Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE6F1E56E2D411EF9003BC4B762E951A.roa
File: BE6F1E56E2D411EF9003BC4B762E951A.roa (raw, json)
Hash identifier: 2Jaunwak5kG+GKfAz49tez07sTcInQfwCQentZm/BFw=
Subject key identifier: 32:03:FC:EC:D5:7F:CF:4F:EA:86:F7:7B:62:DE:FD:EA:27:DF:2B:22
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0150B6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE6F1E56E2D411EF9003BC4B762E951A.roa
Signing time: Tue 04 Feb 2025 08:48:03 +0000
ROA not before: Tue 04 Feb 2025 08:47:59 +0000
ROA not after: Wed 30 Apr 2025 08:47:59 +0000
asID: 18229
IP address blocks: 154.210.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86198 (0x150b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 08:47:59 2025 GMT
Not After : Apr 30 08:47:59 2025 GMT
Subject: CN=67a1d443-9e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8d:f5:e8:4d:93:03:2e:8b:75:e0:a2:0e:a4:
aa:05:02:f8:a8:cd:66:f1:42:bd:e4:bc:95:ad:ca:
3f:2e:8b:e8:15:7f:9a:04:26:e3:af:b0:90:5d:ea:
85:17:d0:2a:e5:21:76:70:f8:46:07:cb:57:49:73:
1e:86:ef:dc:47:cd:7f:4a:ed:10:07:de:9f:5b:65:
23:ac:b8:a8:76:29:f2:64:84:75:e5:2f:cb:e0:cd:
32:87:98:94:76:b5:74:ad:d6:32:7c:7a:5d:c0:05:
c2:76:d0:28:37:c0:14:2b:d3:d8:36:a7:30:4e:50:
de:46:aa:3b:6b:26:e1:7d:bf:79:61:47:8a:eb:fd:
d3:77:84:b2:c0:80:61:d7:01:bc:78:68:32:69:59:
6a:0f:2b:ba:d4:0d:12:c5:98:66:22:c3:34:c1:1c:
01:c3:0e:eb:45:fd:e0:b7:07:dd:16:97:b1:04:b0:
51:a3:8d:78:bc:27:d9:a0:2e:b9:98:ac:e5:7c:5b:
5e:57:4a:91:cd:8a:07:77:33:f1:d6:b0:f8:41:02:
a8:d9:f9:03:93:f6:52:63:b4:40:31:05:06:ee:a6:
21:6b:6c:86:20:c8:59:ea:d4:ad:37:ad:65:87:3e:
89:54:fa:23:90:1c:97:9e:d3:72:6d:75:78:2b:ee:
ff:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:03:FC:EC:D5:7F:CF:4F:EA:86:F7:7B:62:DE:FD:EA:27:DF:2B:22
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE6F1E56E2D411EF9003BC4B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.181.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:24:40:10:59:45:81:cd:bd:56:54:ca:e6:3e:29:7d:89:f7:
a2:9b:8f:5d:db:0d:fb:62:5f:81:55:a2:1f:71:2a:40:ea:1f:
3d:9c:39:19:6a:69:98:8c:60:d6:4a:64:c0:00:be:68:6f:65:
9e:9b:96:4a:fa:15:e5:af:85:ce:64:b5:fa:47:af:3f:1e:a8:
76:c5:40:4d:45:60:25:9c:06:53:bd:12:4c:d8:6f:44:cf:a9:
f8:9e:2f:77:9b:09:03:25:ed:ca:13:98:24:bd:00:30:44:3a:
9d:84:6a:16:2a:82:f2:7e:2c:83:c6:f5:a7:55:3a:1a:2e:17:
a2:ef:66:90:39:48:e8:9b:ba:d5:9a:f1:62:a8:1a:2d:11:a0:
0c:01:64:0e:6b:d2:fc:83:45:2c:0f:2b:13:e2:76:51:4c:4b:
b0:fb:13:5a:6b:8d:3d:ba:a7:ff:23:c3:02:8a:37:c0:e3:8d:
f9:00:60:44:f7:2f:4f:5c:c1:5f:0d:25:5c:ce:45:de:3b:60:
26:86:fb:7d:8c:f0:30:4d:f2:80:cc:3c:8a:c2:be:7f:4b:0c:
d1:eb:ff:ca:65:fa:f7:c8:ca:74:14:80:83:5d:08:e1:17:d6:
40:ef:a5:48:d8:74:79:f6:a0:b7:62:c9:7a:cd:22:97:5a:0f:
d1:37:3b:e3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVC2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDg0NzU5WhcNMjUwNDMwMDg0NzU5WjAYMRYw
FAYDVQQDEw02N2ExZDQ0My05ZTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtY316E2TAy6LdeCiDqSqBQL4qM1m8UK95LyVrco/LovoFX+aBCbjr7CQ
XeqFF9Aq5SF2cPhGB8tXSXMehu/cR81/Su0QB96fW2UjrLiodinyZIR15S/L4M0y
h5iUdrV0rdYyfHpdwAXCdtAoN8AUK9PYNqcwTlDeRqo7aybhfb95YUeK6/3Td4Sy
wIBh1wG8eGgyaVlqDyu61A0SxZhmIsM0wRwBww7rRf3gtwfdFpexBLBRo414vCfZ
oC65mKzlfFteV0qRzYoHdzPx1rD4QQKo2fkDk/ZSY7RAMQUG7qYha2yGIMhZ6tSt
N61lhz6JVPojkByXntNybXV4K+7/XQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDID
/OzVf89P6ob3e2Le/eon3ysiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRTZGMUU1NkUyRDQxMUVGOTAwM0JDNEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtK1MA0GCSqGSIb3DQEB
CwUAA4IBAQC/JEAQWUWBzb1WVMrmPil9ifeim49d2w37Yl+BVaIfcSpA6h89nDkZ
ammYjGDWSmTAAL5ob2Wem5ZK+hXlr4XOZLX6R68/Hqh2xUBNRWAlnAZTvRJM2G9E
z6n4ni93mwkDJe3KE5gkvQAwRDqdhGoWKoLyfiyDxvWnVToaLhei72aQOUjom7rV
mvFiqBotEaAMAWQOa9L8g0UsDysT4nZRTEuw+xNaa409uqf/I8MCijfA4435AGBE
9y9PXMFfDSVczkXeO2Amhvt9jPAwTfKAzDyKwr5/SwzR6//KZfr3yMp0FICDXQjh
F9ZA76VI2HR59qC3Ysl6zSKXWg/RNzvj
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:06 2025 by rpki-client