Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E709CBE6DA2211EF8AC2C3A1762E951A.roa
File: E709CBE6DA2211EF8AC2C3A1762E951A.roa (raw, json)
Hash identifier: kw8Bq9rkTzRSkYGFFguOUMPMk8VgNYK8vrjT+GI+Idc=
Subject key identifier: 67:C6:4D:F5:92:4A:DB:81:5C:6D:F9:01:59:EE:D1:F1:F6:15:8E:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014412
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E709CBE6DA2211EF8AC2C3A1762E951A.roa
Signing time: Fri 24 Jan 2025 07:14:51 +0000
ROA not before: Fri 24 Jan 2025 07:14:47 +0000
ROA not after: Tue 13 May 2025 07:14:47 +0000
asID: 138915
IP address blocks: 154.205.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82962 (0x14412)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 07:14:47 2025 GMT
Not After : May 13 07:14:47 2025 GMT
Subject: CN=67933deb-3f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ba:d7:c7:46:a7:2a:b6:e7:f1:6b:7c:cc:23:
cd:ba:d6:d1:23:6d:9e:29:ce:83:48:57:f9:bf:68:
0b:18:dc:1e:f8:74:63:45:9c:70:e4:76:8d:10:ef:
e2:da:73:76:4a:1f:0a:3d:30:be:f6:bb:bf:bc:52:
7f:7c:d7:55:43:bd:00:11:57:44:42:07:10:44:e0:
da:0c:86:fd:dc:28:c6:af:2f:80:d7:b0:42:28:9a:
10:5c:63:57:47:16:71:b1:1c:f0:91:c7:15:5a:05:
b6:3f:ea:ca:f8:78:94:3b:22:dc:f2:9f:31:d5:23:
c4:a2:fe:b0:8e:83:7b:9a:f1:99:9b:f9:b7:5e:7b:
23:1a:8e:26:dc:62:10:db:3a:89:9a:2d:7a:ec:d4:
9b:aa:3c:3d:b4:37:4d:76:ae:2a:3f:d9:84:69:f5:
1d:84:db:53:92:9d:04:5c:e2:a5:5a:61:e0:6f:95:
4a:69:f8:8c:29:5c:52:c6:69:42:79:d5:86:9e:f2:
71:b8:25:0d:5c:e3:a1:b3:4d:be:da:29:f6:2a:f6:
c6:fd:f5:59:76:61:9f:c3:a8:71:92:84:87:f8:3b:
9f:75:4e:ed:42:86:81:5c:ae:1d:fa:cd:82:21:fc:
45:21:db:90:c1:6b:36:5f:7c:cd:b1:c6:bf:cf:ff:
ca:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C6:4D:F5:92:4A:DB:81:5C:6D:F9:01:59:EE:D1:F1:F6:15:8E:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E709CBE6DA2211EF8AC2C3A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.128.0/24
Signature Algorithm: sha256WithRSAEncryption
22:6a:04:4f:c7:57:75:2d:f8:e9:77:f1:47:2b:9e:c1:2b:51:
5f:e1:c5:5c:80:11:0b:38:e1:66:aa:13:98:bf:8a:4a:bf:1f:
be:c6:e7:8c:77:b9:06:ac:4f:5d:94:68:d5:ff:fd:c7:55:81:
26:be:a9:77:d6:f2:77:b7:bc:a5:f8:76:cc:8c:87:fc:f1:1c:
d9:c7:c0:7f:c9:64:2c:38:cb:0c:ab:80:79:7f:f2:35:aa:33:
e7:43:5b:ab:2a:89:4d:9a:08:1c:d6:72:ee:e7:bd:3f:83:62:
b8:47:da:35:eb:c8:6f:cb:d0:93:00:49:82:51:75:89:2e:61:
db:04:c3:7c:35:ed:7e:f3:0a:03:24:91:89:5a:e2:eb:0e:7b:
86:2b:76:bf:93:94:e3:8c:e5:1e:9c:63:5c:ca:69:b0:db:e9:
f0:32:0e:19:58:be:fa:0f:a0:ba:c3:1f:53:ba:35:c3:37:21:
2a:4b:8a:a2:1e:f0:b5:b6:cb:a9:d0:06:55:da:8b:f6:59:2f:
04:61:e4:e7:05:a7:23:c5:0b:90:37:00:6b:4b:2d:4a:04:53:
45:4f:3a:49:04:fa:47:de:cd:52:28:76:d3:33:36:12:82:a9:
f5:3b:f3:b2:c0:59:a3:9d:be:f0:02:b4:f2:73:74:f6:9c:cd:
e3:bb:ba:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUQSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDcxNDQ3WhcNMjUwNTEzMDcxNDQ3WjAYMRYw
FAYDVQQDEw02NzkzM2RlYi0zZjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq7rXx0anKrbn8Wt8zCPNutbRI22eKc6DSFf5v2gLGNwe+HRjRZxw5HaN
EO/i2nN2Sh8KPTC+9ru/vFJ/fNdVQ70AEVdEQgcQRODaDIb93CjGry+A17BCKJoQ
XGNXRxZxsRzwkccVWgW2P+rK+HiUOyLc8p8x1SPEov6wjoN7mvGZm/m3XnsjGo4m
3GIQ2zqJmi167NSbqjw9tDdNdq4qP9mEafUdhNtTkp0EXOKlWmHgb5VKafiMKVxS
xmlCedWGnvJxuCUNXOOhs02+2in2KvbG/fVZdmGfw6hxkoSH+DufdU7tQoaBXK4d
+s2CIfxFIduQwWs2X3zNsca/z//KiwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGfG
TfWSStuBXG35AVnu0fH2FY5iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNzA5Q0JFNkRBMjIxMUVGOEFDMkMzQTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2AMA0GCSqGSIb3DQEB
CwUAA4IBAQAiagRPx1d1Lfjpd/FHK57BK1Ff4cVcgBELOOFmqhOYv4pKvx++xueM
d7kGrE9dlGjV//3HVYEmvql31vJ3t7yl+HbMjIf88RzZx8B/yWQsOMsMq4B5f/I1
qjPnQ1urKolNmggc1nLu570/g2K4R9o168hvy9CTAEmCUXWJLmHbBMN8Ne1+8woD
JJGJWuLrDnuGK3a/k5TjjOUenGNcymmw2+nwMg4ZWL76D6C6wx9TujXDNyEqS4qi
HvC1tsup0AZV2ov2WS8EYeTnBacjxQuQNwBrSy1KBFNFTzpJBPpH3s1SKHbTMzYS
gqn1O/OywFmjnb7wArTyc3T2nM3ju7od
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:49 2025 by rpki-client