Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEA1320ACDBC11EFA55F0465762E951A.roa
File: CEA1320ACDBC11EFA55F0465762E951A.roa (raw, json)
Hash identifier: LttLMW6LizFpVlbiijqcxZb7O2WDX77+tsbF3xkMc/0=
Subject key identifier: 50:E4:85:E8:70:D3:F9:BA:65:02:21:F1:84:B7:CC:A9:E9:05:66:9B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136EE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEA1320ACDBC11EFA55F0465762E951A.roa
Signing time: Wed 08 Jan 2025 12:33:48 +0000
ROA not before: Wed 08 Jan 2025 12:33:44 +0000
ROA not after: Tue 16 Dec 2025 12:33:44 +0000
asID: 984
IP address blocks: 154.200.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79598 (0x136ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 12:33:44 2025 GMT
Not After : Dec 16 12:33:44 2025 GMT
Subject: CN=677e70ab-410e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:16:4c:6e:e2:f7:78:27:25:f0:e9:f7:5e:fa:
26:d3:46:b8:08:b5:b1:56:29:39:27:c2:e1:af:25:
70:ba:c6:9f:ff:94:6e:10:69:ec:11:4a:b5:82:a6:
8c:7d:00:a2:fc:52:b1:7e:dd:8b:d1:1a:5e:10:ac:
b6:59:72:dd:32:1f:c6:f7:5b:bb:49:14:5a:d4:ea:
39:a5:b7:25:e8:e1:bc:b3:e3:00:7b:c0:14:5a:ba:
82:b2:46:17:7e:a4:ef:c2:b4:9c:ec:74:f0:44:7b:
aa:a6:2d:32:53:d9:4b:a9:3d:18:f3:39:26:f9:22:
b6:d0:a3:d8:fd:5e:84:0f:9e:9a:cc:e3:b4:a6:30:
00:ec:a3:13:92:43:b1:d1:1e:8d:c7:38:82:4b:55:
b4:cc:13:e5:14:a9:26:4b:da:f8:6d:96:ca:14:cf:
94:d6:6d:6c:f3:38:54:7a:b1:b3:22:2f:0d:0b:56:
41:db:4e:67:2b:3e:b3:ee:be:b1:f9:73:7a:89:0b:
2b:24:d1:69:09:6b:8f:8f:2f:1d:d3:95:1d:d6:a6:
32:66:50:aa:3c:67:89:07:91:2e:96:c0:e5:8a:3d:
93:af:a6:99:5d:14:c8:2f:9e:36:1a:89:4a:ea:a3:
d4:b6:2a:85:7e:e5:b5:21:5b:8d:ec:93:b6:2f:8b:
8f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E4:85:E8:70:D3:F9:BA:65:02:21:F1:84:B7:CC:A9:E9:05:66:9B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEA1320ACDBC11EFA55F0465762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.198.0/24
Signature Algorithm: sha256WithRSAEncryption
10:6e:62:4b:25:62:29:46:46:bc:d8:57:8c:6b:c1:27:ff:be:
ab:59:43:f6:da:52:ee:36:8b:00:88:a7:51:11:c8:e2:b8:d2:
96:7d:3f:c4:02:d6:d2:81:69:ee:66:91:1d:59:2a:cb:05:75:
a0:c1:2d:ad:1e:fd:03:9f:13:9b:4c:cf:5f:6e:7c:dd:f7:56:
2e:cd:52:94:d2:45:8e:78:dc:8e:de:41:9c:45:c0:ea:9a:2d:
73:b8:a5:9b:77:32:51:7e:57:ff:82:d1:3b:cf:da:ac:0e:ae:
50:69:ab:76:f4:d7:d2:70:97:69:00:f0:23:05:e1:77:13:34:
ca:b4:60:b0:26:01:53:64:fb:bf:19:6c:7a:38:ad:a6:09:01:
55:3f:11:d7:bb:e4:c3:76:22:3d:75:41:a7:6f:e1:d6:79:36:
b1:c4:fb:28:9f:5d:63:ba:33:0c:71:07:22:26:38:47:26:06:
e0:5a:89:30:15:ff:f9:3e:af:07:a3:75:f5:5f:7c:7c:e6:bc:
32:c7:5b:02:d1:02:de:d2:3b:e9:98:9c:d6:3a:ea:0a:3f:7b:
cb:b1:99:f1:dc:05:3f:50:33:f8:ff:95:c1:9c:0a:ac:90:7a:
2f:38:26:0e:cf:6e:b2:af:3d:4c:9b:fe:2c:0c:13:23:7b:76:
1f:29:78:54
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATbuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTIzMzQ0WhcNMjUxMjE2MTIzMzQ0WjAYMRYw
FAYDVQQDEw02NzdlNzBhYi00MTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyhZMbuL3eCcl8On3Xvom00a4CLWxVik5J8LhryVwusaf/5RuEGnsEUq1
gqaMfQCi/FKxft2L0RpeEKy2WXLdMh/G91u7SRRa1Oo5pbcl6OG8s+MAe8AUWrqC
skYXfqTvwrSc7HTwRHuqpi0yU9lLqT0Y8zkm+SK20KPY/V6ED56azOO0pjAA7KMT
kkOx0R6NxziCS1W0zBPlFKkmS9r4bZbKFM+U1m1s8zhUerGzIi8NC1ZB205nKz6z
7r6x+XN6iQsrJNFpCWuPjy8d05Ud1qYyZlCqPGeJB5EulsDlij2Tr6aZXRTIL542
GolK6qPUtiqFfuW1IVuN7JO2L4uPVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFDk
hehw0/m6ZQIh8YS3zKnpBWabMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRUExMzIwQUNEQkMxMUVGQTU1RjA0NjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjGMA0GCSqGSIb3DQEB
CwUAA4IBAQAQbmJLJWIpRka82FeMa8En/76rWUP22lLuNosAiKdREcjiuNKWfT/E
AtbSgWnuZpEdWSrLBXWgwS2tHv0DnxObTM9fbnzd91YuzVKU0kWOeNyO3kGcRcDq
mi1zuKWbdzJRflf/gtE7z9qsDq5Qaat29NfScJdpAPAjBeF3EzTKtGCwJgFTZPu/
GWx6OK2mCQFVPxHXu+TDdiI9dUGnb+HWeTaxxPson11jujMMcQciJjhHJgbgWokw
Ff/5Pq8Ho3X1X3x85rwyx1sC0QLe0jvpmJzWOuoKP3vLsZnx3AU/UDP4/5XBnAqs
kHovOCYOz26yrz1Mm/4sDBMje3YfKXhU
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:46:54 2025 by rpki-client