Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA13DDC6CDF011EF98FD53AC762E951A.roa
File: CA13DDC6CDF011EF98FD53AC762E951A.roa (raw, json)
Hash identifier: BlTuRpLJS/OgssdVjzxr585DHgG3+lWQU+uI9zvP8CU=
Subject key identifier: CD:1A:55:35:D5:5C:A8:A7:F2:31:F7:80:D4:4F:E2:E3:56:BD:F0:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013835
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA13DDC6CDF011EF98FD53AC762E951A.roa
Signing time: Wed 08 Jan 2025 18:45:54 +0000
ROA not before: Wed 08 Jan 2025 18:45:50 +0000
ROA not after: Sat 03 Jan 2026 18:45:50 +0000
asID: 984
IP address blocks: 154.200.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79925 (0x13835)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 18:45:50 2025 GMT
Not After : Jan 3 18:45:50 2026 GMT
Subject: CN=677ec7e2-879d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:be:4a:f5:5e:a5:d2:17:63:3f:73:ff:f7:d4:
0f:86:fe:b8:bb:af:c3:90:e9:b2:08:7e:0e:25:86:
59:26:1e:59:63:64:c3:14:5c:f9:8f:ca:c9:03:d8:
64:26:af:f9:79:5e:1a:f0:47:56:52:14:40:42:9c:
81:56:48:be:27:0a:e8:aa:4d:b7:41:cc:b7:45:32:
ba:b6:40:8d:fb:a5:40:21:de:f1:f9:64:ae:9c:5c:
a7:da:bb:7f:5b:bd:4d:32:af:64:63:0a:74:19:2c:
d1:be:70:ef:e8:7d:17:8c:3d:ea:46:66:86:40:d9:
69:36:60:4a:01:22:29:03:c4:02:f9:f6:5f:87:f7:
4b:c0:57:ca:20:8d:a4:71:1e:21:bb:32:48:6c:b0:
f1:13:4f:b9:e2:82:8f:cc:8d:a9:54:2f:7f:19:3d:
66:e6:62:d8:3b:a6:e0:24:d1:65:5d:dc:84:19:6a:
bf:c8:d5:90:a3:df:a7:bd:eb:ae:4e:c1:a8:20:0d:
5f:dd:05:af:11:f7:c9:3a:37:3c:b5:76:ed:a7:9c:
59:26:89:33:12:b6:f4:ab:3c:3a:33:af:83:88:c2:
88:65:9d:5a:f9:70:8c:8e:56:9e:0a:81:a5:84:dc:
b1:eb:0c:75:db:39:eb:9e:ca:4c:4d:22:f9:02:0e:
ce:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:1A:55:35:D5:5C:A8:A7:F2:31:F7:80:D4:4F:E2:E3:56:BD:F0:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA13DDC6CDF011EF98FD53AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.136.0/24
Signature Algorithm: sha256WithRSAEncryption
77:f1:82:1f:c7:3c:55:d9:43:00:ec:81:26:11:7f:ae:22:c1:
ac:2b:7f:56:03:c6:d2:a6:cb:cb:17:51:51:b4:4d:f9:d5:80:
42:1d:35:cb:d1:cb:49:cb:98:a1:f3:75:6d:89:c7:b7:f1:b2:
9c:09:36:4b:fa:1b:13:8a:52:82:49:c1:2c:73:a0:03:38:24:
58:34:b9:d3:8c:d1:27:8f:62:45:71:3f:e4:f0:61:5f:a6:96:
b0:86:b4:87:a3:9d:18:6e:77:f3:6b:a7:bd:a5:68:d9:f8:5c:
d2:98:3f:10:e5:6a:ce:72:53:9d:a9:65:62:b5:20:e8:bd:04:
c1:00:e2:21:a3:a1:38:96:57:b3:92:27:18:2a:f2:51:ed:cc:
d5:76:54:43:27:b7:6b:04:5b:e0:bf:f6:c0:b0:a6:3d:ee:5b:
9a:4d:9a:38:9e:52:35:34:b4:47:48:59:ab:7a:da:8e:de:ed:
d1:46:73:a9:98:eb:f3:df:5f:02:9c:78:b3:00:3d:b3:c0:f2:
fa:ab:f2:dc:f9:35:fb:33:02:6d:dc:56:78:72:c4:c4:57:bf:
c3:61:81:eb:c7:b4:57:d0:a6:81:9c:b5:a3:84:cb:35:f5:ef:
52:e6:7c:b4:df:d9:95:e6:ae:4b:c5:f4:0a:a5:cb:6f:24:55:
f6:1c:4a:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATg1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTg0NTUwWhcNMjYwMTAzMTg0NTUwWjAYMRYw
FAYDVQQDEw02NzdlYzdlMi04NzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA275K9V6l0hdjP3P/99QPhv64u6/DkOmyCH4OJYZZJh5ZY2TDFFz5j8rJ
A9hkJq/5eV4a8EdWUhRAQpyBVki+Jwroqk23Qcy3RTK6tkCN+6VAId7x+WSunFyn
2rt/W71NMq9kYwp0GSzRvnDv6H0XjD3qRmaGQNlpNmBKASIpA8QC+fZfh/dLwFfK
II2kcR4huzJIbLDxE0+54oKPzI2pVC9/GT1m5mLYO6bgJNFlXdyEGWq/yNWQo9+n
veuuTsGoIA1f3QWvEffJOjc8tXbtp5xZJokzErb0qzw6M6+DiMKIZZ1a+XCMjlae
CoGlhNyx6wx12znrnspMTSL5Ag7OuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM0a
VTXVXKin8jH3gNRP4uNWvfAvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQTEzRERDNkNERjAxMUVGOThGRDUzQUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsiIMA0GCSqGSIb3DQEB
CwUAA4IBAQB38YIfxzxV2UMA7IEmEX+uIsGsK39WA8bSpsvLF1FRtE351YBCHTXL
0ctJy5ih83Vtice38bKcCTZL+hsTilKCScEsc6ADOCRYNLnTjNEnj2JFcT/k8GFf
ppawhrSHo50Ybnfza6e9pWjZ+FzSmD8Q5WrOclOdqWVitSDovQTBAOIho6E4llez
kicYKvJR7czVdlRDJ7drBFvgv/bAsKY97luaTZo4nlI1NLRHSFmretqO3u3RRnOp
mOvz318CnHizAD2zwPL6q/Lc+TX7MwJt3FZ4csTEV7/DYYHrx7RX0KaBnLWjhMs1
9e9S5ny039mV5q5LxfQKpctvJFX2HEq9
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:38:48 2025 by rpki-client