Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDF0429AE2CD11EFBEFA2E9C762E951A.roa
File: BDF0429AE2CD11EFBEFA2E9C762E951A.roa (raw, json)
Hash identifier: JYk6ipF2HFcyph73toc6dvk0ndkYKBRnCf7KOFbpW4Y=
Subject key identifier: 86:55:BE:38:86:CA:77:D0:3E:76:81:E8:39:EF:D6:08:73:23:01:96
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01508E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDF0429AE2CD11EFBEFA2E9C762E951A.roa
Signing time: Tue 04 Feb 2025 07:57:56 +0000
ROA not before: Tue 04 Feb 2025 07:57:52 +0000
ROA not after: Wed 30 Apr 2025 07:57:52 +0000
asID: 18229
IP address blocks: 154.210.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86158 (0x1508e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 07:57:52 2025 GMT
Not After : Apr 30 07:57:52 2025 GMT
Subject: CN=67a1c883-4fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9c:02:14:12:0a:e5:f6:76:9e:95:d8:04:d3:
c1:66:b2:5d:40:89:68:65:83:4a:ff:4c:e3:78:67:
bf:7a:50:15:96:88:8a:71:3a:e2:09:97:06:70:f5:
e6:65:ec:36:15:c5:bf:fe:a4:d4:46:0e:5f:25:e4:
35:89:c1:db:52:11:dc:03:41:cc:33:13:a6:ea:61:
9a:e4:ce:93:9e:a6:58:7b:bd:6a:cf:68:cd:79:e6:
96:26:f6:39:d8:b2:24:8a:0c:ae:14:9a:82:d3:42:
dc:07:d4:1e:28:6b:1d:c1:48:51:24:c9:7f:98:96:
ef:34:35:e2:e4:20:c6:35:2a:89:9e:a3:fa:d6:99:
59:cc:3c:93:4a:6a:9b:01:4e:8c:34:23:22:45:6a:
03:1e:07:7b:e6:4e:e3:cd:22:1b:9c:b4:03:d4:99:
d1:66:4a:1e:cc:1d:3d:42:05:6a:dd:e7:c6:10:07:
29:4e:c3:53:65:65:74:e3:3f:a5:44:11:7d:81:0b:
a9:d1:cc:e7:11:9e:02:33:a1:22:50:38:19:27:41:
02:0d:40:a5:2d:9a:be:42:42:60:61:e1:19:85:b5:
de:01:f3:8d:6d:ee:5d:6f:60:a3:ba:f0:91:ae:ed:
c2:f6:29:a5:87:09:61:4b:27:e7:94:8d:98:1f:be:
5b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:55:BE:38:86:CA:77:D0:3E:76:81:E8:39:EF:D6:08:73:23:01:96
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDF0429AE2CD11EFBEFA2E9C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.172.0/24
Signature Algorithm: sha256WithRSAEncryption
89:19:38:be:35:a4:fc:32:f2:a0:57:57:75:43:6f:2c:b2:e7:
62:f3:e3:cd:25:5f:a9:6e:e9:52:6d:27:07:18:b8:1e:6a:07:
d1:98:c8:cd:cd:f3:fc:e3:6b:af:b2:79:bf:d4:f6:31:78:4c:
82:a9:3c:97:48:6c:4d:24:f9:23:72:35:73:27:1b:23:33:25:
4c:94:4d:4d:19:af:f0:a3:a5:f3:c1:c4:0f:6a:3a:24:14:ac:
eb:10:96:b5:3b:8d:51:8f:3b:d8:bf:da:27:5f:cb:e9:4a:ad:
36:c7:49:23:64:b7:cf:1b:78:33:9f:c0:ee:19:81:1e:a9:d1:
2a:bf:19:a2:39:93:53:b7:9c:3c:d9:f1:6c:75:b7:d3:0d:3c:
bf:81:e9:e5:6c:2f:42:bb:0f:f5:25:c4:9c:6e:ae:9a:73:3b:
43:95:79:10:83:c7:6d:54:2c:04:28:d7:e5:2f:21:c4:a5:4a:
e9:b6:ba:38:b8:f0:39:27:1c:a0:ae:ed:64:7a:83:e0:5f:10:
b7:21:ee:67:26:cd:a2:20:87:64:c5:c1:19:7a:c6:ff:00:54:
f3:a4:f5:65:36:78:e0:2c:64:ad:9a:78:fe:a7:69:23:3d:20:
de:6d:8f:e1:2b:27:1c:53:26:55:7e:15:72:28:fc:cc:7e:75:
ff:8d:df:ce
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVCOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDc1NzUyWhcNMjUwNDMwMDc1NzUyWjAYMRYw
FAYDVQQDEw02N2ExYzg4My00ZmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ZwCFBIK5fZ2npXYBNPBZrJdQIloZYNK/0zjeGe/elAVloiKcTriCZcG
cPXmZew2FcW//qTURg5fJeQ1icHbUhHcA0HMMxOm6mGa5M6TnqZYe71qz2jNeeaW
JvY52LIkigyuFJqC00LcB9QeKGsdwUhRJMl/mJbvNDXi5CDGNSqJnqP61plZzDyT
SmqbAU6MNCMiRWoDHgd75k7jzSIbnLQD1JnRZkoezB09QgVq3efGEAcpTsNTZWV0
4z+lRBF9gQup0cznEZ4CM6EiUDgZJ0ECDUClLZq+QkJgYeEZhbXeAfONbe5db2Cj
uvCRru3C9imlhwlhSyfnlI2YH75buQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIZV
vjiGynfQPnaB6Dnv1ghzIwGWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CREYwNDI5QUUyQ0QxMUVGQkVGQTJFOUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKsMA0GCSqGSIb3DQEB
CwUAA4IBAQCJGTi+NaT8MvKgV1d1Q28ssudi8+PNJV+pbulSbScHGLgeagfRmMjN
zfP842uvsnm/1PYxeEyCqTyXSGxNJPkjcjVzJxsjMyVMlE1NGa/wo6XzwcQPajok
FKzrEJa1O41RjzvYv9onX8vpSq02x0kjZLfPG3gzn8DuGYEeqdEqvxmiOZNTt5w8
2fFsdbfTDTy/genlbC9Cuw/1JcScbq6acztDlXkQg8dtVCwEKNflLyHEpUrptro4
uPA5Jxygru1keoPgXxC3Ie5nJs2iIIdkxcEZesb/AFTzpPVlNnjgLGStmnj+p2kj
PSDebY/hKyccUyZVfhVyKPzMfnX/jd/O
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:37:23 2025 by rpki-client