Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D69420CAF43211EF9BAA4668762E951A.roa
File: D69420CAF43211EF9BAA4668762E951A.roa (raw, json)
Hash identifier: Xh3wy8bU5ZYi2yaUm8otsJI7xGq+q8bndfGETN75CX8=
Subject key identifier: 7C:EF:99:82:0D:DE:61:BB:6E:D7:03:02:A3:9A:02:07:D3:C9:9F:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01627F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D69420CAF43211EF9BAA4668762E951A.roa
Signing time: Wed 26 Feb 2025 11:14:26 +0000
ROA not before: Wed 26 Feb 2025 11:14:22 +0000
ROA not after: Thu 19 Feb 2026 11:14:22 +0000
asID: 984
IP address blocks: 154.208.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90751 (0x1627f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:14:22 2025 GMT
Not After : Feb 19 11:14:22 2026 GMT
Subject: CN=67bef792-a884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:07:08:78:8f:79:ce:15:a5:83:4d:42:e7:4c:
aa:b2:1f:0c:d8:0b:09:41:c2:5a:cc:eb:22:a2:3d:
40:b7:1c:74:6b:d1:37:2a:50:44:74:f6:72:1c:e1:
ad:b8:43:d8:bf:de:d6:7f:01:4a:f0:2a:04:8d:d4:
7e:46:dc:1e:e4:d8:85:23:69:cb:10:93:a2:7e:48:
94:04:c3:8d:8e:52:87:8c:11:cf:55:d6:2f:de:0f:
b4:6a:92:cb:c1:a1:4d:76:c1:06:e4:0c:1c:e9:06:
b5:af:53:23:ac:2a:aa:af:ac:0e:bd:24:72:cb:c8:
17:68:46:fd:e1:a5:4a:7d:60:e0:ff:de:88:91:ce:
b6:23:1b:bc:e0:9e:88:d6:f0:fe:ea:09:0e:a1:dd:
19:3f:bb:13:45:2f:59:31:30:11:69:3a:33:3a:21:
10:cb:d8:38:c9:67:fd:ac:b1:6b:14:20:1b:7b:ab:
dc:b5:e1:d4:e5:52:53:5d:e1:c1:b8:c9:82:ff:1f:
d1:f8:4b:9d:d0:cb:46:b1:65:c4:75:c2:0f:a3:fe:
c0:0a:02:3e:f3:c9:48:9c:19:4a:4b:6d:4e:6d:ae:
1b:c0:34:20:8a:00:f4:04:2c:08:4e:14:4d:c9:a7:
52:ed:0c:ff:b1:9c:63:d4:c2:5a:03:bd:9b:a5:3e:
31:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:EF:99:82:0D:DE:61:BB:6E:D7:03:02:A3:9A:02:07:D3:C9:9F:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D69420CAF43211EF9BAA4668762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.92.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:1f:de:ae:69:e4:c9:8e:c1:fa:15:36:d4:ff:c5:bc:62:94:
d4:e8:4e:2b:e3:bf:0b:8d:aa:28:01:bc:a5:06:4d:e6:9a:95:
ac:ac:b9:d8:6a:79:ff:a9:f6:85:eb:48:63:ac:3b:86:73:34:
95:7b:b7:3f:55:3b:ce:cf:35:c2:20:a9:4b:cd:17:e6:a8:7c:
ec:2f:f7:b6:1d:bf:6f:42:0b:be:11:9f:33:0c:00:18:84:0b:
1f:19:e4:98:3d:7c:fe:7c:dc:d3:0f:ee:8b:3e:d6:78:98:ee:
a1:8c:3e:25:ee:99:1f:e6:14:a3:7c:cd:a4:e1:08:f0:6e:b0:
cf:16:7f:e3:5a:ce:a9:87:f3:a8:0f:79:ca:cf:3f:35:73:b5:
ce:fc:86:a2:86:0a:40:53:4e:6b:0f:27:32:12:ed:3e:e8:ca:
0e:3f:0a:cc:d7:61:f0:72:a2:3f:1d:03:87:e7:da:fb:04:a4:
b2:36:4b:36:d1:0c:51:9f:c3:74:8d:dd:52:61:4b:58:71:ec:
be:08:5f:60:e8:2f:5b:4e:35:fd:62:c3:39:bb:f0:f5:c9:60:
2d:c8:7a:4a:a8:ca:87:7b:3a:83:6c:10:7b:e3:89:d9:31:eb:
16:26:1e:19:81:b9:95:31:52:bd:d8:6a:d5:7b:bd:4e:04:bb:
74:ab:b1:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWJ/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTExNDIyWhcNMjYwMjE5MTExNDIyWjAYMRYw
FAYDVQQDEw02N2JlZjc5Mi1hODg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxQcIeI95zhWlg01C50yqsh8M2AsJQcJazOsioj1Atxx0a9E3KlBEdPZy
HOGtuEPYv97WfwFK8CoEjdR+Rtwe5NiFI2nLEJOifkiUBMONjlKHjBHPVdYv3g+0
apLLwaFNdsEG5Awc6Qa1r1MjrCqqr6wOvSRyy8gXaEb94aVKfWDg/96Ikc62Ixu8
4J6I1vD+6gkOod0ZP7sTRS9ZMTARaTozOiEQy9g4yWf9rLFrFCAbe6vcteHU5VJT
XeHBuMmC/x/R+Eud0MtGsWXEdcIPo/7ACgI+88lInBlKS21Oba4bwDQgigD0BCwI
ThRNyadS7Qz/sZxj1MJaA72bpT4xFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHzv
mYIN3mG7btcDAqOaAgfTyZ/UMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjk0MjBDQUY0MzIxMUVGOUJBQTQ2Njg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBcMA0GCSqGSIb3DQEB
CwUAA4IBAQCgH96uaeTJjsH6FTbU/8W8YpTU6E4r478LjaooAbylBk3mmpWsrLnY
ann/qfaF60hjrDuGczSVe7c/VTvOzzXCIKlLzRfmqHzsL/e2Hb9vQgu+EZ8zDAAY
hAsfGeSYPXz+fNzTD+6LPtZ4mO6hjD4l7pkf5hSjfM2k4QjwbrDPFn/jWs6ph/Oo
D3nKzz81c7XO/IaihgpAU05rDycyEu0+6MoOPwrM12HwcqI/HQOH59r7BKSyNks2
0QxRn8N0jd1SYUtYcey+CF9g6C9bTjX9YsM5u/D1yWAtyHpKqMqHezqDbBB744nZ
MesWJh4ZgbmVMVK92GrVe71OBLt0q7EG
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:10:22 2025 by rpki-client