Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C63FCB96F43E11EFBFB7F4BA762E951A.roa
File: C63FCB96F43E11EFBFB7F4BA762E951A.roa (raw, json)
Hash identifier: 4mMpc3ULSZgx34l26WMJYLwvqNqYktTjbCVQkEL0xtk=
Subject key identifier: 86:52:4D:A5:0F:B4:66:46:71:3F:C4:B3:F3:1D:EE:CD:87:90:74:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016337
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C63FCB96F43E11EFBFB7F4BA762E951A.roa
Signing time: Wed 26 Feb 2025 12:39:52 +0000
ROA not before: Wed 26 Feb 2025 12:39:49 +0000
ROA not after: Fri 20 Feb 2026 12:39:49 +0000
asID: 984
IP address blocks: 154.83.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90935 (0x16337)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:39:49 2025 GMT
Not After : Feb 20 12:39:49 2026 GMT
Subject: CN=67bf0b98-3159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e0:6e:37:89:44:38:46:fa:3d:39:82:e9:bf:
78:b8:c7:c3:bb:81:af:5a:21:7d:37:1f:48:54:8a:
26:03:a2:d3:43:6e:26:73:58:07:f8:0d:fb:0f:3a:
a3:eb:7b:2b:e9:f0:44:e8:14:52:08:de:24:1e:5a:
94:ba:d1:55:98:56:b1:ef:cc:a5:05:eb:ad:cc:0b:
85:d3:e7:31:ec:cc:24:75:30:1c:ab:c9:18:d8:cf:
4a:34:3f:94:06:fc:5e:ab:25:c3:f1:cb:3f:2e:ed:
b6:dc:1e:fd:04:d6:0a:0b:dd:31:69:42:8c:02:62:
91:e7:59:7a:ad:e5:69:f7:45:93:fa:54:d1:3b:c8:
bb:d1:96:f4:33:a9:1e:bb:89:48:ec:55:7c:bc:ae:
0d:07:84:01:e1:fe:0d:fd:f7:2e:f0:2e:12:a4:82:
63:04:34:98:5d:2f:aa:4b:19:1c:7a:88:34:58:95:
54:03:3c:0e:52:ca:9a:54:3c:e9:ab:a0:9c:af:92:
c0:dc:5d:d7:d0:52:91:0a:22:ed:8f:56:50:6d:04:
6c:6c:6f:23:f2:4f:17:b8:a9:ae:36:8b:dd:93:5b:
d4:3e:2f:8e:31:67:d7:4f:26:80:8b:9b:8e:2a:cb:
fc:33:11:0c:d8:63:82:a1:01:d3:ef:cd:7d:db:64:
f7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:52:4D:A5:0F:B4:66:46:71:3F:C4:B3:F3:1D:EE:CD:87:90:74:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C63FCB96F43E11EFBFB7F4BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.133.0/24
Signature Algorithm: sha256WithRSAEncryption
52:39:a5:39:9c:89:0e:35:b2:04:3f:c1:7a:88:5b:f6:6a:cb:
7d:55:63:77:3f:32:7b:46:01:3f:f2:83:41:5f:a3:30:60:46:
47:a5:52:4a:7d:90:3d:66:37:84:93:f3:4f:ae:35:1e:f1:ba:
65:a2:3d:45:c9:08:36:8a:07:87:9f:96:f3:f2:89:44:b8:0e:
77:3b:f7:ba:bf:96:7d:22:a6:41:33:df:46:af:37:38:ac:ca:
ee:6e:3e:48:11:2c:3c:24:1a:11:06:da:e2:89:f1:3c:94:fc:
4a:0a:ba:d0:93:c5:eb:3f:54:fc:6d:c6:d1:c7:ce:2f:f5:a9:
c5:1b:2f:13:a4:22:05:eb:67:00:5d:b5:4e:b2:95:aa:cb:b7:
ab:f4:83:b8:49:8b:31:92:21:4a:04:37:bf:4b:e4:4b:18:48:
2b:72:95:ef:7d:cc:64:87:81:2e:44:df:b7:97:3b:a2:17:50:
3d:ea:a7:da:e3:99:b8:5b:f5:04:48:98:e6:2a:da:ce:6a:0a:
d0:df:6c:c4:08:0d:8f:cc:40:d3:c5:5b:5c:81:c2:8d:aa:db:
c6:fc:d0:94:1f:49:48:ac:c1:2e:ca:34:43:b1:1a:c9:45:dd:
63:3e:67:5e:4f:32:9e:b7:5e:57:1c:95:e6:ef:e4:c7:84:85:
37:0b:e3:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWM3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTIzOTQ5WhcNMjYwMjIwMTIzOTQ5WjAYMRYw
FAYDVQQDEw02N2JmMGI5OC0zMTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxeBuN4lEOEb6PTmC6b94uMfDu4GvWiF9Nx9IVIomA6LTQ24mc1gH+A37
Dzqj63sr6fBE6BRSCN4kHlqUutFVmFax78ylBeutzAuF0+cx7MwkdTAcq8kY2M9K
ND+UBvxeqyXD8cs/Lu223B79BNYKC90xaUKMAmKR51l6reVp90WT+lTRO8i70Zb0
M6keu4lI7FV8vK4NB4QB4f4N/fcu8C4SpIJjBDSYXS+qSxkceog0WJVUAzwOUsqa
VDzpq6Ccr5LA3F3X0FKRCiLtj1ZQbQRsbG8j8k8XuKmuNovdk1vUPi+OMWfXTyaA
i5uOKsv8MxEM2GOCoQHT781922T3EwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIZS
TaUPtGZGcT/Es/Md7s2HkHSDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjNGQ0I5NkY0M0UxMUVGQkZCN0Y0QkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOFMA0GCSqGSIb3DQEB
CwUAA4IBAQBSOaU5nIkONbIEP8F6iFv2ast9VWN3PzJ7RgE/8oNBX6MwYEZHpVJK
fZA9ZjeEk/NPrjUe8bploj1FyQg2igeHn5bz8olEuA53O/e6v5Z9IqZBM99Grzc4
rMrubj5IESw8JBoRBtriifE8lPxKCrrQk8XrP1T8bcbRx84v9anFGy8TpCIF62cA
XbVOspWqy7er9IO4SYsxkiFKBDe/S+RLGEgrcpXvfcxkh4EuRN+3lzuiF1A96qfa
45m4W/UESJjmKtrOagrQ32zECA2PzEDTxVtcgcKNqtvG/NCUH0lIrMEuyjRDsRrJ
Rd1jPmdeTzKet15XHJXm7+THhIU3C+MG
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:46:36 2025 by rpki-client