Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7679F62E31811EFAAEC008C762E951A.roa
File: C7679F62E31811EFAAEC008C762E951A.roa (raw, json)
Hash identifier: lMn4T4BMcSZFKbdUQkNDEUCHaVj31EYlu9gWg6aEld4=
Subject key identifier: DB:1C:E1:4F:95:70:72:0E:6E:16:C0:94:3E:F2:81:AB:0A:69:2E:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015137
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7679F62E31811EFAAEC008C762E951A.roa
Signing time: Tue 04 Feb 2025 16:55:04 +0000
ROA not before: Tue 04 Feb 2025 16:55:00 +0000
ROA not after: Wed 30 Apr 2025 16:55:00 +0000
asID: 18229
IP address blocks: 154.210.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86327 (0x15137)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 16:55:00 2025 GMT
Not After : Apr 30 16:55:00 2025 GMT
Subject: CN=67a24667-9da8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c4:f3:9a:af:ff:ce:9e:30:14:bc:0c:82:91:
1f:0a:94:51:2c:fe:4d:fe:0b:63:e9:da:a5:62:cc:
fd:c4:09:18:1f:3f:62:bf:0b:4a:ac:9f:a6:94:c2:
76:dc:0f:fb:3c:98:09:63:1a:2f:c1:d0:1e:99:ea:
aa:09:29:87:c5:4f:dc:6f:c2:0c:7d:0d:85:a4:65:
c2:02:0b:97:15:09:f8:9d:1f:45:56:48:9e:df:ec:
f5:89:31:02:a7:f0:ab:27:04:59:8c:9f:72:95:54:
55:a4:80:c2:aa:3e:90:5c:eb:43:2f:f9:e4:11:f4:
5e:31:20:fc:6b:c1:5a:bb:7a:ce:9c:bb:85:5b:81:
cb:43:56:c4:55:25:4c:e5:50:4b:31:c6:4f:b4:90:
6a:3e:3b:0a:e4:92:bd:c4:4a:60:1e:5a:ec:4e:5d:
a1:13:4d:2e:c8:2f:79:2e:5e:79:81:02:e5:45:fe:
1c:37:ab:92:95:91:05:a1:51:df:84:47:d7:99:0b:
1f:aa:ae:1c:92:fd:c3:3e:fe:8e:74:50:fd:4f:a9:
62:4b:8b:c1:6f:8b:b3:28:78:46:8b:ab:5f:e6:cc:
b1:48:13:e9:49:75:20:66:b3:5c:6c:58:5c:62:31:
c1:63:1e:87:cf:c0:4b:d4:e6:de:3e:f6:65:14:f2:
54:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1C:E1:4F:95:70:72:0E:6E:16:C0:94:3E:F2:81:AB:0A:69:2E:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7679F62E31811EFAAEC008C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.167.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:0f:80:1c:c2:e4:76:ac:c4:d2:b6:4a:2b:f6:37:3e:d8:06:
20:3f:1b:45:c4:9b:f3:20:a6:23:ac:09:2d:de:90:55:32:64:
0a:2f:3e:a3:f8:a6:0d:b3:b6:d9:89:b0:ec:6d:6e:77:77:6a:
3a:02:d1:1a:c9:f2:02:b9:7d:3d:79:51:7b:dd:4e:7d:6b:fb:
84:85:08:24:39:6b:75:49:4b:13:b1:7f:74:18:e1:0e:29:a5:
35:62:eb:04:f7:5c:4c:14:94:3b:fc:3e:2d:4b:ea:5b:0c:18:
d4:e2:ce:52:9a:ad:79:2b:fa:d1:ca:55:81:ee:75:35:3b:45:
5b:f0:c2:ef:cf:a3:1e:58:14:df:2d:9c:57:2d:61:ba:bb:cd:
90:87:0b:27:6d:c9:3b:c7:3d:63:e5:8b:c3:d0:ed:5d:89:ce:
2e:bc:41:a6:7e:51:c3:3e:3d:b7:a8:5f:35:66:81:c0:90:c5:
0a:24:80:a9:1d:fd:bd:ae:8b:84:cb:77:6f:e4:96:12:72:01:
74:9b:02:c3:fd:44:d1:14:69:e8:86:96:58:8e:6c:17:95:cd:
fc:ea:f1:4f:cf:4c:cb:d5:df:e6:76:49:e5:e6:b7:8f:09:84:
7c:40:db:17:ac:bd:ca:a4:d3:51:9d:ef:28:e5:62:eb:e2:11:
ee:ea:b1:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVE3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MTY1NTAwWhcNMjUwNDMwMTY1NTAwWjAYMRYw
FAYDVQQDEw02N2EyNDY2Ny05ZGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxcTzmq//zp4wFLwMgpEfCpRRLP5N/gtj6dqlYsz9xAkYHz9ivwtKrJ+m
lMJ23A/7PJgJYxovwdAemeqqCSmHxU/cb8IMfQ2FpGXCAguXFQn4nR9FVkie3+z1
iTECp/CrJwRZjJ9ylVRVpIDCqj6QXOtDL/nkEfReMSD8a8Fau3rOnLuFW4HLQ1bE
VSVM5VBLMcZPtJBqPjsK5JK9xEpgHlrsTl2hE00uyC95Ll55gQLlRf4cN6uSlZEF
oVHfhEfXmQsfqq4ckv3DPv6OdFD9T6liS4vBb4uzKHhGi6tf5syxSBPpSXUgZrNc
bFhcYjHBYx6Hz8BL1ObePvZlFPJUOwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNsc
4U+VcHIObhbAlD7ygasKaS5NMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNzY3OUY2MkUzMTgxMUVGQUFFQzAwOEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKnMA0GCSqGSIb3DQEB
CwUAA4IBAQCPD4AcwuR2rMTStkor9jc+2AYgPxtFxJvzIKYjrAkt3pBVMmQKLz6j
+KYNs7bZibDsbW53d2o6AtEayfICuX09eVF73U59a/uEhQgkOWt1SUsTsX90GOEO
KaU1YusE91xMFJQ7/D4tS+pbDBjU4s5Smq15K/rRylWB7nU1O0Vb8MLvz6MeWBTf
LZxXLWG6u82Qhwsnbck7xz1j5YvD0O1dic4uvEGmflHDPj23qF81ZoHAkMUKJICp
Hf29rouEy3dv5JYScgF0mwLD/UTRFGnohpZYjmwXlc386vFPz0zL1d/mdknl5reP
CYR8QNsXrL3KpNNRne8o5WLr4hHu6rFp
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:56:58 2025 by rpki-client