Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1D611B4F3D411EFADBE2A51762E951A.roa
File: D1D611B4F3D411EFADBE2A51762E951A.roa (raw, json)
Hash identifier: CZRL6Wk5ruJmQwNU19eIN6g9Nz8jCvfYRwATB03vSWg=
Subject key identifier: CB:B9:28:73:96:34:FA:56:6A:B3:3E:06:86:F6:C1:CE:F6:6E:58:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016027
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1D611B4F3D411EFADBE2A51762E951A.roa
Signing time: Wed 26 Feb 2025 00:01:25 +0000
ROA not before: Wed 26 Feb 2025 00:00:21 +0000
ROA not after: Thu 19 Feb 2026 00:00:21 +0000
asID: 984
IP address blocks: 154.89.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90151 (0x16027)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 00:00:21 2025 GMT
Not After : Feb 19 00:00:21 2026 GMT
Subject: CN=67be59d5-2495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:17:8a:02:55:b4:54:8f:32:8e:39:0a:01:13:
fd:f5:79:5e:bc:0b:c4:9e:2f:77:c3:6d:a9:a2:97:
84:d0:16:65:9e:fa:50:76:0c:ce:30:ff:bc:fb:02:
74:db:bf:b8:b6:c1:61:a5:75:d4:f4:41:9f:9a:91:
28:31:9f:3c:1d:36:f8:0e:bf:79:49:09:9b:0c:6b:
47:be:73:e3:eb:cd:b8:bb:db:7f:d9:8a:2a:b9:3c:
1e:81:71:7f:a7:12:5f:a7:28:6b:d3:03:ea:5d:36:
36:df:b1:cb:65:5c:30:3e:e6:4e:8b:80:97:23:3b:
be:fa:ae:99:97:a6:51:45:64:ba:da:e4:3f:85:03:
67:25:ef:6f:bc:b5:2b:db:39:99:a9:fa:e2:96:af:
c6:86:cc:e2:77:44:7c:8e:c8:7b:a5:e9:95:b3:93:
fb:85:26:41:73:3e:7b:99:fa:74:e4:7a:fe:4d:b5:
5c:8d:33:ac:bc:59:6a:37:9f:9c:31:1a:da:52:55:
d7:94:c5:3f:a0:58:71:54:11:ef:2e:85:18:2f:ea:
ac:99:c2:99:bb:d0:31:5e:69:94:e7:d6:06:ed:49:
66:59:52:cc:fd:c6:1d:6d:5d:af:f2:1a:76:92:00:
65:53:f5:b0:b6:eb:b3:4e:b6:0d:75:c3:66:2f:ed:
5d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B9:28:73:96:34:FA:56:6A:B3:3E:06:86:F6:C1:CE:F6:6E:58:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1D611B4F3D411EFADBE2A51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.226.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:c0:16:68:1c:ca:3b:3f:ea:e0:01:fe:c0:fd:bc:a1:bd:90:
1e:59:7c:2e:94:e5:54:95:8f:27:f6:d8:31:40:d3:8a:36:64:
67:bb:50:9b:6d:d6:df:ef:11:c9:19:df:f4:cc:28:7f:74:7f:
5f:a7:52:02:85:c7:4a:a5:b0:87:c5:1d:b0:9f:15:65:57:e0:
53:38:a5:f5:4d:94:1d:bf:d9:55:8f:2b:fd:58:7f:b9:c1:11:
fb:c1:28:ef:04:8c:14:1b:61:e8:a7:32:d1:17:d9:a3:00:64:
1f:52:40:72:d0:06:9d:a1:1a:d8:51:3e:dd:85:97:d6:e8:53:
aa:12:8f:aa:01:a5:a0:e3:b7:f4:97:12:6e:89:2e:05:6d:f7:
41:6a:2e:5b:8e:fb:ba:df:6c:df:34:01:67:09:c9:e7:d6:f2:
9c:64:30:2c:00:b9:29:d2:ca:4b:36:9b:e9:fb:85:48:81:70:
77:69:0a:39:81:45:9e:6f:dc:e8:1c:cc:de:0e:2e:7f:56:ed:
78:bb:2c:19:f5:40:61:44:f4:4d:1c:d1:a3:cf:c8:b4:81:5e:
50:d6:78:7b:6f:fa:0a:ba:ea:66:48:d8:ba:a0:37:c5:47:67:
4e:97:83:d8:42:77:e3:cb:35:7e:df:ff:76:4d:b4:83:7a:74:
bc:90:e4:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWAnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDAwMDIxWhcNMjYwMjE5MDAwMDIxWjAYMRYw
FAYDVQQDEw02N2JlNTlkNS0yNDk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArxeKAlW0VI8yjjkKARP99XlevAvEni93w22popeE0BZlnvpQdgzOMP+8
+wJ027+4tsFhpXXU9EGfmpEoMZ88HTb4Dr95SQmbDGtHvnPj6824u9t/2YoquTwe
gXF/pxJfpyhr0wPqXTY237HLZVwwPuZOi4CXIzu++q6Zl6ZRRWS62uQ/hQNnJe9v
vLUr2zmZqfrilq/Ghszid0R8jsh7pemVs5P7hSZBcz57mfp05Hr+TbVcjTOsvFlq
N5+cMRraUlXXlMU/oFhxVBHvLoUYL+qsmcKZu9AxXmmU59YG7UlmWVLM/cYdbV2v
8hp2kgBlU/WwtuuzTrYNdcNmL+1d/wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMu5
KHOWNPpWarM+Bob2wc72bljoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMUQ2MTFCNEYzRDQxMUVGQURCRTJBNTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlniMA0GCSqGSIb3DQEB
CwUAA4IBAQCKwBZoHMo7P+rgAf7A/byhvZAeWXwulOVUlY8n9tgxQNOKNmRnu1Cb
bdbf7xHJGd/0zCh/dH9fp1IChcdKpbCHxR2wnxVlV+BTOKX1TZQdv9lVjyv9WH+5
wRH7wSjvBIwUG2HopzLRF9mjAGQfUkBy0AadoRrYUT7dhZfW6FOqEo+qAaWg47f0
lxJuiS4FbfdBai5bjvu632zfNAFnCcnn1vKcZDAsALkp0spLNpvp+4VIgXB3aQo5
gUWeb9zoHMzeDi5/Vu14uywZ9UBhRPRNHNGjz8i0gV5Q1nh7b/oKuupmSNi6oDfF
R2dOl4PYQnfjyzV+3/92TbSDenS8kOSj
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:32 2025 by rpki-client