Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EEA2691CD2E311EF820B0A8A762E951A.roa
File: EEA2691CD2E311EF820B0A8A762E951A.roa (raw, json)
Hash identifier: uRWQ/85HZCC5SZmu+JDrZT+PBLaF15eENU/hamkXvYE=
Subject key identifier: 49:C2:73:FD:5A:8F:F9:A4:90:89:73:C3:B1:57:F5:B6:8F:87:B0:6C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B82
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EEA2691CD2E311EF820B0A8A762E951A.roa
Signing time: Wed 15 Jan 2025 01:56:27 +0000
ROA not before: Wed 15 Jan 2025 01:56:24 +0000
ROA not after: Sat 03 Jan 2026 01:56:24 +0000
asID: 984
IP address blocks: 154.211.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80770 (0x13b82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 01:56:24 2025 GMT
Not After : Jan 3 01:56:24 2026 GMT
Subject: CN=678715cb-3ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d2:66:53:f0:a6:44:43:f1:86:e2:11:52:4f:
8e:2a:f9:ec:e2:6a:24:04:57:c8:00:d0:09:87:a6:
72:2c:73:9c:db:8d:e7:85:74:3f:6e:3e:b5:50:d2:
06:cc:26:ae:83:e4:74:30:f7:6e:4e:4a:61:0f:04:
de:95:b4:78:1d:8c:fc:76:2b:40:7d:fb:9b:7c:22:
4b:2e:fa:fd:e4:c9:b1:96:01:87:ae:1b:50:2a:39:
fc:ec:af:5c:be:34:81:a2:33:86:8d:98:c2:e7:6d:
7e:ff:02:b6:bd:22:68:95:bc:42:1e:07:73:ca:91:
06:83:33:f5:67:52:57:b8:e9:4c:b7:24:07:13:39:
51:0f:3b:b7:bc:ab:61:0c:4c:53:a0:f1:c0:f5:16:
19:a8:1e:a3:5b:59:73:03:07:5c:be:ee:bd:97:75:
55:56:98:09:27:2e:40:9e:0a:17:70:54:bb:ae:27:
78:93:6e:7b:e4:34:1d:1b:54:da:c9:10:c2:5f:4e:
5a:00:75:01:49:68:8d:90:57:17:2a:89:18:94:10:
3f:2b:db:f3:05:b3:80:97:55:6d:de:32:e4:73:19:
76:3d:85:a2:71:30:30:a8:aa:d5:76:b2:4a:eb:bb:
0b:ba:5b:43:59:07:a5:82:54:ba:2e:17:44:b8:ca:
20:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:C2:73:FD:5A:8F:F9:A4:90:89:73:C3:B1:57:F5:B6:8F:87:B0:6C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EEA2691CD2E311EF820B0A8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.133.0/24
Signature Algorithm: sha256WithRSAEncryption
99:57:4b:a3:09:5e:40:2d:15:a1:d7:8d:b2:d4:e6:65:81:e3:
01:50:bc:28:5b:34:a2:dd:58:f7:61:b0:6f:61:be:25:5c:d3:
d0:fc:a1:81:4b:a0:6c:f1:71:3c:cb:12:d7:e5:23:d7:67:a6:
c3:fb:43:df:76:cf:66:22:67:96:10:22:c4:a8:0d:28:8d:cf:
ae:fd:01:93:17:5a:48:cb:a3:81:df:99:ce:8c:3a:ca:59:0d:
d3:42:77:7a:a1:44:74:e2:7e:b8:9d:cc:6e:2d:be:6c:15:e7:
ec:42:df:6e:ed:98:ba:6d:50:ee:d9:bb:c9:70:19:b2:76:2b:
f3:ee:08:41:b3:e5:af:32:0c:d3:35:05:e0:08:a7:0e:a8:be:
06:5a:41:c4:55:35:8b:8f:50:a0:13:31:e5:6c:10:4e:a5:e7:
f9:e5:6e:41:2c:4c:78:da:78:1f:6d:88:7d:74:75:57:7d:5e:
a4:38:4d:7c:d4:f0:e7:42:fa:7d:fe:0e:91:44:fd:ed:9c:ea:
a0:af:ac:bc:3b:31:a6:3f:dd:29:1e:0c:50:3c:b5:3f:f8:91:
6a:81:10:19:91:c3:86:11:a8:31:c6:37:5d:bc:ed:5f:1a:cf:
61:5a:36:88:29:fd:20:a6:00:40:a4:9a:d5:43:b1:b2:3c:3e:
18:80:d3:ac
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATuCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDE1NjI0WhcNMjYwMTAzMDE1NjI0WjAYMRYw
FAYDVQQDEw02Nzg3MTVjYi0zY2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqtJmU/CmREPxhuIRUk+OKvns4mokBFfIANAJh6ZyLHOc243nhXQ/bj61
UNIGzCaug+R0MPduTkphDwTelbR4HYz8ditAffubfCJLLvr95MmxlgGHrhtQKjn8
7K9cvjSBojOGjZjC521+/wK2vSJolbxCHgdzypEGgzP1Z1JXuOlMtyQHEzlRDzu3
vKthDExToPHA9RYZqB6jW1lzAwdcvu69l3VVVpgJJy5AngoXcFS7rid4k2575DQd
G1TayRDCX05aAHUBSWiNkFcXKokYlBA/K9vzBbOAl1Vt3jLkcxl2PYWicTAwqKrV
drJK67sLultDWQelglS6LhdEuMogdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEnC
c/1aj/mkkIlzw7FX9baPh7BsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRUEyNjkxQ0QyRTMxMUVGODIwQjBBOEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtOFMA0GCSqGSIb3DQEB
CwUAA4IBAQCZV0ujCV5ALRWh142y1OZlgeMBULwoWzSi3Vj3YbBvYb4lXNPQ/KGB
S6Bs8XE8yxLX5SPXZ6bD+0Pfds9mImeWECLEqA0ojc+u/QGTF1pIy6OB35nOjDrK
WQ3TQnd6oUR04n64ncxuLb5sFefsQt9u7Zi6bVDu2bvJcBmydivz7ghBs+WvMgzT
NQXgCKcOqL4GWkHEVTWLj1CgEzHlbBBOpef55W5BLEx42ngfbYh9dHVXfV6kOE18
1PDnQvp9/g6RRP3tnOqgr6y8OzGmP90pHgxQPLU/+JFqgRAZkcOGEagxxjddvO1f
Gs9hWjaIKf0gpgBApJrVQ7GyPD4YgNOs
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:47:13 2025 by rpki-client