Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6C4501961A0F11F08CBBE8F56DB8BCC6.roa
File: 6C4501961A0F11F08CBBE8F56DB8BCC6.roa (raw, json)
Hash identifier: uUUsq/1qw+zf6uVrNFfOnlyHwHyPhx/RrVTQ5BFBiM0=
Subject key identifier: BE:20:C4:00:4D:BC:3E:37:D6:65:A1:B4:34:10:D0:B2:FB:20:CC:6E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01794D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6C4501961A0F11F08CBBE8F56DB8BCC6.roa
Signing time: Tue 15 Apr 2025 15:36:40 +0000
ROA not before: Tue 15 Apr 2025 15:36:35 +0000
ROA not after: Sun 25 May 2025 15:36:35 +0000
asID: 401615
IP address blocks: 154.85.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 01 May 2025 00:08:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96589 (0x1794d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 15:36:35 2025 GMT
Not After : May 25 15:36:35 2025 GMT
Subject: CN=67fe7d07-586c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6e:3c:7e:e7:61:74:1b:9a:99:7e:9a:f3:f9:
7f:a7:17:18:61:7f:7d:0a:d3:06:80:d4:0e:34:6c:
a6:3d:d1:70:0d:6a:86:06:da:1f:3c:9f:9c:da:b7:
f0:ae:3e:0d:35:45:e9:79:90:3b:7e:19:04:a2:89:
28:f3:0c:95:b4:4f:c9:f2:53:d2:96:5b:89:26:ad:
b2:04:c1:18:e9:21:19:ca:ea:11:1b:0e:55:0d:ca:
d5:18:de:e0:03:bc:91:4c:00:81:65:82:f2:3b:cd:
95:14:4a:d2:ba:9a:40:60:e3:1c:b7:e9:7b:c5:0e:
61:db:7b:31:a4:4e:17:5c:5b:08:74:62:f3:ea:73:
59:d4:8e:42:e0:57:51:49:1c:08:ce:6c:b1:73:80:
55:61:7b:94:10:5d:ac:25:cc:91:23:62:89:bd:d2:
67:e0:61:e2:92:3c:5d:89:d9:10:d0:68:d2:15:63:
44:26:31:93:6f:c3:99:72:e6:9c:91:fb:d3:12:62:
7f:2d:2b:0e:48:01:2c:5c:fd:87:b8:e8:40:ca:34:
be:32:81:04:67:08:81:3f:d6:c9:de:3f:53:70:c4:
e3:85:8f:b9:ea:5f:38:f3:7d:f9:2b:75:be:91:2c:
ee:25:9d:b3:49:28:a0:96:11:95:aa:ef:c1:ec:14:
37:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:20:C4:00:4D:BC:3E:37:D6:65:A1:B4:34:10:D0:B2:FB:20:CC:6E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6C4501961A0F11F08CBBE8F56DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.20.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:96:be:0c:86:33:e6:7f:5a:23:ec:b8:79:ac:a7:dd:d8:2b:
ab:71:b6:40:a1:6b:b3:05:1a:3d:b7:04:96:dd:e4:34:fc:c3:
fe:ef:bd:cb:d4:3c:98:ce:54:cc:a8:5a:96:8d:c3:5a:99:81:
ac:00:4b:ad:b6:07:79:52:dc:8c:da:6b:84:e9:16:71:e8:03:
6a:43:f2:1a:77:a0:1e:87:17:13:09:bd:d5:b5:f2:14:fa:d8:
4e:b9:3c:f8:cd:5e:ac:45:20:5b:ca:30:0c:71:1e:d6:48:28:
9b:5f:c1:39:3b:67:4d:b9:5c:3d:77:f4:f8:47:65:68:95:5a:
83:6b:d0:8c:72:01:28:7d:38:bd:23:e8:13:fd:5f:9f:7a:ec:
c0:1d:7f:90:6d:68:f7:a6:2b:78:d5:53:8a:c8:9f:d7:f0:68:
44:79:44:b7:a6:c2:06:fa:36:70:10:9e:ed:e1:14:be:e3:04:
40:5c:dd:d3:b6:19:81:74:7a:b3:20:a0:ba:29:f4:7e:d9:1c:
b9:e9:03:e1:7d:5f:e8:30:7e:0d:37:44:01:6f:01:e4:9f:5e:
14:94:f5:bd:3f:25:97:ee:de:e8:b6:41:dd:de:cc:f2:f1:9b:
6d:b6:12:60:8a:b7:3a:95:97:12:b9:d9:57:40:a5:87:b1:d1:
05:47:5b:50
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXlNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE1MTUzNjM1WhcNMjUwNTI1MTUzNjM1WjAYMRYw
FAYDVQQDEw02N2ZlN2QwNy01ODZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqW48fudhdBuamX6a8/l/pxcYYX99CtMGgNQONGymPdFwDWqGBtofPJ+c
2rfwrj4NNUXpeZA7fhkEooko8wyVtE/J8lPSlluJJq2yBMEY6SEZyuoRGw5VDcrV
GN7gA7yRTACBZYLyO82VFErSuppAYOMct+l7xQ5h23sxpE4XXFsIdGLz6nNZ1I5C
4FdRSRwIzmyxc4BVYXuUEF2sJcyRI2KJvdJn4GHikjxdidkQ0GjSFWNEJjGTb8OZ
cuackfvTEmJ/LSsOSAEsXP2HuOhAyjS+MoEEZwiBP9bJ3j9TcMTjhY+56l848335
K3W+kSzuJZ2zSSiglhGVqu/B7BQ38wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL4g
xABNvD431mWhtDQQ0LL7IMxuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QzQ1MDE5NjFBMEYxMUYwOENCQkU4RjU2REI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlUUMA0GCSqGSIb3DQEB
CwUAA4IBAQCclr4MhjPmf1oj7Lh5rKfd2CurcbZAoWuzBRo9twSW3eQ0/MP+773L
1DyYzlTMqFqWjcNamYGsAEuttgd5UtyM2muE6RZx6ANqQ/Iad6AehxcTCb3VtfIU
+thOuTz4zV6sRSBbyjAMcR7WSCibX8E5O2dNuVw9d/T4R2VolVqDa9CMcgEofTi9
I+gT/V+feuzAHX+QbWj3pit41VOKyJ/X8GhEeUS3psIG+jZwEJ7t4RS+4wRAXN3T
thmBdHqzIKC6KfR+2Ry56QPhfV/oMH4NN0QBbwHkn14UlPW9PyWX7t7otkHd3szy
8ZttthJgirc6lZcSudlXQKWHsdEFR1tQ
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:57:11 2025 by rpki-client