Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FEFF1A84F41D11EF8DFFA656762E951A.roa
File: FEFF1A84F41D11EF8DFFA656762E951A.roa (raw, json)
Hash identifier: sSmROEL1qqQIsxAtpay44yfbZkMU16qXZ1Qca+tnPP4=
Subject key identifier: 21:ED:95:2F:FE:49:C3:D7:2F:60:39:25:D5:8D:93:E1:E6:A2:35:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016173
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FEFF1A84F41D11EF8DFFA656762E951A.roa
Signing time: Wed 26 Feb 2025 08:45:14 +0000
ROA not before: Wed 26 Feb 2025 08:45:10 +0000
ROA not after: Thu 19 Feb 2026 08:45:10 +0000
asID: 984
IP address blocks: 154.206.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90483 (0x16173)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 08:45:10 2025 GMT
Not After : Feb 19 08:45:10 2026 GMT
Subject: CN=67bed49a-b5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:02:2c:d5:7f:f9:0b:7d:02:b0:3f:d6:3f:c4:
d3:7e:ee:81:aa:16:db:a8:0b:f1:2d:9d:e3:6c:d7:
f8:ce:ab:56:0b:8e:a0:12:33:d6:20:51:69:e1:7b:
62:9e:ec:99:de:1b:ea:0c:e3:a9:97:83:5c:c8:42:
ac:d0:f4:0a:d0:32:b2:9f:f5:45:f9:8e:33:f4:1e:
d8:56:d2:08:a8:17:9c:54:99:b8:f8:56:7d:d3:76:
a2:b5:c8:28:3b:b0:98:ed:0f:5b:7b:0e:be:dd:a0:
72:af:4f:4c:7d:19:2d:d9:64:98:da:03:1e:f2:a5:
ff:4f:6c:37:a4:24:ae:a0:bd:3a:91:0d:ef:99:4b:
e2:61:15:0e:60:a2:09:56:4f:68:e3:fb:ff:16:7e:
01:ae:e8:74:59:f8:4c:da:46:c6:c8:a4:24:c1:48:
6a:82:aa:ba:53:fa:ba:12:1c:26:d5:57:9c:7c:86:
20:df:85:db:eb:f9:58:c5:c7:38:27:38:55:a1:65:
1f:a0:9b:68:72:69:3d:a2:55:46:9a:6f:b5:1d:bc:
3d:a1:27:80:b9:d4:41:4a:18:a2:dc:cc:7c:ee:f7:
dd:4e:38:8d:94:6b:7d:d5:2d:55:e0:b3:c0:cc:25:
65:03:71:77:47:1b:24:a0:11:13:ce:45:76:a3:8e:
7d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:ED:95:2F:FE:49:C3:D7:2F:60:39:25:D5:8D:93:E1:E6:A2:35:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FEFF1A84F41D11EF8DFFA656762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.218.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:20:99:d9:57:55:8d:f3:56:5d:d4:00:e5:69:77:2a:a1:18:
3e:b8:39:3f:88:98:06:d0:83:f5:1d:5c:64:32:af:d3:bb:46:
80:1e:16:38:50:5a:91:d1:c0:30:66:ea:c9:14:d5:99:6b:25:
84:18:0f:ef:04:ef:4d:cb:c0:1d:07:99:37:63:24:b2:94:95:
dc:0e:c5:4d:91:4a:3a:b0:89:cf:b9:fd:86:77:f6:4d:80:92:
f6:d6:5b:6e:e6:39:f4:b0:b5:d2:9a:f9:89:89:bf:ee:67:19:
a6:fe:b7:37:23:37:5b:6d:10:bb:48:4f:9b:d0:59:6c:37:50:
fe:b8:a8:d4:c8:ce:d3:28:24:8e:e1:24:41:02:7a:27:12:37:
a0:cc:2b:1b:0e:e6:dd:67:30:6f:97:dc:84:32:89:f7:50:db:
01:1d:bf:01:32:54:cf:bf:6f:65:05:b1:9a:6a:6f:44:9e:4f:
8f:82:d4:f4:cf:60:bf:25:8d:65:30:ac:0f:6c:33:6b:f7:a3:
39:2f:ce:54:91:08:59:d8:5b:e7:25:ed:6a:df:92:e1:8f:64:
bd:76:e7:07:05:29:c0:6c:1b:c9:f2:ed:28:55:09:75:4d:9c:
c5:08:b6:7c:0f:41:ff:93:8f:e6:2c:57:ff:f5:9f:91:e6:37:
2b:b9:f5:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWFzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDg0NTEwWhcNMjYwMjE5MDg0NTEwWjAYMRYw
FAYDVQQDEw02N2JlZDQ5YS1iNWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxwIs1X/5C30CsD/WP8TTfu6BqhbbqAvxLZ3jbNf4zqtWC46gEjPWIFFp
4XtinuyZ3hvqDOOpl4NcyEKs0PQK0DKyn/VF+Y4z9B7YVtIIqBecVJm4+FZ903ai
tcgoO7CY7Q9bew6+3aByr09MfRkt2WSY2gMe8qX/T2w3pCSuoL06kQ3vmUviYRUO
YKIJVk9o4/v/Fn4Bruh0WfhM2kbGyKQkwUhqgqq6U/q6Ehwm1VecfIYg34Xb6/lY
xcc4JzhVoWUfoJtocmk9olVGmm+1Hbw9oSeAudRBShii3Mx87vfdTjiNlGt91S1V
4LPAzCVlA3F3RxskoBETzkV2o459WQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCHt
lS/+ScPXL2A5JdWNk+HmojViMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRUZGMUE4NEY0MUQxMUVGOERGRkE2NTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7aMA0GCSqGSIb3DQEB
CwUAA4IBAQC2IJnZV1WN81Zd1ADlaXcqoRg+uDk/iJgG0IP1HVxkMq/Tu0aAHhY4
UFqR0cAwZurJFNWZayWEGA/vBO9Ny8AdB5k3YySylJXcDsVNkUo6sInPuf2Gd/ZN
gJL21ltu5jn0sLXSmvmJib/uZxmm/rc3IzdbbRC7SE+b0FlsN1D+uKjUyM7TKCSO
4SRBAnonEjegzCsbDubdZzBvl9yEMon3UNsBHb8BMlTPv29lBbGaam9Enk+PgtT0
z2C/JY1lMKwPbDNr96M5L85UkQhZ2FvnJe1q35Lhj2S9ducHBSnAbBvJ8u0oVQl1
TZzFCLZ8D0H/k4/mLFf/9Z+R5jcrufWG
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:48 2025 by rpki-client