Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C68C9C70DA1F11EFAF9B048F762E951A.roa
File: C68C9C70DA1F11EFAF9B048F762E951A.roa (raw, json)
Hash identifier: xGCBlNeOpj+aDQ6xLl9+xXEFmqo8SGjYR0HtXAD/Qyo=
Subject key identifier: DF:3C:9A:CE:EC:3D:7E:66:3C:4C:EB:EA:BF:01:C8:7F:C8:00:81:53
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0143FC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C68C9C70DA1F11EFAF9B048F762E951A.roa
Signing time: Fri 24 Jan 2025 06:52:28 +0000
ROA not before: Fri 24 Jan 2025 06:52:24 +0000
ROA not after: Tue 13 May 2025 06:52:24 +0000
asID: 138915
IP address blocks: 154.205.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82940 (0x143fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 06:52:24 2025 GMT
Not After : May 13 06:52:24 2025 GMT
Subject: CN=679338ac-1eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:07:63:d4:1a:93:03:a8:e2:a0:5f:59:66:31:
12:fd:92:6d:89:7e:40:dc:aa:66:ad:70:ad:26:77:
ff:83:06:1c:8b:22:9d:f3:39:7e:58:7b:42:a9:bf:
5f:16:67:38:97:8f:1f:67:58:56:d6:05:45:d2:0c:
41:3e:d7:90:a7:58:77:72:46:e3:6f:0d:42:6d:7e:
9e:eb:ce:55:3e:24:7b:fc:60:9d:fd:33:9e:90:bd:
dc:00:59:f0:95:ef:8f:48:bf:2d:b7:f8:28:41:c7:
cf:b6:97:95:93:e1:53:bf:42:8e:30:05:5e:e5:13:
a6:be:86:8d:9b:d8:f5:cd:f5:b2:9d:65:b5:20:9f:
3d:24:79:42:9f:d3:b7:6b:60:4a:7b:37:31:94:35:
24:26:a9:01:54:b0:f0:10:49:33:52:59:2b:d3:54:
18:de:d1:be:71:f5:cd:a1:60:cb:4d:d5:d2:f8:8a:
11:37:a8:29:8b:ee:73:ad:f7:61:84:bc:37:6a:a8:
ab:7e:7d:40:bd:87:e3:fe:2f:2d:3f:02:dc:53:06:
a7:63:88:78:8f:dc:53:df:1d:6b:ed:f7:9c:d7:12:
09:63:b1:27:a3:52:52:4e:51:a8:22:ad:9d:4d:c8:
88:e1:f8:8b:ca:08:99:f2:44:e8:2c:01:92:28:58:
24:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3C:9A:CE:EC:3D:7E:66:3C:4C:EB:EA:BF:01:C8:7F:C8:00:81:53
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C68C9C70DA1F11EFAF9B048F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.133.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:92:4b:a9:5e:3b:b4:82:04:ab:d0:dd:6e:b4:86:46:87:b9:
29:77:9a:63:ff:32:22:9d:aa:28:d7:90:ff:8f:22:b4:6b:62:
0e:a8:67:be:5b:94:5f:d1:35:39:fb:d1:95:f0:d2:be:ca:57:
df:36:0e:0c:16:35:42:99:b9:ce:d2:63:a3:f1:84:8e:1f:d7:
a8:7b:12:e3:8c:4e:1d:d2:a2:72:07:7f:52:1b:a8:36:70:e8:
fd:d7:97:b3:49:c3:fa:f4:0a:27:b3:42:7f:43:7d:2e:b9:b5:
f2:5c:2a:79:35:a1:09:de:18:dd:1d:c0:a4:58:12:83:b3:00:
20:a9:a4:c6:d3:b6:4e:9b:5f:7c:4b:1d:31:2a:06:9b:af:9d:
46:f5:91:3c:f6:00:23:34:74:28:96:d3:c2:e6:06:89:81:bf:
c7:58:1b:cc:5e:58:3c:41:ea:ff:72:ea:c9:01:44:ae:1e:5e:
a1:34:21:6e:79:1f:5a:be:f3:43:13:b2:22:f1:c4:2d:d5:d0:
50:12:12:e7:b5:32:1e:69:a2:c5:11:e0:72:2d:95:3b:6f:71:
e9:94:9f:96:59:aa:62:31:58:b8:5f:3d:72:ab:0f:80:9b:e1:
77:17:09:60:35:77:5f:bf:dd:49:b3:62:96:41:1a:05:9b:45:
74:3a:e8:2d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUP8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDY1MjI0WhcNMjUwNTEzMDY1MjI0WjAYMRYw
FAYDVQQDEw02NzkzMzhhYy0xZWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAngdj1BqTA6jioF9ZZjES/ZJtiX5A3KpmrXCtJnf/gwYciyKd8zl+WHtC
qb9fFmc4l48fZ1hW1gVF0gxBPteQp1h3ckbjbw1CbX6e685VPiR7/GCd/TOekL3c
AFnwle+PSL8tt/goQcfPtpeVk+FTv0KOMAVe5ROmvoaNm9j1zfWynWW1IJ89JHlC
n9O3a2BKezcxlDUkJqkBVLDwEEkzUlkr01QY3tG+cfXNoWDLTdXS+IoRN6gpi+5z
rfdhhLw3aqirfn1AvYfj/i8tPwLcUwanY4h4j9xT3x1r7fec1xIJY7Eno1JSTlGo
Iq2dTciI4fiLygiZ8kToLAGSKFgkwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN88
ms7sPX5mPEzr6r8ByH/IAIFTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjhDOUM3MERBMUYxMUVGQUY5QjA0OEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2FMA0GCSqGSIb3DQEB
CwUAA4IBAQBLkkupXju0ggSr0N1utIZGh7kpd5pj/zIinaoo15D/jyK0a2IOqGe+
W5Rf0TU5+9GV8NK+ylffNg4MFjVCmbnO0mOj8YSOH9eoexLjjE4d0qJyB39SG6g2
cOj915ezScP69Aons0J/Q30uubXyXCp5NaEJ3hjdHcCkWBKDswAgqaTG07ZOm198
Sx0xKgabr51G9ZE89gAjNHQoltPC5gaJgb/HWBvMXlg8Qer/curJAUSuHl6hNCFu
eR9avvNDE7Ii8cQt1dBQEhLntTIeaaLFEeByLZU7b3HplJ+WWapiMVi4Xz1yqw+A
m+F3FwlgNXdfv91Js2KWQRoFm0V0Ougt
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:21:06 2025 by rpki-client