Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9D90EB6C8B011EFA1EE2148762E951A.roa
File: C9D90EB6C8B011EFA1EE2148762E951A.roa (raw, json)
Hash identifier: EqUrXoCQf/wjFaYgyrPuMyWYcTqAzFF61dn/xsSdsbk=
Subject key identifier: E5:CC:A4:E2:F1:6C:5E:9F:F4:EA:94:07:73:AB:04:3D:D5:01:0F:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0131A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9D90EB6C8B011EFA1EE2148762E951A.roa
Signing time: Thu 02 Jan 2025 02:25:10 +0000
ROA not before: Thu 02 Jan 2025 02:25:06 +0000
ROA not after: Mon 13 Dec 2027 02:25:06 +0000
asID: 17561
IP address blocks: 154.220.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78246 (0x131a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 02:25:06 2025 GMT
Not After : Dec 13 02:25:06 2027 GMT
Subject: CN=6775f906-d25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:1b:a9:92:b4:35:a1:1c:6a:99:e0:d3:ba:1e:
7d:36:b5:77:b4:f9:2e:89:70:11:7e:96:45:10:5c:
21:18:d4:8e:26:c5:c3:17:0a:91:85:11:00:41:b9:
58:77:32:e5:30:31:5c:57:bc:23:24:d9:44:b6:d5:
80:bd:48:9f:a7:f9:61:71:17:14:a4:45:bc:47:1c:
4b:14:48:e9:e3:88:a8:33:0d:9d:a7:68:dc:f8:30:
65:79:c6:f0:48:8b:a0:ce:23:c0:10:b1:05:10:f3:
7c:e0:0c:76:c0:56:33:bb:8e:c5:bc:74:a0:c4:a6:
65:21:87:cf:ce:b3:49:b7:12:d9:7c:a8:70:c9:93:
5c:eb:aa:7d:77:76:70:1f:c1:ab:9e:cc:5c:b6:b4:
2e:45:57:85:56:44:86:ab:15:db:a4:c8:98:35:e7:
6f:ba:6c:5d:67:76:da:36:3f:6f:7f:6a:38:82:71:
1d:f8:0e:dd:52:2d:16:c6:3c:02:c8:22:ca:a9:2b:
0c:1f:45:0e:a5:96:4a:e2:d4:4a:7d:f0:23:d4:e6:
7e:de:7e:97:c1:c4:f7:05:d6:62:27:52:d1:c3:66:
47:e8:cd:29:cf:3a:e3:0a:85:60:21:41:41:c1:6e:
ea:aa:d5:82:05:a2:96:cb:58:2e:6e:8d:26:89:7d:
8b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:CC:A4:E2:F1:6C:5E:9F:F4:EA:94:07:73:AB:04:3D:D5:01:0F:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9D90EB6C8B011EFA1EE2148762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.175.0/24
Signature Algorithm: sha256WithRSAEncryption
01:06:93:34:93:4e:a7:08:37:a8:2c:f5:37:bb:16:42:90:ed:
6f:a2:83:3a:e3:55:56:7a:0b:a4:7d:ed:0f:65:65:91:0e:ad:
97:3c:23:fb:6f:ec:9d:44:a6:26:97:d3:11:cb:ff:52:bc:dc:
88:f3:35:5d:7e:f8:09:3e:5b:b7:17:77:ff:f3:ac:9f:96:a9:
d9:61:26:8a:92:11:1f:3e:02:69:4e:a1:23:20:72:66:99:bc:
41:2c:bd:63:8d:b1:2c:e4:39:73:26:4e:3f:7b:f8:36:b3:c0:
01:a3:01:0f:a3:b0:b4:42:01:eb:9e:00:b5:03:bf:24:cb:a3:
e0:ea:40:0f:f2:d0:72:78:83:b8:21:bc:90:63:04:e5:5e:7b:
17:8c:e2:52:01:ed:58:fb:a0:3e:e3:98:1d:62:2b:3f:74:cf:
09:77:94:93:3b:4f:0b:d5:c2:20:18:93:52:50:a3:76:12:06:
8f:4a:bd:1b:47:38:fa:a6:cf:fb:34:8c:86:75:49:c9:67:74:
65:ad:56:e0:0c:2e:46:a2:e2:45:cb:ef:8c:85:81:7f:76:e5:
df:3a:f8:ee:01:8e:db:de:d7:b3:92:69:b6:1d:23:4b:88:04:
92:24:a3:bd:2a:16:2d:5e:cd:73:25:ad:6a:62:b8:f5:44:44:
41:0b:f5:43
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATGmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDIyNTA2WhcNMjcxMjEzMDIyNTA2WjAYMRYw
FAYDVQQDEw02Nzc1ZjkwNi1kMjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+BupkrQ1oRxqmeDTuh59NrV3tPkuiXARfpZFEFwhGNSOJsXDFwqRhREA
QblYdzLlMDFcV7wjJNlEttWAvUifp/lhcRcUpEW8RxxLFEjp44ioMw2dp2jc+DBl
ecbwSIugziPAELEFEPN84Ax2wFYzu47FvHSgxKZlIYfPzrNJtxLZfKhwyZNc66p9
d3ZwH8GrnsxctrQuRVeFVkSGqxXbpMiYNedvumxdZ3baNj9vf2o4gnEd+A7dUi0W
xjwCyCLKqSsMH0UOpZZK4tRKffAj1OZ+3n6XwcT3BdZiJ1LRw2ZH6M0pzzrjCoVg
IUFBwW7qqtWCBaKWy1gubo0miX2LnwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOXM
pOLxbF6f9OqUB3OrBD3VAQ+lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOUQ5MEVCNkM4QjAxMUVGQTFFRTIxNDg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtyvMA0GCSqGSIb3DQEB
CwUAA4IBAQABBpM0k06nCDeoLPU3uxZCkO1vooM641VWegukfe0PZWWRDq2XPCP7
b+ydRKYml9MRy/9SvNyI8zVdfvgJPlu3F3f/86yflqnZYSaKkhEfPgJpTqEjIHJm
mbxBLL1jjbEs5DlzJk4/e/g2s8ABowEPo7C0QgHrngC1A78ky6Pg6kAP8tByeIO4
IbyQYwTlXnsXjOJSAe1Y+6A+45gdYis/dM8Jd5STO08L1cIgGJNSUKN2EgaPSr0b
Rzj6ps/7NIyGdUnJZ3RlrVbgDC5GouJFy++MhYF/duXfOvjuAY7b3tezkmm2HSNL
iASSJKO9KhYtXs1zJa1qYrj1RERBC/VD
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:03:12 2025 by rpki-client