Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED79EE26F35811EFB38C8F96762E951A.roa
File: ED79EE26F35811EFB38C8F96762E951A.roa (raw, json)
Hash identifier: Gy7eSZ8BiAQUVWM3ATRiDMrRpfsByje8QtR/4RYsA0g=
Subject key identifier: AF:02:54:3B:0B:DE:7D:09:5D:06:00:57:56:6E:14:9A:7A:48:D1:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015DEA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED79EE26F35811EFB38C8F96762E951A.roa
Signing time: Tue 25 Feb 2025 09:14:34 +0000
ROA not before: Tue 25 Feb 2025 09:14:30 +0000
ROA not after: Mon 07 Apr 2025 09:14:30 +0000
asID: 138915
IP address blocks: 154.223.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89578 (0x15dea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 09:14:30 2025 GMT
Not After : Apr 7 09:14:30 2025 GMT
Subject: CN=67bd89fa-6292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0b:16:c2:01:99:44:ea:62:9c:23:1d:74:e8:
aa:11:33:c3:a8:a5:3a:7e:23:88:a4:b8:37:92:02:
fc:a8:35:f5:86:4a:bf:cc:cb:33:f1:c4:04:be:40:
45:2d:c7:c2:6e:52:c8:21:2c:15:02:9a:ae:22:ac:
16:ef:0c:d3:0a:95:a9:b1:b2:71:f5:47:ec:e0:76:
8a:65:c4:ca:7c:ab:67:21:04:64:fe:59:72:28:ab:
44:52:f0:e7:18:f3:f9:ab:7d:d8:30:8a:45:34:7a:
6a:99:79:3f:de:8a:ec:7c:60:e7:23:7e:16:9c:ab:
08:ec:bb:78:72:27:2c:06:ff:a7:08:02:4c:4c:4a:
59:e0:23:15:86:5c:45:23:2a:f4:db:1c:8d:36:b6:
7b:09:30:c9:99:ef:2d:24:b2:3d:e5:a2:df:2b:2a:
86:b8:da:2f:bd:c9:ab:7f:32:6d:3d:75:17:23:f3:
7f:57:e5:0f:a5:9b:33:13:49:8b:52:51:07:51:43:
59:fc:0d:e6:c2:b0:1c:c3:43:50:df:03:a4:a9:43:
5c:20:04:ff:66:01:94:fa:f2:6a:6f:77:45:79:6b:
a5:57:a2:e3:fc:6e:95:4d:ca:98:d0:0a:e2:5d:90:
94:32:fb:69:07:53:56:ba:89:d2:7c:91:d7:90:8d:
cb:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:02:54:3B:0B:DE:7D:09:5D:06:00:57:56:6E:14:9A:7A:48:D1:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED79EE26F35811EFB38C8F96762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.26.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:e2:f1:df:d6:9d:47:2d:37:d2:27:fb:dd:84:d3:b8:f1:d2:
68:61:94:73:c6:41:3e:48:a3:e4:b4:42:c8:18:b3:1e:91:b2:
ae:37:1f:35:08:f3:38:15:64:14:a6:db:dd:bc:ce:61:f5:c4:
3d:9e:fc:f1:de:14:f0:10:47:61:4b:35:07:1c:84:a8:4e:1d:
56:e6:77:ea:9e:86:96:aa:a1:ba:b8:e6:1a:22:2e:dc:00:35:
54:6e:d1:22:5b:95:a7:6c:21:a1:fc:90:f8:97:48:19:a0:d6:
7f:7a:d5:a0:02:78:7b:00:cf:b5:6b:6c:ee:4a:74:e9:a2:ef:
03:47:80:47:aa:6a:fe:3e:d7:a2:01:67:55:b2:c7:1a:79:89:
46:5f:57:e0:8d:18:0b:64:ac:2b:ee:89:95:fc:54:93:03:d3:
6a:f8:58:06:cc:69:cf:be:d6:19:f8:9c:13:bd:e4:97:66:ed:
7c:e3:16:40:08:7d:9d:59:28:ce:95:64:fb:a2:fb:ff:40:cf:
f1:ea:45:9a:13:9f:2d:05:6b:b4:26:a0:30:8b:ab:80:ab:38:
49:5b:7e:96:b3:0e:0b:e3:2b:e7:64:01:47:a8:0f:f2:9e:24:
5f:d6:de:89:de:26:a9:6d:48:8a:6c:0c:64:13:59:ed:4a:7a:
17:ee:33:f7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV3qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDkxNDMwWhcNMjUwNDA3MDkxNDMwWjAYMRYw
FAYDVQQDEw02N2JkODlmYS02MjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAswsWwgGZROpinCMddOiqETPDqKU6fiOIpLg3kgL8qDX1hkq/zMsz8cQE
vkBFLcfCblLIISwVApquIqwW7wzTCpWpsbJx9Ufs4HaKZcTKfKtnIQRk/llyKKtE
UvDnGPP5q33YMIpFNHpqmXk/3orsfGDnI34WnKsI7Lt4cicsBv+nCAJMTEpZ4CMV
hlxFIyr02xyNNrZ7CTDJme8tJLI95aLfKyqGuNovvcmrfzJtPXUXI/N/V+UPpZsz
E0mLUlEHUUNZ/A3mwrAcw0NQ3wOkqUNcIAT/ZgGU+vJqb3dFeWulV6Lj/G6VTcqY
0AriXZCUMvtpB1NWuonSfJHXkI3LXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK8C
VDsL3n0JXQYAV1ZuFJp6SNGEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRDc5RUUyNkYzNTgxMUVGQjM4QzhGOTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8aMA0GCSqGSIb3DQEB
CwUAA4IBAQDH4vHf1p1HLTfSJ/vdhNO48dJoYZRzxkE+SKPktELIGLMekbKuNx81
CPM4FWQUptvdvM5h9cQ9nvzx3hTwEEdhSzUHHISoTh1W5nfqnoaWqqG6uOYaIi7c
ADVUbtEiW5WnbCGh/JD4l0gZoNZ/etWgAnh7AM+1a2zuSnTpou8DR4BHqmr+Ptei
AWdVsscaeYlGX1fgjRgLZKwr7omV/FSTA9Nq+FgGzGnPvtYZ+JwTveSXZu184xZA
CH2dWSjOlWT7ovv/QM/x6kWaE58tBWu0JqAwi6uAqzhJW36Wsw4L4yvnZAFHqA/y
niRf1t6J3iapbUiKbAxkE1ntSnoX7jP3
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:18:53 2025 by rpki-client