Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC6035F8DFE811EF9C604795762E951A.roa
File: BC6035F8DFE811EF9C604795762E951A.roa (raw, json)
Hash identifier: QVrZZTLJP0LCtKMyticWp436Dpqs0b5nfDkCoXEBTjc=
Subject key identifier: 28:BA:57:DF:86:2E:20:96:8F:BC:71:78:ED:1F:1F:6B:20:DB:0A:96
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014DEB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC6035F8DFE811EF9C604795762E951A.roa
Signing time: Fri 31 Jan 2025 15:33:36 +0000
ROA not before: Fri 31 Jan 2025 15:33:32 +0000
ROA not after: Sat 03 Jan 2026 15:33:32 +0000
asID: 40065
IP address blocks: 154.84.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85483 (0x14deb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 31 15:33:32 2025 GMT
Not After : Jan 3 15:33:32 2026 GMT
Subject: CN=679ced50-b473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fb:bc:d7:4e:f7:a8:be:91:c6:24:1e:3a:fa:
e4:84:67:66:f5:6a:ef:16:ef:ad:49:79:fb:76:d6:
2b:4f:d1:f6:de:3c:2f:5c:0c:3c:8f:72:c2:ac:18:
3d:35:9a:e3:fe:72:78:6e:66:6c:5c:e7:b8:fa:61:
ef:bf:38:c2:34:29:7c:f4:90:b3:b4:45:62:c3:32:
f0:66:e1:f8:df:92:ac:e9:0c:40:e2:6c:ac:7e:4a:
f0:09:0d:64:62:92:fe:e5:c9:ad:08:b0:3f:13:0b:
15:eb:d6:94:98:35:69:79:24:dc:e3:54:9b:c5:49:
15:02:f2:db:4b:66:6b:3e:6e:c5:fa:96:ce:c9:47:
6a:25:ed:7d:ad:3c:55:ee:f4:a2:69:de:38:5a:08:
8a:32:e1:bb:0c:4c:aa:d0:5c:b2:82:63:37:a7:ac:
8e:73:97:24:65:d1:fe:e1:ab:c1:bb:2e:2d:cc:27:
b0:46:1e:ff:96:c9:ea:3c:d5:20:f2:51:b2:51:33:
01:d3:00:d0:18:22:55:5a:44:aa:72:68:87:56:6f:
5f:68:2c:80:3b:b0:11:0d:0f:be:ec:a5:6c:35:7f:
92:d3:23:a0:cb:e7:03:b6:52:92:f3:dd:3f:fd:26:
87:67:43:59:5f:f0:67:d0:db:9b:57:f2:7a:99:15:
00:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BA:57:DF:86:2E:20:96:8F:BC:71:78:ED:1F:1F:6B:20:DB:0A:96
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC6035F8DFE811EF9C604795762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.12.0/23
Signature Algorithm: sha256WithRSAEncryption
09:aa:95:4c:36:bb:36:fc:bf:be:7a:f1:cd:2b:c7:30:a1:e4:
1b:af:6f:41:5a:e6:63:7b:4e:5b:42:3a:4d:5e:94:c7:a7:74:
11:21:88:f6:49:ee:c4:91:6b:d9:61:20:9f:a6:14:52:4b:b2:
8d:89:c2:06:d2:d3:0f:2d:39:8d:55:6b:3c:20:d2:e7:19:92:
c3:dc:0f:4e:72:eb:44:52:65:e7:b8:da:52:00:dc:7c:49:bf:
a8:e7:0b:4e:c2:40:4e:2e:d0:0c:a8:7e:5e:51:0b:60:77:61:
da:fc:0e:cd:ce:79:04:07:c2:e4:3a:3c:74:45:03:aa:14:be:
89:2d:45:6d:5c:18:ab:04:89:a4:c5:09:96:85:6e:05:0b:38:
8e:5c:9c:2b:fc:bf:6a:c9:46:e3:61:f9:09:25:0e:28:a1:04:
4e:ef:60:9a:e5:f7:85:66:67:02:f2:82:58:32:3e:cf:ee:f4:
71:fa:6b:c7:f4:f3:76:4b:d4:68:e7:e0:5c:2f:dc:d6:aa:3f:
2b:25:24:f5:9b:01:33:47:2d:31:89:a0:31:10:4f:f4:05:61:
30:60:56:68:ab:85:6c:a5:e1:f4:4a:b8:e4:78:ac:73:c1:3c:
ac:dc:6f:9c:dc:25:e2:c2:85:3e:64:85:9f:4a:ce:3a:54:a5:
03:81:eb:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU3rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTUzMzMyWhcNMjYwMTAzMTUzMzMyWjAYMRYw
FAYDVQQDEw02NzljZWQ1MC1iNDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0/u81073qL6RxiQeOvrkhGdm9WrvFu+tSXn7dtYrT9H23jwvXAw8j3LC
rBg9NZrj/nJ4bmZsXOe4+mHvvzjCNCl89JCztEViwzLwZuH435Ks6QxA4mysfkrw
CQ1kYpL+5cmtCLA/EwsV69aUmDVpeSTc41SbxUkVAvLbS2ZrPm7F+pbOyUdqJe19
rTxV7vSiad44WgiKMuG7DEyq0FyygmM3p6yOc5ckZdH+4avBuy4tzCewRh7/lsnq
PNUg8lGyUTMB0wDQGCJVWkSqcmiHVm9faCyAO7ARDQ++7KVsNX+S0yOgy+cDtlKS
890//SaHZ0NZX/Bn0NubV/J6mRUAQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCi6
V9+GLiCWj7xxeO0fH2sg2wqWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQzYwMzVGOERGRTgxMUVGOUM2MDQ3OTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlQMMA0GCSqGSIb3DQEB
CwUAA4IBAQAJqpVMNrs2/L++evHNK8cwoeQbr29BWuZje05bQjpNXpTHp3QRIYj2
Se7EkWvZYSCfphRSS7KNicIG0tMPLTmNVWs8INLnGZLD3A9OcutEUmXnuNpSANx8
Sb+o5wtOwkBOLtAMqH5eUQtgd2Ha/A7NznkEB8LkOjx0RQOqFL6JLUVtXBirBImk
xQmWhW4FCziOXJwr/L9qyUbjYfkJJQ4ooQRO72Ca5feFZmcC8oJYMj7P7vRx+mvH
9PN2S9Ro5+BcL9zWqj8rJST1mwEzRy0xiaAxEE/0BWEwYFZoq4VspeH0SrjkeKxz
wTys3G+c3CXiwoU+ZIWfSs46VKUDgeuV
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:53:47 2025 by rpki-client