Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD112E94F6B411EF84A95AAA762E951A.roa
File: FD112E94F6B411EF84A95AAA762E951A.roa (raw, json)
Hash identifier: JmnjfdL1rl3KJEbek1D7SgV0QZmbhjjb+9MZg94yiS0=
Subject key identifier: 6C:A7:49:9A:FB:22:30:CD:BF:55:2C:9D:AE:6E:0C:9F:4E:99:FF:2E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EBF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD112E94F6B411EF84A95AAA762E951A.roa
Signing time: Sat 01 Mar 2025 15:51:07 +0000
ROA not before: Sat 01 Mar 2025 15:51:04 +0000
ROA not after: Sat 05 Apr 2025 15:51:04 +0000
asID: 203020
IP address blocks: 154.207.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 15:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93887 (0x16ebf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 15:51:04 2025 GMT
Not After : Apr 5 15:51:04 2025 GMT
Subject: CN=67c32ceb-1be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cc:9b:09:10:dc:a0:80:d9:cb:5a:ad:41:7d:
87:cf:28:01:ab:d5:b7:a0:f3:65:62:83:cc:26:7f:
d4:e0:a6:3e:f4:27:16:d7:97:ec:62:8b:81:8b:0e:
42:3f:de:d1:c9:f7:85:ee:10:5e:53:ac:c6:0d:29:
49:78:36:44:1c:21:45:3a:4a:7e:1d:ec:cf:cb:dc:
07:95:73:19:ff:9f:bf:8e:5a:4b:55:ab:8c:6c:a4:
81:6a:4b:fa:8d:6a:1b:c9:1c:90:c2:9e:9d:15:b3:
c0:1f:0f:86:12:7c:a7:bc:95:4b:4b:f1:46:c4:74:
41:44:b0:1b:6e:6b:2b:da:2f:86:3a:bf:4b:9d:60:
9e:f5:d5:03:45:33:28:c2:9d:72:26:4c:be:46:3b:
63:70:9f:1c:53:cd:00:f5:52:16:67:37:b2:87:40:
6e:22:ce:3f:ed:7b:bd:7b:77:15:1a:82:c1:e2:af:
84:62:6f:1d:ea:45:ec:04:a4:3d:d2:50:84:f2:3d:
8c:1f:bd:bb:fc:30:d3:1a:6e:16:fa:d5:6f:0d:03:
a2:15:66:c3:91:fa:61:a3:7b:c6:58:a3:4d:b7:a8:
13:80:eb:11:81:63:fb:1b:fa:23:e5:8c:ba:ae:95:
9c:4a:54:e4:c8:e2:f8:be:8a:aa:cc:ab:7e:62:d1:
12:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A7:49:9A:FB:22:30:CD:BF:55:2C:9D:AE:6E:0C:9F:4E:99:FF:2E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD112E94F6B411EF84A95AAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.120.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:6f:7e:8b:ef:24:58:cc:81:db:2c:02:98:bd:1c:8d:db:3a:
92:21:e5:b8:2f:fc:11:c7:62:56:dd:d6:68:62:bf:fb:1d:09:
b2:24:05:97:4c:8b:b8:a0:33:11:22:12:40:82:d4:16:08:76:
7d:91:c6:c0:26:04:11:42:3c:dd:d8:d7:87:ad:3d:06:bb:6c:
19:25:33:8e:34:b9:43:ae:97:36:75:79:c4:47:34:b9:f3:b3:
c3:19:f4:66:dc:81:3f:f2:15:86:56:d6:6b:dc:43:ed:49:b0:
ed:1d:e5:03:ac:00:c1:ce:83:98:ae:be:86:73:77:2d:e8:b7:
79:ed:5b:50:5f:2c:24:79:21:9d:8e:49:2f:13:65:98:d3:38:
bd:e3:d4:d7:84:18:88:e6:e1:f1:8b:63:81:bc:1b:8e:16:34:
8d:4a:c8:af:71:c9:8a:3d:d8:c1:71:f0:fa:8b:6c:61:6f:7a:
e4:46:e2:22:1c:51:62:c0:b1:dd:76:bd:c1:30:10:92:26:1b:
28:7b:aa:5a:f3:65:e4:1b:d9:b2:80:ea:80:00:a5:e0:84:e1:
62:0d:0d:c9:fb:48:a6:43:62:12:79:19:4c:07:97:6b:1b:fe:
9e:40:39:9f:dc:1d:3e:92:96:41:b5:90:4e:08:5c:1f:0b:74:
3b:ae:b7:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW6/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTU1MTA0WhcNMjUwNDA1MTU1MTA0WjAYMRYw
FAYDVQQDEw02N2MzMmNlYi0xYmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnsybCRDcoIDZy1qtQX2HzygBq9W3oPNlYoPMJn/U4KY+9CcW15fsYouB
iw5CP97RyfeF7hBeU6zGDSlJeDZEHCFFOkp+HezPy9wHlXMZ/5+/jlpLVauMbKSB
akv6jWobyRyQwp6dFbPAHw+GEnynvJVLS/FGxHRBRLAbbmsr2i+GOr9LnWCe9dUD
RTMowp1yJky+RjtjcJ8cU80A9VIWZzeyh0BuIs4/7Xu9e3cVGoLB4q+EYm8d6kXs
BKQ90lCE8j2MH727/DDTGm4W+tVvDQOiFWbDkfpho3vGWKNNt6gTgOsRgWP7G/oj
5Yy6rpWcSlTkyOL4voqqzKt+YtESWwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGyn
SZr7IjDNv1Usna5uDJ9Omf8uMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRDExMkU5NEY2QjQxMUVGODRBOTVBQUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms94MA0GCSqGSIb3DQEB
CwUAA4IBAQDNb36L7yRYzIHbLAKYvRyN2zqSIeW4L/wRx2JW3dZoYr/7HQmyJAWX
TIu4oDMRIhJAgtQWCHZ9kcbAJgQRQjzd2NeHrT0Gu2wZJTOONLlDrpc2dXnERzS5
87PDGfRm3IE/8hWGVtZr3EPtSbDtHeUDrADBzoOYrr6Gc3ct6Ld57VtQXywkeSGd
jkkvE2WY0zi949TXhBiI5uHxi2OBvBuOFjSNSsivccmKPdjBcfD6i2xhb3rkRuIi
HFFiwLHddr3BMBCSJhsoe6pa82XkG9mygOqAAKXghOFiDQ3J+0imQ2ISeRlMB5dr
G/6eQDmf3B0+kpZBtZBOCFwfC3Q7rrfE
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:34:30 2025 by rpki-client