Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF79A90ACDBD11EFA9017F6B762E951A.roa
File: BF79A90ACDBD11EFA9017F6B762E951A.roa (raw, json)
Hash identifier: BDTqlAIncs0GDbV2IB2nF7W3/ia2JtMKQi/BIPoEKvM=
Subject key identifier: 97:C2:D8:11:8E:8C:47:65:EE:4F:18:A3:2D:F3:F3:1F:11:67:2C:19
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136F6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF79A90ACDBD11EFA9017F6B762E951A.roa
Signing time: Wed 08 Jan 2025 12:40:32 +0000
ROA not before: Wed 08 Jan 2025 12:40:28 +0000
ROA not after: Tue 16 Dec 2025 12:40:28 +0000
asID: 984
IP address blocks: 154.200.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79606 (0x136f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 12:40:28 2025 GMT
Not After : Dec 16 12:40:28 2025 GMT
Subject: CN=677e7240-0bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6d:f0:21:f8:a7:ea:0f:4c:6c:d4:b1:76:12:
84:01:c7:06:d6:11:93:06:b6:97:1c:bb:07:8f:a3:
48:fc:60:57:67:91:d1:6b:fa:04:a8:9a:09:02:b2:
fa:78:44:30:9c:cd:b6:aa:38:30:84:cc:27:17:ab:
97:eb:f9:b4:74:d5:af:dd:a0:e9:b5:fb:01:7f:ae:
c9:f9:61:90:08:5e:18:8e:d8:68:ac:20:ab:44:14:
98:23:b2:44:6f:9f:7b:aa:dc:45:5c:3e:cc:1d:45:
fb:ae:3f:64:b8:93:ec:1c:32:39:5c:d2:ce:9e:56:
5b:94:b8:d6:a0:48:99:b5:98:7c:62:38:57:aa:ad:
50:5a:6a:8a:d3:c6:21:b4:1d:e8:c2:92:ae:c9:b9:
2e:01:3e:43:f1:27:e0:a0:c3:55:a7:be:c8:4b:19:
88:94:fb:92:22:30:f2:37:16:b6:35:25:11:b6:fa:
ee:4c:3d:77:4b:37:f9:31:30:42:2a:d6:02:3e:f8:
05:24:68:5b:22:79:70:b2:2d:82:f0:55:ea:63:96:
02:be:03:3a:5d:d1:2f:80:75:2a:d6:95:3c:5b:d4:
0c:86:06:fa:61:d5:33:2e:13:7f:ae:d3:b8:87:94:
eb:6d:94:2b:38:54:a7:f8:32:ea:1a:63:12:03:8c:
d4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C2:D8:11:8E:8C:47:65:EE:4F:18:A3:2D:F3:F3:1F:11:67:2C:19
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF79A90ACDBD11EFA9017F6B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.214.0/24
Signature Algorithm: sha256WithRSAEncryption
64:6a:4d:63:12:8b:b9:a1:d8:1e:16:c6:c8:64:05:51:15:71:
ca:de:c3:55:4e:04:5b:62:cf:e5:20:35:58:d7:c1:e9:c3:95:
87:12:17:8a:97:3c:0c:bf:8e:36:0c:c2:f9:5e:0c:70:41:75:
d4:59:b8:50:76:8e:6e:6e:e7:14:24:28:05:ac:5b:11:1d:f6:
ab:98:08:6a:90:d0:39:ba:a4:4a:45:46:11:27:20:be:1c:a1:
b1:f0:3b:64:d5:1a:09:20:50:b6:41:d5:16:37:18:9a:92:82:
0c:2e:2b:7c:6d:40:1c:16:51:cc:45:60:e4:3c:36:ae:ac:46:
b0:56:8d:cd:fb:04:15:6f:8a:9c:09:f7:d8:46:f1:4c:a4:ea:
cc:e2:50:4d:b3:1e:e8:a1:d4:e9:60:87:52:84:76:51:7b:54:
70:f2:73:f1:66:78:af:85:58:72:46:7f:7a:cb:12:4f:f7:a8:
bf:c7:f4:45:41:d5:5e:5c:2d:1d:73:81:34:d5:6a:5f:41:e5:
61:c3:6f:ba:bb:66:5f:06:33:24:0e:6d:46:05:4c:f2:e2:23:
a6:cf:4b:9c:cc:43:80:f2:65:42:6c:29:83:18:e7:77:38:b9:
2a:e7:43:90:d5:64:17:47:a0:90:37:0b:9a:ba:df:b5:c2:b7:
40:d8:ee:2a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATb2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTI0MDI4WhcNMjUxMjE2MTI0MDI4WjAYMRYw
FAYDVQQDEw02NzdlNzI0MC0wYmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3G3wIfin6g9MbNSxdhKEAccG1hGTBraXHLsHj6NI/GBXZ5HRa/oEqJoJ
ArL6eEQwnM22qjgwhMwnF6uX6/m0dNWv3aDptfsBf67J+WGQCF4YjthorCCrRBSY
I7JEb597qtxFXD7MHUX7rj9kuJPsHDI5XNLOnlZblLjWoEiZtZh8YjhXqq1QWmqK
08YhtB3owpKuybkuAT5D8SfgoMNVp77ISxmIlPuSIjDyNxa2NSURtvruTD13Szf5
MTBCKtYCPvgFJGhbInlwsi2C8FXqY5YCvgM6XdEvgHUq1pU8W9QMhgb6YdUzLhN/
rtO4h5TrbZQrOFSn+DLqGmMSA4zUtQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJfC
2BGOjEdl7k8Yoy3z8x8RZywZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjc5QTkwQUNEQkQxMUVGQTkwMTdGNkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjWMA0GCSqGSIb3DQEB
CwUAA4IBAQBkak1jEou5odgeFsbIZAVRFXHK3sNVTgRbYs/lIDVY18Hpw5WHEheK
lzwMv442DML5XgxwQXXUWbhQdo5ubucUJCgFrFsRHfarmAhqkNA5uqRKRUYRJyC+
HKGx8Dtk1RoJIFC2QdUWNxiakoIMLit8bUAcFlHMRWDkPDaurEawVo3N+wQVb4qc
CffYRvFMpOrM4lBNsx7oodTpYIdShHZRe1Rw8nPxZnivhVhyRn96yxJP96i/x/RF
QdVeXC0dc4E01WpfQeVhw2+6u2ZfBjMkDm1GBUzy4iOmz0uczEOA8mVCbCmDGOd3
OLkq50OQ1WQXR6CQNwuaut+1wrdA2O4q
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:49 2025 by rpki-client