Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA7BD5A0C92B11EF9D55AA51762E951A.roa
File: FA7BD5A0C92B11EF9D55AA51762E951A.roa (raw, json)
Hash identifier: Z67xlNDZk8Zh2TrrGS+dl/JBoEHUQLPot8ujsHvTGnY=
Subject key identifier: 5E:2E:CA:24:0D:12:74:1B:68:13:11:F7:F8:15:2B:1E:FB:37:3A:4E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013383
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA7BD5A0C92B11EF9D55AA51762E951A.roa
Signing time: Thu 02 Jan 2025 17:07:00 +0000
ROA not before: Thu 02 Jan 2025 17:06:56 +0000
ROA not after: Sat 13 Dec 2025 17:06:56 +0000
asID: 984
IP address blocks: 154.222.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78723 (0x13383)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 17:06:56 2025 GMT
Not After : Dec 13 17:06:56 2025 GMT
Subject: CN=6776c7b3-54de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0a:9e:5e:4b:44:69:ef:7b:19:44:33:4f:bf:
5d:75:11:ea:83:8c:ce:b1:a7:ac:89:9f:b8:f3:94:
58:6f:23:25:92:dc:e7:ed:0f:8e:d0:94:9b:15:f5:
63:37:34:2c:e8:86:09:4b:95:34:4d:16:06:45:75:
e7:19:ef:55:58:29:b0:3f:35:c9:ef:68:84:28:eb:
5b:46:7b:ca:1d:29:69:27:51:a3:bc:4b:f1:0a:5b:
ef:9a:8e:7e:cb:ca:86:f0:19:53:bd:2a:ce:2c:ee:
61:c1:1d:fb:77:e6:e3:a4:5a:18:1a:bb:0e:a8:4a:
ad:4b:5c:2f:a2:ad:5b:ca:fb:01:c8:dc:23:20:2e:
d9:7e:01:32:64:4a:f4:83:d0:42:7d:f1:ae:a3:77:
1f:c7:4e:86:34:eb:27:a4:52:31:c7:48:06:da:91:
bd:26:36:b4:f8:5c:78:ad:b3:c6:3f:94:52:86:7c:
3c:c6:94:26:04:70:af:38:9c:0a:50:6f:f4:57:12:
7f:d1:f0:ea:a3:6e:12:40:a4:a1:be:09:ab:66:7e:
30:38:8b:e5:bc:ac:6d:4b:cf:8b:0c:88:dc:27:c2:
4f:38:cf:d1:e5:5b:8e:a1:b4:1f:a7:4c:ae:46:b2:
1f:17:c7:aa:34:0b:71:c8:48:8f:72:ee:03:c2:1b:
e2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:2E:CA:24:0D:12:74:1B:68:13:11:F7:F8:15:2B:1E:FB:37:3A:4E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA7BD5A0C92B11EF9D55AA51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.142.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:01:c4:32:72:5c:3e:8b:8f:a0:fc:69:16:f8:35:3a:6b:c8:
f3:7c:85:2f:93:b4:c4:bb:9b:86:89:19:a4:81:24:bc:0e:a5:
29:30:c8:f4:a5:f1:19:e1:4b:e0:b3:1d:2a:be:58:fd:a2:3b:
ef:e9:33:44:4b:f1:ea:b5:4f:ee:e1:da:ed:ef:0e:24:10:e9:
dc:bb:14:44:bc:60:c8:9f:7e:12:d4:d3:78:34:c8:21:b8:08:
23:62:06:8c:47:20:f9:7c:d6:2b:41:25:9a:82:6a:5b:12:11:
57:1e:df:3a:c7:77:a0:81:d3:50:e8:f8:61:ab:b6:c5:43:23:
d8:e8:37:fb:75:fd:57:b7:9c:5a:0c:28:ab:1a:bd:9c:18:f5:
eb:51:da:17:67:b6:ef:eb:48:4b:15:bb:bf:40:b0:ac:e1:41:
41:34:ff:d2:b2:0c:94:6c:34:7b:9b:de:e0:27:51:cb:77:55:
db:ae:c9:6d:64:ab:6d:9c:23:f3:16:b7:e5:77:a5:07:88:18:
b5:ce:39:48:7e:ba:5f:c4:d5:9d:15:29:b9:1f:76:2b:83:82:
7d:94:2c:a1:d4:9b:84:82:3c:87:69:4b:75:04:ac:c1:ba:4a:
70:95:9e:43:64:55:45:a3:34:1e:56:d3:d4:bd:85:cf:ed:c6:
a6:c9:17:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATODMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTcwNjU2WhcNMjUxMjEzMTcwNjU2WjAYMRYw
FAYDVQQDEw02Nzc2YzdiMy01NGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3QqeXktEae97GUQzT79ddRHqg4zOsaesiZ+485RYbyMlktzn7Q+O0JSb
FfVjNzQs6IYJS5U0TRYGRXXnGe9VWCmwPzXJ72iEKOtbRnvKHSlpJ1GjvEvxClvv
mo5+y8qG8BlTvSrOLO5hwR37d+bjpFoYGrsOqEqtS1wvoq1byvsByNwjIC7ZfgEy
ZEr0g9BCffGuo3cfx06GNOsnpFIxx0gG2pG9Jja0+Fx4rbPGP5RShnw8xpQmBHCv
OJwKUG/0VxJ/0fDqo24SQKShvgmrZn4wOIvlvKxtS8+LDIjcJ8JPOM/R5VuOobQf
p0yuRrIfF8eqNAtxyEiPcu4DwhviUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF4u
yiQNEnQbaBMR9/gVKx77NzpOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQTdCRDVBMEM5MkIxMUVGOUQ1NUFBNTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6OMA0GCSqGSIb3DQEB
CwUAA4IBAQBeAcQyclw+i4+g/GkW+DU6a8jzfIUvk7TEu5uGiRmkgSS8DqUpMMj0
pfEZ4Uvgsx0qvlj9ojvv6TNES/HqtU/u4drt7w4kEOncuxREvGDIn34S1NN4NMgh
uAgjYgaMRyD5fNYrQSWagmpbEhFXHt86x3eggdNQ6Phhq7bFQyPY6Df7df1Xt5xa
DCirGr2cGPXrUdoXZ7bv60hLFbu/QLCs4UFBNP/SsgyUbDR7m97gJ1HLd1Xbrslt
ZKttnCPzFrfld6UHiBi1zjlIfrpfxNWdFSm5H3Yrg4J9lCyh1JuEgjyHaUt1BKzB
ukpwlZ5DZFVFozQeVtPUvYXP7camyRf6
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:16:55 2025 by rpki-client