:4c:f0:5a:d5:ac:f5:9a:10:
9e:9a:26:61:47:86:b7:f8:f0:05:3d:d4:f1:86:b9:04:80:35:
c4:ac:57:d5:06:3d:5e:2a:d8:b5:9b:83:fc:f4:64:ba:a6:65:
ab:b4:31:e4:de:d5:cc:8b:46:01:27:23:16:7a:6c:f0:78:1d:
cf:8c:45:0b:4a:34:9f:df:66:b4:1b:d3:a5:e1:f7:90:8b:b5:
5a:72:49:9b:26:9a:10:da:cc:68:fc:f0:c8:19:82:3f:84:77:
0d:57:c2:61:fb:78:3b:c7:a6:f4:11:3b:e5:02:a0:aa:e5:00:
3a:bb:0f:2f:67:68:b5:fa:18:7d:8d:3b:0a:6e:df:aa:95:9d:
1b:0c:17:68:27:2a:53:cc:a0:c5:a8:2f:ea:b9:d6:1e:b8:ba:
31:0a:a0:f8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWF7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDg1MDI2WhcNMjYwMjE5MDg1MDI2WjAYMRYw
FAYDVQQDEw02N2JlZDVkNi05ZDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApSGTLbZcLJPacGXU9Hu3TUsT2Elis/t17CPb4kSL1MkNjVebrtSpEA9A
8o0NEHOnG6fSq8Pcn+HYfIzDeFcXZtgPQHiJXrbF04TYEcLJ7jMog5m5/Bfg5SZB
iZz/A/AAQexiSc6GabZn/7XdgiEQhmETo9zFln4eYMS9dJLtC/1DkUWERs2bwPty
jCIpYxCjAnk0ecFqNZxngSOHajxPt+L/9Ng5Wi8ETlXVCI8hWXAe5ui6GS6/r0/R
kXGAYZz1sNf/J3mluaIa21flbmdgZl77jemw31ctdrEEXj2rwom1vY50mqgE+XHr
QeYfUfqlrfhjKACPTmp9qqmU6G6z0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLUr
j9NjecMXb4yCK0zwEcHqAXZYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQjVFMkU5QUY0MUUxMUVGQUU4RjYzNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7cMA0GCSqGSIb3DQEB
CwUAA4IBAQCzlL8YW2FFQ26Su+wx1+ohjL4/4n/CikE+NFSIn3z7u2VvEKb5i4ZX
zILwItLLxuvcdRkeWljvk/QA7F03jggIQp9Reav6g2Wlvn2T3AIz9NrjA336BwGF
3HT4ur8r9iEmupPnTPBa1az1mhCemiZhR4a3+PAFPdTxhrkEgDXErFfVBj1eKti1
m4P89GS6pmWrtDHk3tXMi0YBJyMWemzweB3PjEULSjSf32a0G9Ol4feQi7Vackmb
JpoQ2sxo/PDIGYI/hHcNV8Jh+3g7x6b0ETvlAqCq5QA6uw8vZ2i1+hh9jTsKbt+q
lZ0bDBdoJypTzKDFqC/qudYeuLoxCqD4
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:54:23 2025 by rpki-client