Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD9D86AEE31411EF90C09B73762E951A.roa
File: FD9D86AEE31411EF90C09B73762E951A.roa (raw, json)
Hash identifier: Le2ZTOvLQUTP4R66BMhKY1OunXihb98QYz+SMSTgWNY=
Subject key identifier: 6F:0F:F1:4F:67:F7:5D:31:65:1D:2B:5C:D0:89:D0:3D:45:79:4C:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01511F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD9D86AEE31411EF90C09B73762E951A.roa
Signing time: Tue 04 Feb 2025 16:27:57 +0000
ROA not before: Tue 04 Feb 2025 16:27:53 +0000
ROA not after: Wed 30 Apr 2025 16:27:53 +0000
asID: 18229
IP address blocks: 154.210.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86303 (0x1511f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 16:27:53 2025 GMT
Not After : Apr 30 16:27:53 2025 GMT
Subject: CN=67a2400c-a100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e6:ef:9c:0a:00:55:d8:dd:7d:45:1d:1f:06:
67:f5:3b:a5:f1:79:a3:70:f9:df:1c:f8:1f:a3:fa:
b1:b2:9f:8b:40:16:a7:94:a4:a2:e6:bd:04:53:67:
04:8f:93:9b:fe:6f:45:4c:7b:6b:c0:f9:30:3f:8f:
97:9c:49:53:f5:f9:28:68:18:f3:37:94:a0:56:cb:
02:ce:0d:ea:1f:db:9d:85:e1:2a:e9:8e:d3:bc:da:
a1:00:53:61:18:25:3a:ce:4f:d3:a2:8b:13:61:ef:
62:39:e8:5b:46:2e:82:01:3f:22:c2:43:3d:1f:e8:
f8:71:04:3f:ac:9e:f3:12:5d:e9:22:62:5f:1d:64:
0d:d3:18:b5:64:84:a1:db:2c:a2:92:73:19:62:19:
a4:04:86:c4:63:f6:5d:17:0b:0f:0b:85:61:40:bb:
f4:7f:c4:8b:f3:87:50:c3:57:0c:16:90:24:f6:5d:
08:98:38:83:e8:00:c4:1d:ce:e1:0e:3f:0b:a7:98:
fb:7d:f2:33:82:a2:b6:34:46:38:9e:c3:41:86:71:
ae:e6:16:e8:b4:ec:31:67:f0:90:eb:8f:a9:01:98:
a0:b2:9a:13:32:56:62:e4:d1:28:1c:df:f1:fa:45:
1d:28:78:c1:d9:86:78:39:16:31:50:f2:85:50:03:
1b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:0F:F1:4F:67:F7:5D:31:65:1D:2B:5C:D0:89:D0:3D:45:79:4C:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD9D86AEE31411EF90C09B73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.136.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:d9:1f:b4:ca:29:37:12:3d:f1:2f:f5:f0:b4:de:8e:e8:8a:
59:8a:e2:40:b4:0c:19:b8:ac:49:f2:52:80:32:9c:68:25:2c:
97:f2:5a:bd:f2:f7:4c:f6:c4:62:64:eb:ca:56:a3:d3:8a:39:
97:77:e3:99:90:91:bb:ad:91:86:b1:10:22:ba:b6:23:19:d4:
58:45:ae:8c:8d:a6:db:31:6c:1d:43:f6:f1:89:8b:e5:2a:bc:
00:bf:4e:74:d2:5f:f0:13:1f:b1:ac:92:70:1a:0a:3d:97:d2:
11:74:48:70:b5:d0:0b:dd:59:e5:d3:af:14:e3:7f:e6:32:49:
15:b9:99:8f:57:b0:1a:2b:ed:09:79:44:2c:ed:1c:3b:7a:f3:
e2:55:f6:4d:e7:6e:7a:7e:b8:a5:bb:91:b8:da:c9:f6:82:ba:
a7:ba:49:ad:a3:5a:64:f3:1a:05:e0:ab:22:24:67:16:89:7c:
8f:51:76:ca:e3:6f:f9:61:dd:e1:27:0f:da:e9:db:e5:5c:c8:
47:9f:f4:9b:e9:fc:9c:81:1d:1e:1b:b5:a7:32:ef:05:e7:f9:
10:ff:f1:5e:15:14:05:4b:a2:9f:37:4b:f2:b7:8e:8b:83:23:
3b:d0:d9:bd:eb:9d:1f:ce:50:6e:93:f5:e4:d6:d6:5e:35:87:
ff:fd:73:b5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVEfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MTYyNzUzWhcNMjUwNDMwMTYyNzUzWjAYMRYw
FAYDVQQDEw02N2EyNDAwYy1hMTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvebvnAoAVdjdfUUdHwZn9Tul8XmjcPnfHPgfo/qxsp+LQBanlKSi5r0E
U2cEj5Ob/m9FTHtrwPkwP4+XnElT9fkoaBjzN5SgVssCzg3qH9udheEq6Y7TvNqh
AFNhGCU6zk/ToosTYe9iOehbRi6CAT8iwkM9H+j4cQQ/rJ7zEl3pImJfHWQN0xi1
ZISh2yyiknMZYhmkBIbEY/ZdFwsPC4VhQLv0f8SL84dQw1cMFpAk9l0ImDiD6ADE
Hc7hDj8Lp5j7ffIzgqK2NEY4nsNBhnGu5hbotOwxZ/CQ64+pAZigspoTMlZi5NEo
HN/x+kUdKHjB2YZ4ORYxUPKFUAMbZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG8P
8U9n910xZR0rXNCJ0D1FeUxjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRDlEODZBRUUzMTQxMUVGOTBDMDlCNzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKIMA0GCSqGSIb3DQEB
CwUAA4IBAQCj2R+0yik3Ej3xL/XwtN6O6IpZiuJAtAwZuKxJ8lKAMpxoJSyX8lq9
8vdM9sRiZOvKVqPTijmXd+OZkJG7rZGGsRAiurYjGdRYRa6MjabbMWwdQ/bxiYvl
KrwAv0500l/wEx+xrJJwGgo9l9IRdEhwtdAL3Vnl068U43/mMkkVuZmPV7AaK+0J
eUQs7Rw7evPiVfZN5256frilu5G42sn2grqnukmto1pk8xoF4KsiJGcWiXyPUXbK
42/5Yd3hJw/a6dvlXMhHn/Sb6fycgR0eG7WnMu8F5/kQ//FeFRQFS6KfN0vyt46L
gyM70Nm9650fzlBuk/Xk1tZeNYf//XO1
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:37 2025 by rpki-client