Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C5517076C91F11EFAA4D9583762E951A.roa
File: C5517076C91F11EFAA4D9583762E951A.roa (raw, json)
Hash identifier: zUDEtPHmau0qg4iSrPAtO/zSfZJh4yQXq3AJ717CW5o=
Subject key identifier: A5:BB:35:F5:D4:11:D0:69:FE:23:A0:29:42:E8:B8:52:86:55:07:05
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013321
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C5517076C91F11EFAA4D9583762E951A.roa
Signing time: Thu 02 Jan 2025 15:39:36 +0000
ROA not before: Thu 02 Jan 2025 15:39:32 +0000
ROA not after: Mon 13 Dec 2027 15:39:32 +0000
asID: 17561
IP address blocks: 154.222.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78625 (0x13321)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 15:39:32 2025 GMT
Not After : Dec 13 15:39:32 2027 GMT
Subject: CN=6776b338-6a08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3a:b4:0a:74:65:2f:d1:73:ff:1a:40:a5:18:
67:83:d6:76:eb:b6:a7:79:00:33:dc:10:f5:82:10:
2f:e7:6b:a0:79:cc:21:35:9a:7c:7a:0c:3a:5e:36:
f0:b6:3d:c2:c0:fe:0a:ed:b5:65:2d:78:78:fb:07:
3b:9a:9b:00:28:99:33:8a:0f:f5:96:2e:bc:72:b7:
26:11:5c:5b:dc:35:2e:52:be:5d:31:a6:9d:89:f0:
29:3e:c3:56:f1:40:4c:9d:01:18:b4:80:76:15:ae:
6b:2f:bb:28:e5:6a:b2:37:cb:d2:d3:de:38:84:5f:
b2:d6:8a:3c:34:11:e1:f3:49:d4:11:2a:dd:14:18:
69:bc:2d:47:e7:33:65:1e:e1:a9:88:1f:10:2b:03:
d1:dd:26:0a:50:ce:b7:f1:07:21:0b:d2:de:9e:7d:
f6:12:8b:be:1c:dd:83:83:5c:6d:f9:d0:ca:b5:b5:
80:dd:c9:7e:0f:e9:f6:c8:43:9c:2f:38:f4:ca:3c:
69:10:a7:db:2f:ff:ed:d4:b0:e1:f9:9e:ea:9e:52:
8f:a4:ab:bd:36:9c:d2:26:6e:ba:62:c3:90:23:c0:
38:5c:54:8f:b3:d5:ee:ae:aa:3c:d7:22:c8:fb:79:
87:c5:26:ba:bf:ed:c0:53:e3:98:61:c9:e8:ce:44:
6d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BB:35:F5:D4:11:D0:69:FE:23:A0:29:42:E8:B8:52:86:55:07:05
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C5517076C91F11EFAA4D9583762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.85.0/24
Signature Algorithm: sha256WithRSAEncryption
58:32:7b:d5:ba:35:71:d4:bd:21:5c:53:40:e8:a6:c7:1c:f2:
2c:b7:93:a4:79:90:0f:f7:8c:1b:0a:ab:5f:93:1b:d6:92:25:
49:50:41:1c:f7:a5:c3:7e:e9:2b:0d:a2:15:59:ef:19:39:c7:
03:d3:0b:e3:f9:c7:81:77:cc:60:88:31:f9:4d:4d:be:01:6d:
06:3d:d7:60:37:7e:62:44:2a:29:dc:e7:96:7f:ee:f2:71:2d:
83:4c:f4:f2:a8:ff:32:5b:3e:fa:81:9b:f0:c3:ce:db:b7:e4:
8b:de:04:33:9f:0b:88:23:f8:f3:21:22:7a:ef:79:ec:8c:57:
47:4e:51:8e:eb:5b:4d:54:3e:12:ec:90:7e:e0:e0:c6:17:a5:
46:67:85:6d:87:e5:f3:e4:f4:1e:24:cd:89:41:32:a3:25:1b:
ae:4d:c3:6d:9f:f8:4f:77:7a:01:94:bf:99:63:78:4d:d1:e5:
0c:56:f3:61:74:16:9c:41:cd:d0:d4:a2:eb:ac:b7:a9:db:55:
37:52:21:3d:6b:f7:68:a3:0b:93:6e:f7:0c:3a:96:b6:39:ac:
ce:aa:c9:7d:30:94:22:fc:52:80:33:1d:86:38:6a:02:c0:59:
89:5b:f9:ee:c5:f0:05:36:be:e4:5b:aa:dd:63:ae:9e:71:5e:
22:fc:01:ce
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATMhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTUzOTMyWhcNMjcxMjEzMTUzOTMyWjAYMRYw
FAYDVQQDEw02Nzc2YjMzOC02YTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvjq0CnRlL9Fz/xpApRhng9Z267aneQAz3BD1ghAv52ugecwhNZp8egw6
Xjbwtj3CwP4K7bVlLXh4+wc7mpsAKJkzig/1li68crcmEVxb3DUuUr5dMaadifAp
PsNW8UBMnQEYtIB2Fa5rL7so5WqyN8vS0944hF+y1oo8NBHh80nUESrdFBhpvC1H
5zNlHuGpiB8QKwPR3SYKUM638QchC9Lenn32Eou+HN2Dg1xt+dDKtbWA3cl+D+n2
yEOcLzj0yjxpEKfbL//t1LDh+Z7qnlKPpKu9NpzSJm66YsOQI8A4XFSPs9Xurqo8
1yLI+3mHxSa6v+3AU+OYYcnozkRtewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKW7
NfXUEdBp/iOgKULouFKGVQcFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNTUxNzA3NkM5MUYxMUVGQUE0RDk1ODM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5VMA0GCSqGSIb3DQEB
CwUAA4IBAQBYMnvVujVx1L0hXFNA6KbHHPIst5OkeZAP94wbCqtfkxvWkiVJUEEc
96XDfukrDaIVWe8ZOccD0wvj+ceBd8xgiDH5TU2+AW0GPddgN35iRCop3OeWf+7y
cS2DTPTyqP8yWz76gZvww87bt+SL3gQznwuII/jzISJ673nsjFdHTlGO61tNVD4S
7JB+4ODGF6VGZ4Vth+Xz5PQeJM2JQTKjJRuuTcNtn/hPd3oBlL+ZY3hN0eUMVvNh
dBacQc3Q1KLrrLep21U3UiE9a/doowuTbvcMOpa2OazOqsl9MJQi/FKAMx2GOGoC
wFmJW/nuxfAFNr7kW6rdY66ecV4i/AHO
-----END CERTIFICATE-----
Generated at Thu Apr 10 06:08:55 2025 by rpki-client