Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8F6D1B8F42D11EFB31D8846762E951A.roa
File: E8F6D1B8F42D11EFB31D8846762E951A.roa (raw, json)
Hash identifier: k/BwAvZpEfO5prriLhoAYq+JicgwqP6Kszt8Aw5ol1M=
Subject key identifier: E0:2F:B5:2D:B0:8A:B0:60:FF:97:86:84:BB:9D:97:C6:E3:5E:BB:07
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01623F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8F6D1B8F42D11EFB31D8846762E951A.roa
Signing time: Wed 26 Feb 2025 10:39:09 +0000
ROA not before: Wed 26 Feb 2025 10:39:05 +0000
ROA not after: Thu 19 Feb 2026 10:39:05 +0000
asID: 984
IP address blocks: 154.208.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90687 (0x1623f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 10:39:05 2025 GMT
Not After : Feb 19 10:39:05 2026 GMT
Subject: CN=67beef4d-9af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:48:44:98:10:80:c4:4a:d6:bf:f6:96:f4:74:
ce:5b:55:cb:23:35:29:e2:84:1e:16:55:ad:ef:0f:
46:c6:9f:96:af:6a:99:90:2c:37:02:fc:a5:aa:5d:
a8:ce:18:e4:28:e3:39:99:e4:40:1c:89:3a:64:92:
5d:8e:d6:e6:69:32:fd:05:c2:39:1d:75:67:f5:61:
a3:c0:17:2b:e6:82:2b:1f:be:e8:41:0f:1a:b7:f6:
e6:97:23:75:8c:46:1f:c9:24:03:d3:42:e0:7c:f8:
ad:c1:9d:7c:e8:c9:95:99:e8:52:22:ce:79:86:21:
c0:e4:76:ff:e2:ca:a7:3b:71:ec:e2:3a:da:37:11:
e2:d1:f4:44:26:32:ed:b9:99:68:7b:35:74:d8:84:
e5:fb:6c:fb:d4:09:9b:3d:16:85:fd:e4:ac:97:77:
22:78:82:e8:c0:b9:d9:ea:6c:fd:e8:d7:cb:14:4b:
5b:67:dd:d1:cd:08:54:6d:1c:88:98:51:02:18:67:
77:7b:af:1e:f4:39:f7:16:36:36:4c:25:3c:a3:26:
6f:09:27:b4:f8:c2:92:3b:e1:8d:51:c7:b9:9b:5f:
01:d6:47:af:24:72:42:4a:22:5e:e5:6b:f2:e9:b7:
97:6c:61:1d:94:27:5c:1c:3c:82:f5:68:77:80:44:
14:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2F:B5:2D:B0:8A:B0:60:FF:97:86:84:BB:9D:97:C6:E3:5E:BB:07
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8F6D1B8F42D11EFB31D8846762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.79.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:c1:9d:5f:fc:4a:fc:10:3a:76:b2:9f:8e:07:c4:25:ad:3f:
a4:9f:af:d1:8e:d8:e3:4d:12:d6:16:6b:b4:a7:ae:28:b1:7b:
03:d3:79:b2:d3:3b:63:8c:3f:dd:b6:b3:75:d2:e8:08:ef:45:
3d:97:54:bb:dc:48:3e:72:7e:c2:58:3d:aa:26:d6:5d:46:8c:
5b:dd:d8:4b:82:16:d5:58:a9:2d:91:e1:c6:ac:2b:14:55:33:
12:7b:7b:7c:a3:37:49:b4:c7:dc:27:25:97:3e:4d:1f:ad:4f:
0e:be:b7:1d:1f:3d:f3:2b:39:27:be:a2:52:a3:78:89:21:11:
39:06:0a:29:87:1d:b6:6e:dc:55:60:b6:83:97:24:ff:4c:b1:
62:d8:25:b6:d1:3d:ca:7b:25:50:ff:c6:b7:51:8d:72:57:a6:
54:22:37:5e:4b:77:66:de:a1:3a:08:43:3d:c2:45:55:c8:97:
89:73:8f:77:2d:fd:0f:60:e2:fb:b3:43:54:5c:68:4b:a6:71:
0d:44:bb:8e:f5:a5:ea:2d:3f:de:4f:70:dc:ce:2e:1a:54:dd:
ed:7c:2b:b5:9d:f8:bf:68:e2:71:bb:88:20:4d:28:02:e1:3c:
da:8e:12:f8:ab:e2:61:69:1e:8a:5a:e9:81:ab:8e:16:47:b2:
d0:a8:bb:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWI/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTAzOTA1WhcNMjYwMjE5MTAzOTA1WjAYMRYw
FAYDVQQDEw02N2JlZWY0ZC05YWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA20hEmBCAxErWv/aW9HTOW1XLIzUp4oQeFlWt7w9Gxp+Wr2qZkCw3Avyl
ql2ozhjkKOM5meRAHIk6ZJJdjtbmaTL9BcI5HXVn9WGjwBcr5oIrH77oQQ8at/bm
lyN1jEYfySQD00LgfPitwZ186MmVmehSIs55hiHA5Hb/4sqnO3Hs4jraNxHi0fRE
JjLtuZloezV02ITl+2z71AmbPRaF/eSsl3cieILowLnZ6mz96NfLFEtbZ93RzQhU
bRyImFECGGd3e68e9Dn3FjY2TCU8oyZvCSe0+MKSO+GNUce5m18B1kevJHJCSiJe
5Wvy6beXbGEdlCdcHDyC9Wh3gEQUewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOAv
tS2wirBg/5eGhLudl8bjXrsHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOEY2RDFCOEY0MkQxMUVGQjMxRDg4NDY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBPMA0GCSqGSIb3DQEB
CwUAA4IBAQDGwZ1f/Er8EDp2sp+OB8QlrT+kn6/RjtjjTRLWFmu0p64osXsD03my
0ztjjD/dtrN10ugI70U9l1S73Eg+cn7CWD2qJtZdRoxb3dhLghbVWKktkeHGrCsU
VTMSe3t8ozdJtMfcJyWXPk0frU8OvrcdHz3zKzknvqJSo3iJIRE5Bgophx22btxV
YLaDlyT/TLFi2CW20T3KeyVQ/8a3UY1yV6ZUIjdeS3dm3qE6CEM9wkVVyJeJc493
Lf0PYOL7s0NUXGhLpnENRLuO9aXqLT/eT3Dczi4aVN3tfCu1nfi/aOJxu4ggTSgC
4TzajhL4q+JhaR6KWumBq44WR7LQqLsw
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:32 2025 by rpki-client