Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDE566D8C91811EF94B0C55A762E951A.roa
File: FDE566D8C91811EF94B0C55A762E951A.roa (raw, json)
Hash identifier: 23uu7ap4/P2koo/0ipNWRSwifGQHcBGFKoOV6DYdlAo=
Subject key identifier: 28:D8:1E:67:DE:02:A6:E5:3D:B3:1C:68:66:08:15:62:6A:FE:88:21
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0132E9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDE566D8C91811EF94B0C55A762E951A.roa
Signing time: Thu 02 Jan 2025 14:51:05 +0000
ROA not before: Thu 02 Jan 2025 14:51:01 +0000
ROA not after: Mon 13 Dec 2027 14:51:01 +0000
asID: 17561
IP address blocks: 154.222.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78569 (0x132e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 14:51:01 2025 GMT
Not After : Dec 13 14:51:01 2027 GMT
Subject: CN=6776a7d9-6943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:32:55:8f:67:00:e1:89:05:78:14:85:c9:9d:
e6:72:be:60:43:be:1c:6b:62:e5:53:42:2f:27:e2:
47:9d:b6:7b:0c:84:e2:7f:d9:8a:db:f7:05:42:8e:
71:69:a9:e3:76:c9:f1:a1:ff:d9:61:b8:39:50:f8:
16:9a:79:be:e6:4c:32:fc:1c:0f:7d:07:81:39:f8:
bd:64:11:0f:4e:99:58:c8:32:bf:10:38:17:58:0e:
5a:3b:05:f9:05:52:bc:fc:3f:8c:e6:65:de:f5:22:
55:c9:f0:31:0f:16:15:47:d0:d4:9d:48:66:d6:1a:
8a:47:21:24:5b:cf:44:a6:69:5a:3d:6c:a0:3c:0e:
89:18:b1:d3:a4:79:6a:30:f2:8a:7a:c7:92:9e:82:
e2:77:68:68:e9:25:cc:4e:b4:e5:f5:82:3e:f4:0d:
b7:5b:0d:1a:e9:30:91:c5:0b:92:ea:2e:73:82:e9:
71:42:2d:ed:2f:4c:29:66:cc:7b:91:2c:e3:4a:f2:
a0:48:6a:f0:53:7d:3e:d0:b9:5e:54:43:66:d9:92:
b7:34:31:fc:d1:58:3f:54:e3:85:e1:ad:88:92:62:
33:bf:de:3c:57:06:9f:e8:77:2f:83:3d:05:97:70:
48:6a:47:d5:00:f4:86:76:f6:ee:f0:1a:01:23:eb:
8f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D8:1E:67:DE:02:A6:E5:3D:B3:1C:68:66:08:15:62:6A:FE:88:21
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDE566D8C91811EF94B0C55A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.9.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:a6:c8:76:79:d9:c2:83:1f:29:97:06:9c:ac:9c:82:73:bf:
28:e9:d7:2d:4f:19:a9:c5:9c:11:bb:4b:97:99:b1:ca:d5:46:
a3:f0:61:ab:b2:b8:7d:1d:87:b8:ba:2b:dd:23:37:fd:03:a6:
d6:b0:30:66:e3:0c:55:eb:ef:41:70:7b:17:5d:44:bb:7e:95:
e4:d4:89:74:1d:8a:e5:dc:9a:56:21:41:0e:17:85:dc:cc:83:
0d:a7:7e:70:10:d6:43:e0:3e:03:f1:46:5a:a9:cc:e1:e1:5e:
1c:c9:c4:05:4b:01:25:4e:cf:9a:0d:a5:e6:79:a1:f5:c8:93:
71:6b:45:05:1f:45:b9:81:97:95:1e:35:3d:34:f1:48:9b:f6:
d0:4f:95:94:4a:18:27:ba:97:c1:12:27:b4:67:a9:01:61:c6:
27:c4:e5:b7:8f:d5:8e:94:31:be:01:90:f1:73:83:b2:f1:9b:
25:31:bd:7c:ef:24:68:94:10:14:84:16:dc:16:92:80:39:8f:
62:53:f9:b4:d6:68:01:eb:3a:de:85:8f:69:09:27:39:40:40:
b7:33:cc:9b:26:a2:bb:17:df:dc:59:02:aa:48:de:42:74:8d:
2b:0d:89:08:02:a4:74:8a:db:d8:c0:30:cf:48:fa:a0:b8:33:
f8:f3:95:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATLpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTQ1MTAxWhcNMjcxMjEzMTQ1MTAxWjAYMRYw
FAYDVQQDEw02Nzc2YTdkOS02OTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5TJVj2cA4YkFeBSFyZ3mcr5gQ74ca2LlU0IvJ+JHnbZ7DITif9mK2/cF
Qo5xaanjdsnxof/ZYbg5UPgWmnm+5kwy/BwPfQeBOfi9ZBEPTplYyDK/EDgXWA5a
OwX5BVK8/D+M5mXe9SJVyfAxDxYVR9DUnUhm1hqKRyEkW89EpmlaPWygPA6JGLHT
pHlqMPKKeseSnoLid2ho6SXMTrTl9YI+9A23Ww0a6TCRxQuS6i5zgulxQi3tL0wp
Zsx7kSzjSvKgSGrwU30+0LleVENm2ZK3NDH80Vg/VOOF4a2IkmIzv948Vwaf6Hcv
gz0Fl3BIakfVAPSGdvbu8BoBI+uPRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCjY
HmfeAqblPbMcaGYIFWJq/oghMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GREU1NjZEOEM5MTgxMUVGOTRCMEM1NUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4JMA0GCSqGSIb3DQEB
CwUAA4IBAQC3psh2ednCgx8plwacrJyCc78o6dctTxmpxZwRu0uXmbHK1Uaj8GGr
srh9HYe4uivdIzf9A6bWsDBm4wxV6+9BcHsXXUS7fpXk1Il0HYrl3JpWIUEOF4Xc
zIMNp35wENZD4D4D8UZaqczh4V4cycQFSwElTs+aDaXmeaH1yJNxa0UFH0W5gZeV
HjU9NPFIm/bQT5WUShgnupfBEie0Z6kBYcYnxOW3j9WOlDG+AZDxc4Oy8ZslMb18
7yRolBAUhBbcFpKAOY9iU/m01mgB6zrehY9pCSc5QEC3M8ybJqK7F9/cWQKqSN5C
dI0rDYkIAqR0itvYwDDPSPqguDP485VM
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:53:53 2025 by rpki-client