Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD1BAF14EABE11EF83443768762E951A.roa
File: BD1BAF14EABE11EF83443768762E951A.roa (raw, json)
Hash identifier: W/0sG5odbz7QQIYHRaMXpQ5M2kzSoJbl0+6ZqfSlhlQ=
Subject key identifier: 98:CD:B5:F2:0E:3F:19:D5:76:99:EE:47:C2:7B:39:91:0A:B1:20:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01570F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD1BAF14EABE11EF83443768762E951A.roa
Signing time: Fri 14 Feb 2025 10:30:41 +0000
ROA not before: Fri 14 Feb 2025 10:30:37 +0000
ROA not after: Mon 12 May 2025 10:30:37 +0000
asID: 135097
IP address blocks: 154.197.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87823 (0x1570f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 14 10:30:37 2025 GMT
Not After : May 12 10:30:37 2025 GMT
Subject: CN=67af1b51-1145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:97:be:db:90:f9:0f:fe:da:bf:6b:b4:9c:38:
bb:a9:3f:09:3f:78:2a:e1:e7:72:13:bf:3d:21:2f:
61:93:29:cc:40:93:8b:32:d2:7d:fb:a6:ef:e1:ff:
53:c2:8a:37:29:95:8a:08:94:28:bc:66:e6:86:8c:
fa:9a:c7:97:43:9e:75:f4:e2:d7:0a:39:10:16:e2:
36:ad:cf:6b:07:06:0f:4b:d4:21:61:d7:92:8d:3d:
b5:6e:79:da:5d:c4:cf:56:57:f9:99:ef:fc:9a:91:
57:c2:a2:06:c3:8d:08:c1:3b:a5:07:24:91:81:48:
d1:38:db:b2:03:4c:bd:58:9e:e2:f0:37:a3:fd:b1:
97:ca:ea:ad:2d:05:34:75:8f:a3:6b:b3:9e:44:60:
8e:69:06:12:9b:7d:04:7d:f8:f0:aa:ee:6b:d7:4c:
c6:60:ca:a4:71:91:31:d6:e3:f3:4a:65:bf:da:a8:
62:39:1b:2c:80:7b:11:ba:ba:8c:c5:60:12:04:19:
83:bc:11:75:fb:c8:a1:a3:75:7e:67:2d:82:fc:eb:
d5:87:5e:2c:2f:78:fc:75:a8:da:3a:8c:e6:39:5e:
99:13:b6:fe:63:45:a3:b7:c6:e2:a4:78:49:37:85:
0b:02:1a:c7:7d:b2:2d:98:99:62:ad:15:2f:3f:29:
2f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CD:B5:F2:0E:3F:19:D5:76:99:EE:47:C2:7B:39:91:0A:B1:20:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD1BAF14EABE11EF83443768762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.192.0/20
Signature Algorithm: sha256WithRSAEncryption
37:9a:9f:a7:2d:c8:16:69:59:de:d8:67:cf:bd:c2:ed:45:4c:
fd:38:f6:10:e4:9b:07:ae:dd:75:ea:5d:4b:78:2d:ed:1c:69:
c7:48:d8:e8:c9:0f:26:df:bc:77:a6:82:89:9d:f1:c3:18:70:
36:78:a8:e9:cc:88:62:dd:ae:18:7a:4c:12:a3:22:a7:12:ed:
33:ad:0c:84:30:fb:6b:86:33:ab:1c:15:c8:5c:4b:33:d8:99:
07:89:33:c1:58:d1:fb:c1:e1:62:ac:88:75:db:7c:a2:56:72:
34:60:f4:b8:95:74:ce:f1:70:c3:82:fc:5e:cf:a6:50:51:7c:
e9:ff:73:63:39:e9:1b:40:f4:61:40:ca:61:29:e8:da:0b:88:
79:65:94:3b:c0:04:fa:8d:b7:e6:c9:64:cb:3c:e8:09:e8:4e:
bf:56:f4:d5:19:2d:42:96:88:6b:7e:29:c4:23:a8:e6:ae:4b:
d9:c0:97:07:bc:4b:51:94:2e:df:81:bf:11:de:46:d9:37:05:
a5:7f:07:fc:57:d0:11:5d:9c:cd:37:7d:be:95:d4:42:cc:12:
c7:5f:a5:cf:7a:44:af:20:70:df:41:4c:65:3c:f5:76:d3:72:
32:c5:ea:64:40:97:16:8f:11:5b:f3:5c:34:e3:1e:d3:b2:70:
4f:1e:77:4f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVcPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjE0MTAzMDM3WhcNMjUwNTEyMTAzMDM3WjAYMRYw
FAYDVQQDEw02N2FmMWI1MS0xMTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAspe+25D5D/7av2u0nDi7qT8JP3gq4edyE789IS9hkynMQJOLMtJ9+6bv
4f9Twoo3KZWKCJQovGbmhoz6mseXQ5519OLXCjkQFuI2rc9rBwYPS9QhYdeSjT21
bnnaXcTPVlf5me/8mpFXwqIGw40IwTulBySRgUjRONuyA0y9WJ7i8Dej/bGXyuqt
LQU0dY+ja7OeRGCOaQYSm30Effjwqu5r10zGYMqkcZEx1uPzSmW/2qhiORssgHsR
urqMxWASBBmDvBF1+8iho3V+Zy2C/OvVh14sL3j8dajaOozmOV6ZE7b+Y0Wjt8bi
pHhJN4ULAhrHfbItmJlirRUvPykvjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJjN
tfIOPxnVdpnuR8J7OZEKsSCOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRDFCQUYxNEVBQkUxMUVGODM0NDM3Njg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsXAMA0GCSqGSIb3DQEB
CwUAA4IBAQA3mp+nLcgWaVne2GfPvcLtRUz9OPYQ5JsHrt116l1LeC3tHGnHSNjo
yQ8m37x3poKJnfHDGHA2eKjpzIhi3a4YekwSoyKnEu0zrQyEMPtrhjOrHBXIXEsz
2JkHiTPBWNH7weFirIh123yiVnI0YPS4lXTO8XDDgvxez6ZQUXzp/3NjOekbQPRh
QMphKejaC4h5ZZQ7wAT6jbfmyWTLPOgJ6E6/VvTVGS1ClohrfinEI6jmrkvZwJcH
vEtRlC7fgb8R3kbZNwWlfwf8V9ARXZzNN32+ldRCzBLHX6XPekSvIHDfQUxlPPV2
03IyxepkQJcWjxFb81w04x7TsnBPHndP
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:12 2025 by rpki-client