Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F78EB200CDB711EFB25ECE46762E951A.roa
File: F78EB200CDB711EFB25ECE46762E951A.roa (raw, json)
Hash identifier: Boi3Haje8TIZSI8UVG8qqQuaCBvh+WEP420I5EW8P2E=
Subject key identifier: B9:7E:D9:5B:A7:FD:FB:5F:DE:FA:32:03:CB:6A:3A:00:B0:49:49:6C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136C6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F78EB200CDB711EFB25ECE46762E951A.roa
Signing time: Wed 08 Jan 2025 11:59:09 +0000
ROA not before: Wed 08 Jan 2025 11:58:53 +0000
ROA not after: Tue 16 Dec 2025 11:58:53 +0000
asID: 984
IP address blocks: 154.200.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79558 (0x136c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 11:58:53 2025 GMT
Not After : Dec 16 11:58:53 2025 GMT
Subject: CN=677e688d-3667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:39:36:7b:d1:b9:14:41:2f:5b:cd:ef:bc:83:
b3:73:f8:70:f5:a3:a9:4e:ed:9d:fe:50:76:96:a0:
e8:1f:65:64:6c:53:f7:dd:66:24:22:2f:fc:95:03:
ad:5d:2e:5f:76:31:dd:1d:be:a5:ef:9d:4f:2e:41:
70:e6:10:2b:b8:33:2e:c0:0f:77:e8:2f:0b:32:42:
ce:74:04:9a:33:8d:52:a3:57:a2:b5:d5:1b:d4:39:
17:97:1a:ea:53:89:62:5c:06:52:a4:dd:bb:a1:a9:
5a:a0:f9:23:f4:3a:a6:75:b6:fd:a9:40:73:a9:9a:
58:9f:89:07:db:e9:31:3f:b9:45:3e:cb:8f:29:f2:
c2:63:4a:d3:56:71:17:04:26:f0:a0:90:96:79:a7:
e9:8f:df:ca:ab:ea:e9:45:f3:44:89:06:4a:68:81:
cc:1c:63:5e:c5:15:bb:ff:ac:f6:a5:57:94:b7:01:
fd:9a:12:73:66:b3:a7:9d:4c:55:00:e8:68:01:07:
98:94:1d:3f:73:c5:86:51:71:f1:ea:72:46:41:94:
93:10:67:e4:f0:83:b6:ef:20:1e:c3:09:d9:76:df:
fd:7b:78:b5:4a:9e:ba:05:3b:00:0a:65:be:b9:f3:
5c:e4:74:5b:b7:10:05:44:0d:9c:19:45:7b:89:c8:
b9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7E:D9:5B:A7:FD:FB:5F:DE:FA:32:03:CB:6A:3A:00:B0:49:49:6C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F78EB200CDB711EFB25ECE46762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.172.0/24
Signature Algorithm: sha256WithRSAEncryption
81:03:d6:3c:e3:b3:71:0a:2a:87:a6:b1:04:c4:ed:07:e1:7c:
3d:a8:47:03:27:77:c0:fd:14:92:c9:1a:f2:d0:c9:35:1a:c5:
a6:58:18:94:dd:3e:b6:29:9c:fb:e6:7d:a9:4f:e5:56:08:f4:
06:26:22:73:d8:b3:ae:74:42:f9:69:33:a8:8d:13:23:c0:43:
83:64:3b:93:a7:44:b4:a0:9f:f0:37:2c:21:de:1e:53:d4:8b:
42:0c:b8:94:f8:97:b0:18:e8:16:14:36:6a:6f:78:ea:33:d3:
8b:5e:b1:40:93:53:3c:3d:1e:48:ce:2a:bd:68:42:72:5d:46:
74:bc:a5:25:98:fc:39:bb:75:64:24:43:3d:a0:19:1a:ba:b0:
70:79:4a:7b:91:59:b8:1c:27:69:4e:e3:66:47:1f:96:15:ad:
11:da:9d:fc:83:c0:16:36:7c:0d:0f:73:ee:40:ba:14:53:4c:
b2:a2:02:1f:5a:96:bf:0a:d7:eb:81:cc:bb:1e:42:8b:b0:46:
35:4a:18:05:8f:20:44:dc:f4:91:31:ee:89:e4:ec:15:52:89:
8a:c1:ae:b3:76:5d:de:0e:10:8e:50:1f:b0:db:51:b1:e9:67:
82:99:ea:67:59:0e:f0:d9:1b:65:4a:3d:10:f5:7e:78:19:11:
3d:b2:86:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATbGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTE1ODUzWhcNMjUxMjE2MTE1ODUzWjAYMRYw
FAYDVQQDEw02NzdlNjg4ZC0zNjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxjk2e9G5FEEvW83vvIOzc/hw9aOpTu2d/lB2lqDoH2VkbFP33WYkIi/8
lQOtXS5fdjHdHb6l751PLkFw5hAruDMuwA936C8LMkLOdASaM41So1eitdUb1DkX
lxrqU4liXAZSpN27oalaoPkj9Dqmdbb9qUBzqZpYn4kH2+kxP7lFPsuPKfLCY0rT
VnEXBCbwoJCWeafpj9/Kq+rpRfNEiQZKaIHMHGNexRW7/6z2pVeUtwH9mhJzZrOn
nUxVAOhoAQeYlB0/c8WGUXHx6nJGQZSTEGfk8IO27yAewwnZdt/9e3i1Sp66BTsA
CmW+ufNc5HRbtxAFRA2cGUV7ici5uQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLl+
2Vun/ftf3voyA8tqOgCwSUlsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNzhFQjIwMENEQjcxMUVGQjI1RUNFNDY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsisMA0GCSqGSIb3DQEB
CwUAA4IBAQCBA9Y847NxCiqHprEExO0H4Xw9qEcDJ3fA/RSSyRry0Mk1GsWmWBiU
3T62KZz75n2pT+VWCPQGJiJz2LOudEL5aTOojRMjwEODZDuTp0S0oJ/wNywh3h5T
1ItCDLiU+JewGOgWFDZqb3jqM9OLXrFAk1M8PR5Iziq9aEJyXUZ0vKUlmPw5u3Vk
JEM9oBkaurBweUp7kVm4HCdpTuNmRx+WFa0R2p38g8AWNnwND3PuQLoUU0yyogIf
Wpa/Ctfrgcy7HkKLsEY1ShgFjyBE3PSRMe6J5OwVUomKwa6zdl3eDhCOUB+w21Gx
6WeCmepnWQ7w2RtlSj0Q9X54GRE9soZt
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:46:25 2025 by rpki-client