Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE95901CF43911EF8C1FA599762E951A.roa
File: EE95901CF43911EF8C1FA599762E951A.roa (raw, json)
Hash identifier: /hRsNK0mlpeTG2eD+BpuqBoKsT34GG7E+5TMSoFrhOI=
Subject key identifier: 13:17:91:E6:FA:B7:E4:75:57:C2:7A:1D:80:31:05:13:41:F6:08:19
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0162ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE95901CF43911EF8C1FA599762E951A.roa
Signing time: Wed 26 Feb 2025 12:05:12 +0000
ROA not before: Wed 26 Feb 2025 12:05:09 +0000
ROA not after: Fri 20 Feb 2026 12:05:09 +0000
asID: 984
IP address blocks: 154.199.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90861 (0x162ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:05:09 2025 GMT
Not After : Feb 20 12:05:09 2026 GMT
Subject: CN=67bf0378-0bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:87:71:e5:07:e8:9d:59:7d:c6:f8:84:76:13:
e0:33:4e:af:65:2b:84:0d:73:12:07:e0:99:8b:92:
d4:31:b3:6d:25:9f:69:81:64:76:88:a5:4b:fd:ce:
53:7f:47:95:86:47:26:c7:fc:d0:2a:16:db:29:18:
29:80:cc:f6:b2:41:fb:b4:65:87:ed:de:11:09:50:
a7:63:a2:fc:c2:40:eb:70:54:f3:0f:6a:40:56:b5:
a5:b1:80:8f:28:25:e9:4a:ab:cc:94:c8:25:c0:65:
84:9d:5f:3d:73:bc:4a:d5:19:3e:0f:03:c2:6d:38:
78:e0:a0:65:90:29:5c:07:9f:d8:d3:fa:e8:8b:06:
c4:e5:61:59:1d:90:99:09:3e:5c:1c:89:6f:ef:d0:
d1:fd:c1:8a:67:fd:8c:0a:2c:2f:9e:e2:9c:5d:ef:
1a:00:0b:23:5c:22:29:b7:6e:88:21:5d:88:8f:90:
64:17:b6:b8:12:0a:40:86:11:b4:55:97:64:8e:07:
de:76:da:0e:10:5f:e8:c2:91:0d:38:21:c7:d2:a3:
c2:ba:2c:d3:96:3c:5e:dc:46:76:dd:7b:5c:e3:39:
b3:53:04:1f:4d:dc:74:ea:82:a3:b2:4a:4a:0a:a3:
5c:67:ca:34:b5:c3:fd:a1:4c:8e:5d:e3:fb:c0:22:
eb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:17:91:E6:FA:B7:E4:75:57:C2:7A:1D:80:31:05:13:41:F6:08:19
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE95901CF43911EF8C1FA599762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.148.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:b4:dd:c6:89:27:4f:e4:5a:7a:ad:95:07:83:70:09:b5:2c:
08:c4:c9:fe:2d:26:b7:4a:06:39:22:06:20:52:42:66:35:a8:
ac:94:ba:e0:f0:8e:25:4f:39:29:4d:53:41:b0:59:37:34:14:
ff:d7:24:b9:3b:70:6b:f6:1d:6e:0e:b5:6b:5b:68:a8:05:16:
ea:50:00:3e:60:47:7b:42:52:3a:48:85:38:7c:47:6d:20:33:
61:81:0f:b0:6d:55:ae:00:7e:00:f3:c6:31:91:be:26:a7:77:
ec:04:27:a4:c2:28:2b:1a:f1:1a:2b:fa:84:84:1b:86:76:5e:
7e:74:ce:8e:b7:2f:59:a7:45:ef:05:d5:0b:19:27:3f:2b:4e:
56:e0:b6:2f:ea:08:a5:88:9a:4e:1b:74:58:24:b5:87:03:25:
5c:f9:b7:7f:08:f0:16:37:02:d2:b5:6a:77:50:f4:34:cd:9c:
37:fd:ae:bb:fc:45:cf:9c:49:ed:36:1b:fe:22:a1:1a:35:97:
de:80:56:a0:62:76:26:f7:03:52:1f:46:57:68:23:a5:53:8c:
ac:30:70:cb:91:52:09:37:7a:26:cf:5c:b2:df:a3:f0:4c:c5:
d2:68:f4:62:3c:b6:54:4a:41:a3:0e:62:19:94:30:e2:bc:3b:
31:2a:ba:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWLtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTIwNTA5WhcNMjYwMjIwMTIwNTA5WjAYMRYw
FAYDVQQDEw02N2JmMDM3OC0wYmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvodx5QfonVl9xviEdhPgM06vZSuEDXMSB+CZi5LUMbNtJZ9pgWR2iKVL
/c5Tf0eVhkcmx/zQKhbbKRgpgMz2skH7tGWH7d4RCVCnY6L8wkDrcFTzD2pAVrWl
sYCPKCXpSqvMlMglwGWEnV89c7xK1Rk+DwPCbTh44KBlkClcB5/Y0/roiwbE5WFZ
HZCZCT5cHIlv79DR/cGKZ/2MCiwvnuKcXe8aAAsjXCIpt26IIV2Ij5BkF7a4EgpA
hhG0VZdkjgfedtoOEF/owpENOCHH0qPCuizTljxe3EZ23Xtc4zmzUwQfTdx06oKj
skpKCqNcZ8o0tcP9oUyOXeP7wCLrfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBMX
keb6t+R1V8J6HYAxBRNB9ggZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRTk1OTAxQ0Y0MzkxMUVGOEMxRkE1OTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmseUMA0GCSqGSIb3DQEB
CwUAA4IBAQC6tN3GiSdP5Fp6rZUHg3AJtSwIxMn+LSa3SgY5IgYgUkJmNaislLrg
8I4lTzkpTVNBsFk3NBT/1yS5O3Br9h1uDrVrW2ioBRbqUAA+YEd7QlI6SIU4fEdt
IDNhgQ+wbVWuAH4A88Yxkb4mp3fsBCekwigrGvEaK/qEhBuGdl5+dM6Oty9Zp0Xv
BdULGSc/K05W4LYv6giliJpOG3RYJLWHAyVc+bd/CPAWNwLStWp3UPQ0zZw3/a67
/EXPnEntNhv+IqEaNZfegFagYnYm9wNSH0ZXaCOlU4ysMHDLkVIJN3omz1yy36Pw
TMXSaPRiPLZUSkGjDmIZlDDivDsxKrpY
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:58 2025 by rpki-client