Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE4E65E0DA1E11EF8664BB88762E951A.roa
File: FE4E65E0DA1E11EF8664BB88762E951A.roa (raw, json)
Hash identifier: NPt5MtlyNa5/nfueVkhXctWU+IIn1DH39qFD1Bg4JkU=
Subject key identifier: D7:A3:09:5A:E0:6F:BE:BD:90:4D:A6:69:91:8D:83:85:FA:BA:FF:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0143F8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE4E65E0DA1E11EF8664BB88762E951A.roa
Signing time: Fri 24 Jan 2025 06:46:52 +0000
ROA not before: Fri 24 Jan 2025 06:46:48 +0000
ROA not after: Tue 13 May 2025 06:46:48 +0000
asID: 138915
IP address blocks: 154.205.136.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82936 (0x143f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 06:46:48 2025 GMT
Not After : May 13 06:46:48 2025 GMT
Subject: CN=6793375c-6eff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:53:0f:d6:9f:9e:6a:89:20:37:3e:e5:1e:6b:
33:e3:35:5b:31:57:b2:3b:15:08:4c:00:2b:7b:a3:
c5:83:c1:95:a9:e2:75:cc:18:57:c7:9d:10:47:1e:
b1:cb:53:0c:0f:f9:ad:c4:5c:63:4e:5a:5e:ef:ce:
39:72:06:df:62:14:59:28:cc:c2:6d:8a:61:21:f2:
62:fe:f1:88:7b:b5:ac:0d:a0:02:60:2a:19:a0:20:
ab:dc:58:9f:a9:31:e0:cb:17:db:13:1e:20:15:53:
d3:c4:24:11:0a:9c:ae:6f:ef:45:47:84:a0:6f:b4:
30:aa:4f:d9:77:15:c2:fd:07:97:d4:62:bd:4e:55:
70:4d:66:24:f3:9d:ec:63:37:de:74:a8:ce:b3:61:
d2:dd:e3:2d:00:e0:07:9d:93:eb:9a:c8:97:6c:39:
81:e9:04:a4:7c:21:cc:22:f2:c8:c0:ff:0a:e0:67:
2a:e0:79:a1:8b:0d:15:ff:25:4a:f3:34:cc:ca:10:
7f:34:cf:a5:ad:35:07:f1:e4:26:30:2a:99:e9:08:
ce:59:d7:e8:88:f8:c8:03:01:0b:ad:52:58:f8:00:
1d:84:4c:a5:f5:75:c1:4d:79:fe:8f:3b:14:89:ac:
88:ec:da:15:49:6e:18:62:44:c3:cd:f7:6c:5e:50:
de:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A3:09:5A:E0:6F:BE:BD:90:4D:A6:69:91:8D:83:85:FA:BA:FF:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE4E65E0DA1E11EF8664BB88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.136.0/23
Signature Algorithm: sha256WithRSAEncryption
85:28:44:7e:51:c9:3c:be:fa:50:4d:38:a1:b0:68:76:0f:f2:
69:58:18:f8:dd:c0:d0:37:32:aa:75:dc:09:bf:9d:5e:33:bc:
27:d4:cd:6c:62:f6:61:82:02:a6:81:33:83:96:25:e6:09:e1:
1d:2b:ff:68:79:b7:61:c0:f2:e5:44:96:05:4b:19:c1:76:e9:
9d:ee:6a:be:26:b8:92:ee:09:47:2c:b7:47:3f:d6:a3:c3:c6:
5f:13:5a:75:a4:55:ce:b9:d9:7a:4b:1d:eb:bf:2c:7c:45:05:
07:02:0e:aa:af:c1:c9:ea:9e:d0:3c:fe:55:09:76:f4:ea:8c:
27:5c:05:2c:c8:10:98:bd:4e:12:33:38:2d:ae:38:52:8d:f1:
f5:e4:ec:b6:45:e0:ab:ee:f8:ab:20:b4:b0:a6:bc:0f:82:f7:
a2:28:f0:70:cc:f2:5d:42:ab:ce:49:fe:e8:f4:cb:77:c8:6b:
fe:4f:f8:58:f4:a0:ec:9c:e3:cf:95:de:3c:40:89:0f:9b:52:
1d:5d:c8:9f:5a:ca:f3:ca:5e:8e:17:14:a6:6b:61:bc:72:05:
c3:34:35:4b:b0:5f:13:82:d9:71:55:88:00:2c:b0:5e:60:d9:
46:d7:9a:a3:a5:c8:fd:fa:65:8d:b4:f0:4a:df:72:37:95:98:
ab:94:c8:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUP4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDY0NjQ4WhcNMjUwNTEzMDY0NjQ4WjAYMRYw
FAYDVQQDEw02NzkzMzc1Yy02ZWZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4FMP1p+eaokgNz7lHmsz4zVbMVeyOxUITAAre6PFg8GVqeJ1zBhXx50Q
Rx6xy1MMD/mtxFxjTlpe7845cgbfYhRZKMzCbYphIfJi/vGIe7WsDaACYCoZoCCr
3FifqTHgyxfbEx4gFVPTxCQRCpyub+9FR4Sgb7Qwqk/ZdxXC/QeX1GK9TlVwTWYk
853sYzfedKjOs2HS3eMtAOAHnZPrmsiXbDmB6QSkfCHMIvLIwP8K4Gcq4Hmhiw0V
/yVK8zTMyhB/NM+lrTUH8eQmMCqZ6QjOWdfoiPjIAwELrVJY+AAdhEyl9XXBTXn+
jzsUiayI7NoVSW4YYkTDzfdsXlDe6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNej
CVrgb769kE2maZGNg4X6uv+BMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRTRFNjVFMERBMUUxMUVGODY2NEJCODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms2IMA0GCSqGSIb3DQEB
CwUAA4IBAQCFKER+Uck8vvpQTTihsGh2D/JpWBj43cDQNzKqddwJv51eM7wn1M1s
YvZhggKmgTODliXmCeEdK/9oebdhwPLlRJYFSxnBdumd7mq+JriS7glHLLdHP9aj
w8ZfE1p1pFXOudl6Sx3rvyx8RQUHAg6qr8HJ6p7QPP5VCXb06ownXAUsyBCYvU4S
MzgtrjhSjfH15Oy2ReCr7virILSwprwPgveiKPBwzPJdQqvOSf7o9Mt3yGv+T/hY
9KDsnOPPld48QIkPm1IdXcifWsrzyl6OFxSma2G8cgXDNDVLsF8TgtlxVYgALLBe
YNlG15qjpcj9+mWNtPBK33I3lZirlMi7
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:16:05 2025 by rpki-client