Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCA89304D4AC11EF92494391762E951A.roa
File: FCA89304D4AC11EF92494391762E951A.roa (raw, json)
Hash identifier: YuJxQOtffaBkGq84ysNNp5ryqkamKvPVhPTxkLdB0kA=
Subject key identifier: EF:8D:20:D4:F1:B5:75:0D:6F:E2:7E:D6:66:8C:1B:55:EA:6C:C4:79
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013C41
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCA89304D4AC11EF92494391762E951A.roa
Signing time: Fri 17 Jan 2025 08:28:11 +0000
ROA not before: Fri 17 Jan 2025 08:28:07 +0000
ROA not after: Thu 17 Jul 2025 08:28:07 +0000
asID: 63199
IP address blocks: 154.209.72.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80961 (0x13c41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 17 08:28:07 2025 GMT
Not After : Jul 17 08:28:07 2025 GMT
Subject: CN=678a149b-da71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:31:64:49:47:3a:ad:dc:de:ce:a5:18:25:1b:
48:29:53:67:e9:02:04:b3:49:3c:8f:25:1e:f4:a4:
09:3a:ab:b5:be:23:e0:32:8a:41:b0:5b:ab:22:e5:
c8:6d:98:34:32:04:51:04:af:ac:9a:d2:0e:46:a8:
91:bf:21:b9:08:bf:22:23:fd:ec:aa:2a:53:90:32:
8b:b1:f6:41:23:6b:a1:51:eb:d6:5e:e4:b8:73:83:
a2:90:ac:11:6b:74:b8:3e:e5:33:7b:d8:26:ec:e2:
ba:af:c2:3e:e4:3c:60:ea:48:01:cc:f7:50:aa:b7:
24:bd:1a:79:f7:b1:17:9b:30:92:8f:9a:d3:3f:51:
41:e8:a6:b2:66:d2:a8:f0:34:96:9b:47:00:f7:ec:
5e:b0:b8:63:39:a0:ea:02:a6:4c:3c:ec:f7:5c:d1:
a1:36:d3:80:4f:ec:b4:77:87:c1:ff:a0:bd:cb:50:
04:0f:a7:3f:75:76:fe:b6:d2:b5:3e:5f:05:63:50:
b7:92:3e:b4:9f:5b:96:af:25:6c:d8:85:83:ce:15:
f1:04:58:f7:48:b7:0f:92:0f:df:7f:60:d7:7e:7e:
69:4c:c7:d6:61:07:b6:46:e5:24:ce:22:2c:84:95:
a8:92:07:07:7c:3e:99:67:f8:06:cb:43:65:b6:b9:
53:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:8D:20:D4:F1:B5:75:0D:6F:E2:7E:D6:66:8C:1B:55:EA:6C:C4:79
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCA89304D4AC11EF92494391762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.72.0/21
Signature Algorithm: sha256WithRSAEncryption
65:1e:f5:0b:44:78:ba:d9:26:2f:d1:4f:91:c7:52:f6:9f:7f:
44:67:e7:11:3e:ca:dc:10:ba:33:99:c0:4a:6e:c5:e0:d1:b0:
3b:94:d9:9f:bb:e5:f0:28:e8:0f:3c:18:43:66:00:b9:7f:4f:
f5:e4:f4:df:1d:3d:cc:39:90:75:de:24:1a:ab:88:3e:e8:ec:
c9:a6:3f:2e:a2:6c:89:be:8c:23:e3:2f:23:f0:7a:dd:a3:3a:
95:98:fc:88:0f:18:6b:c1:93:a0:5d:36:77:44:4a:78:d6:23:
3a:c2:89:ab:0d:96:64:aa:81:46:26:9c:24:40:8a:b9:99:bd:
4d:a2:74:21:66:0b:d2:22:b3:65:9b:17:10:0a:8c:bb:8e:c2:
b5:f0:2f:fc:6f:79:9e:83:69:1e:02:fd:72:48:c0:06:68:a6:
ef:fb:b0:fa:67:0a:0a:ef:92:70:d7:b2:63:8c:78:4f:9a:2f:
6f:8e:06:b3:58:06:3b:ab:be:f0:21:3e:d0:9d:ad:8e:28:18:
ec:b5:32:be:9a:86:4b:79:47:ae:dc:1f:40:72:23:ff:19:48:
94:fd:81:c9:d8:ff:c0:df:29:03:a6:25:57:39:f5:28:5c:d7:
5d:c1:72:96:33:8e:e1:ab:85:26:b2:20:fe:09:a1:b7:82:ce:
b0:df:22:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATxBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE3MDgyODA3WhcNMjUwNzE3MDgyODA3WjAYMRYw
FAYDVQQDEw02NzhhMTQ5Yi1kYTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7TFkSUc6rdzezqUYJRtIKVNn6QIEs0k8jyUe9KQJOqu1viPgMopBsFur
IuXIbZg0MgRRBK+smtIORqiRvyG5CL8iI/3sqipTkDKLsfZBI2uhUevWXuS4c4Oi
kKwRa3S4PuUze9gm7OK6r8I+5Dxg6kgBzPdQqrckvRp597EXmzCSj5rTP1FB6Kay
ZtKo8DSWm0cA9+xesLhjOaDqAqZMPOz3XNGhNtOAT+y0d4fB/6C9y1AED6c/dXb+
ttK1Pl8FY1C3kj60n1uWryVs2IWDzhXxBFj3SLcPkg/ff2DXfn5pTMfWYQe2RuUk
ziIshJWokgcHfD6ZZ/gGy0NltrlTJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO+N
INTxtXUNb+J+1maMG1XqbMR5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQ0E4OTMwNEQ0QUMxMUVGOTI0OTQzOTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtFIMA0GCSqGSIb3DQEB
CwUAA4IBAQBlHvULRHi62SYv0U+Rx1L2n39EZ+cRPsrcELozmcBKbsXg0bA7lNmf
u+XwKOgPPBhDZgC5f0/15PTfHT3MOZB13iQaq4g+6OzJpj8uomyJvowj4y8j8Hrd
ozqVmPyIDxhrwZOgXTZ3REp41iM6womrDZZkqoFGJpwkQIq5mb1NonQhZgvSIrNl
mxcQCoy7jsK18C/8b3meg2keAv1ySMAGaKbv+7D6ZwoK75Jw17JjjHhPmi9vjgaz
WAY7q77wIT7Qna2OKBjstTK+moZLeUeu3B9AciP/GUiU/YHJ2P/A3ykDpiVXOfUo
XNddwXKWM47hq4UmsiD+CaG3gs6w3yJ2
-----END CERTIFICATE-----
Generated at Fri Apr 11 00:17:51 2025 by rpki-client