Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8A5C698F42711EF8CE4729A762E951A.roa
File: E8A5C698F42711EF8CE4729A762E951A.roa (raw, json)
Hash identifier: HLai5qAdEbY5+OtR1OzOnuJ3M9rXubwd3BFQ1PpPC6s=
Subject key identifier: 5F:9F:1D:B6:A8:0C:44:D9:E5:F9:FA:83:64:B7:DF:2E:7A:43:88:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016210
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8A5C698F42711EF8CE4729A762E951A.roa
Signing time: Wed 26 Feb 2025 09:56:12 +0000
ROA not before: Wed 26 Feb 2025 09:56:08 +0000
ROA not after: Thu 19 Feb 2026 09:56:08 +0000
asID: 328608
IP address blocks: 154.200.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90640 (0x16210)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:56:08 2025 GMT
Not After : Feb 19 09:56:08 2026 GMT
Subject: CN=67bee53b-5505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5e:b7:eb:45:16:3e:55:9b:bf:c7:e9:3a:39:
e4:eb:04:5d:be:3f:af:56:bd:e9:d1:b5:e8:c0:5e:
f6:9b:68:fe:f7:23:b2:05:89:45:d7:51:36:37:ba:
25:b8:a0:30:53:05:d1:65:b8:d8:18:b5:08:e9:28:
79:02:51:fb:9d:0d:ff:2e:42:34:c1:6d:a9:fc:8e:
f5:b7:52:5c:4f:79:43:32:ca:2f:d3:06:f0:35:52:
3a:ff:f9:11:95:88:bc:60:52:ba:fd:43:60:08:bd:
ff:7e:f7:24:5f:e0:fa:bc:69:29:d0:f8:d3:4a:81:
ad:25:9e:18:f0:86:78:9b:4b:65:f8:e5:6b:a8:13:
ab:db:92:bd:73:6f:91:91:31:e2:c3:78:fa:ee:d8:
6a:5d:25:b1:01:c8:ce:e7:3a:5b:b9:6e:a0:21:0c:
37:03:c7:85:af:9c:47:91:8d:5c:2c:4d:45:3b:72:
bf:2d:77:dc:b3:b9:83:8e:94:0d:18:72:88:63:4c:
88:6d:f2:9d:55:46:d9:d3:53:d9:b0:f5:49:86:1a:
5d:e9:be:26:50:ac:86:6a:47:52:48:53:fc:08:f8:
dc:2d:98:1a:03:7c:80:cb:fc:2b:e3:2b:30:8e:fd:
df:11:3e:58:a6:66:31:0e:91:af:ab:aa:db:c8:cc:
c4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9F:1D:B6:A8:0C:44:D9:E5:F9:FA:83:64:B7:DF:2E:7A:43:88:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8A5C698F42711EF8CE4729A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.251.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:29:7d:9e:fb:8b:41:39:a2:cb:ca:1c:6f:94:74:07:e4:3b:
0a:4e:7b:2b:b0:42:01:5c:6c:66:08:6c:88:d6:90:1d:4d:66:
a4:61:96:a1:c3:1d:e4:a3:03:db:e8:ff:91:ec:b0:35:5d:b6:
c3:27:95:00:80:63:2f:20:af:51:cd:1d:b8:10:53:3a:0e:41:
e4:55:b9:d5:ff:02:d6:3a:8f:12:3f:2c:05:7e:e8:ea:c3:a6:
dc:f9:17:ec:02:56:2d:ae:61:44:de:2f:1e:68:97:3c:f2:98:
6a:f3:bf:a5:a1:2d:4d:7e:98:4c:73:06:4c:3d:20:11:12:79:
49:b6:47:43:7a:1e:82:34:9b:9e:19:05:f8:b2:6b:5d:9a:da:
47:43:79:76:3b:f1:12:38:5a:5b:0a:20:fe:5d:4b:5c:64:2c:
22:9c:90:e7:ef:13:bf:b6:d7:28:69:ec:90:76:5c:25:18:05:
c7:9e:d7:b0:76:2b:f2:6f:08:7a:c2:cc:bb:40:14:17:6b:1d:
0e:9e:59:ec:e9:c4:c9:fa:6d:44:f9:11:29:fd:82:48:bb:21:
fc:4e:0d:5d:83:89:c7:e4:12:75:98:58:4f:98:98:89:07:d5:
dc:1d:f1:e3:45:a6:40:00:b3:4b:fb:bb:8f:e6:fc:79:c2:1d:
00:45:88:7c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWIQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDk1NjA4WhcNMjYwMjE5MDk1NjA4WjAYMRYw
FAYDVQQDEw02N2JlZTUzYi01NTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwF6360UWPlWbv8fpOjnk6wRdvj+vVr3p0bXowF72m2j+9yOyBYlF11E2
N7oluKAwUwXRZbjYGLUI6Sh5AlH7nQ3/LkI0wW2p/I71t1JcT3lDMsov0wbwNVI6
//kRlYi8YFK6/UNgCL3/fvckX+D6vGkp0PjTSoGtJZ4Y8IZ4m0tl+OVrqBOr25K9
c2+RkTHiw3j67thqXSWxAcjO5zpbuW6gIQw3A8eFr5xHkY1cLE1FO3K/LXfcs7mD
jpQNGHKIY0yIbfKdVUbZ01PZsPVJhhpd6b4mUKyGakdSSFP8CPjcLZgaA3yAy/wr
4yswjv3fET5YpmYxDpGvq6rbyMzEXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF+f
HbaoDETZ5fn6g2S33y56Q4hzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOEE1QzY5OEY0MjcxMUVGOENFNDcyOUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsj7MA0GCSqGSIb3DQEB
CwUAA4IBAQBbKX2e+4tBOaLLyhxvlHQH5DsKTnsrsEIBXGxmCGyI1pAdTWakYZah
wx3kowPb6P+R7LA1XbbDJ5UAgGMvIK9RzR24EFM6DkHkVbnV/wLWOo8SPywFfujq
w6bc+RfsAlYtrmFE3i8eaJc88phq87+loS1NfphMcwZMPSAREnlJtkdDeh6CNJue
GQX4smtdmtpHQ3l2O/ESOFpbCiD+XUtcZCwinJDn7xO/ttcoaeyQdlwlGAXHntew
divybwh6wsy7QBQXax0Onlns6cTJ+m1E+REp/YJIuyH8Tg1dg4nH5BJ1mFhPmJiJ
B9XcHfHjRaZAALNL+7uP5vx5wh0ARYh8
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:33:44 2025 by rpki-client