Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB60C882C8AD11EFB7F3E0B1762E951A.roa
File: FB60C882C8AD11EFB7F3E0B1762E951A.roa (raw, json)
Hash identifier: 8Xtqfd2tcD9dRQCZ8f6H/XfclEcvtrV1dLcYL9vDfQM=
Subject key identifier: BF:38:34:57:90:67:F3:92:C5:2B:B7:D0:48:E9:B2:D6:8B:89:FA:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01318E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB60C882C8AD11EFB7F3E0B1762E951A.roa
Signing time: Thu 02 Jan 2025 02:05:04 +0000
ROA not before: Thu 02 Jan 2025 02:05:01 +0000
ROA not after: Mon 13 Dec 2027 02:05:01 +0000
asID: 17561
IP address blocks: 154.220.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78222 (0x1318e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 02:05:01 2025 GMT
Not After : Dec 13 02:05:01 2027 GMT
Subject: CN=6775f450-5159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:61:27:4e:94:3a:0f:10:de:30:00:a7:48:9d:
e5:8f:75:22:a6:3d:22:1f:0b:0b:dc:db:a7:e5:1f:
6a:ca:c2:a2:21:24:be:f3:cd:cb:1a:c0:72:40:ab:
63:89:1e:0b:48:90:0b:63:bb:f5:d9:b7:58:68:82:
7e:00:4b:a7:4a:a6:10:f7:2d:aa:fc:68:41:33:be:
01:b6:d9:f8:2b:57:4d:c8:bb:03:3e:1e:09:60:6d:
84:d2:90:85:38:4b:e7:43:c4:c7:6a:ac:9b:eb:8d:
1d:38:92:8f:20:87:e4:4c:25:e1:b1:e3:b1:0b:86:
0b:9e:5f:f0:73:a7:b2:8b:ea:0d:a9:25:ef:04:81:
9e:d3:b6:1e:cc:66:74:c7:04:1c:4c:87:75:81:6b:
7c:bf:2e:95:bd:dd:23:44:9b:66:6a:f3:44:48:77:
1c:81:b3:73:08:99:0c:48:7d:1e:f9:dc:bc:70:4d:
ee:65:5a:61:a8:48:d6:5e:da:de:df:2d:b9:06:fa:
5b:03:c5:5e:ee:a6:d3:8e:cc:f8:18:78:39:9c:4e:
af:3a:77:89:90:e6:fe:32:8f:68:1c:41:9c:58:38:
bd:78:ba:af:ee:17:0e:ed:b1:fa:2a:78:90:05:e6:
e8:83:31:f4:1f:e9:2c:d5:b7:3a:3b:96:63:97:51:
7f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:38:34:57:90:67:F3:92:C5:2B:B7:D0:48:E9:B2:D6:8B:89:FA:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB60C882C8AD11EFB7F3E0B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.163.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:f8:b5:fc:c7:08:9e:fa:02:19:91:41:55:da:e5:f5:0c:c7:
ff:7e:c7:10:7d:d3:f0:a1:3b:4d:78:44:84:de:95:64:27:5a:
fa:7b:ae:28:3d:90:5e:a2:f4:7d:2b:50:df:88:e5:93:d8:65:
34:41:a7:69:44:6e:05:66:3c:8a:a1:1a:bd:78:58:6f:ff:a3:
7e:d4:3d:0d:1a:1c:cd:2d:bd:82:d7:6f:fb:34:d4:26:3c:98:
a4:52:f6:70:39:0a:5f:30:df:b0:1c:59:e7:21:66:b4:2f:32:
c4:a9:e4:f0:ac:c6:30:58:17:8c:20:75:a5:c4:9b:5a:3b:da:
98:f6:01:01:e7:f6:df:9c:4e:3f:3c:2b:10:33:32:a9:9d:80:
b1:05:06:33:9b:17:01:c9:71:97:ea:59:26:5a:d9:41:7e:50:
a8:b0:a7:97:4f:fc:6a:b0:06:d0:36:80:20:dd:be:59:4b:b0:
f7:ca:ff:20:f8:ad:7d:a7:2d:48:26:d6:d4:c5:9e:91:40:e1:
00:47:8f:a5:dd:14:8f:96:da:55:d6:08:db:6c:4e:dc:6a:05:
e0:7a:00:07:2d:dc:e9:cb:00:73:af:b3:94:ec:e2:d5:3a:5a:
d4:fd:81:3b:5e:87:7b:fe:c3:6d:af:1b:0a:a1:c6:95:6a:a8:
14:d2:28:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATGOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDIwNTAxWhcNMjcxMjEzMDIwNTAxWjAYMRYw
FAYDVQQDEw02Nzc1ZjQ1MC01MTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0mEnTpQ6DxDeMACnSJ3lj3Uipj0iHwsL3Nun5R9qysKiISS+883LGsBy
QKtjiR4LSJALY7v12bdYaIJ+AEunSqYQ9y2q/GhBM74Bttn4K1dNyLsDPh4JYG2E
0pCFOEvnQ8THaqyb640dOJKPIIfkTCXhseOxC4YLnl/wc6eyi+oNqSXvBIGe07Ye
zGZ0xwQcTId1gWt8vy6Vvd0jRJtmavNESHccgbNzCJkMSH0e+dy8cE3uZVphqEjW
Xtre3y25BvpbA8Ve7qbTjsz4GHg5nE6vOneJkOb+Mo9oHEGcWDi9eLqv7hcO7bH6
KniQBebogzH0H+ks1bc6O5Zjl1F/WwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL84
NFeQZ/OSxSu30EjpstaLifr+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQjYwQzg4MkM4QUQxMUVGQjdGM0UwQjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtyjMA0GCSqGSIb3DQEB
CwUAA4IBAQAf+LX8xwie+gIZkUFV2uX1DMf/fscQfdPwoTtNeESE3pVkJ1r6e64o
PZBeovR9K1DfiOWT2GU0QadpRG4FZjyKoRq9eFhv/6N+1D0NGhzNLb2C12/7NNQm
PJikUvZwOQpfMN+wHFnnIWa0LzLEqeTwrMYwWBeMIHWlxJtaO9qY9gEB5/bfnE4/
PCsQMzKpnYCxBQYzmxcByXGX6lkmWtlBflCosKeXT/xqsAbQNoAg3b5ZS7D3yv8g
+K19py1IJtbUxZ6RQOEAR4+l3RSPltpV1gjbbE7cagXgegAHLdzpywBzr7OU7OLV
OlrU/YE7Xod7/sNtrxsKocaVaqgU0iio
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:00 2025 by rpki-client