Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2A82AA8107811F0A3C30049762E951A.roa
File: D2A82AA8107811F0A3C30049762E951A.roa (raw, json)
Hash identifier: K8sfv9o8mIbDJJMUbhwSRsE0t51mILDq9EfY3sHra00=
Subject key identifier: BB:79:CD:A9:B9:5D:67:DA:8A:06:D8:DA:A0:BD:A7:F9:13:A8:03:DF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017771
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2A82AA8107811F0A3C30049762E951A.roa
Signing time: Thu 03 Apr 2025 10:45:56 +0000
ROA not before: Thu 03 Apr 2025 10:45:53 +0000
ROA not after: Tue 03 Jun 2025 10:45:53 +0000
asID: 136970
IP address blocks: 154.92.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 04 May 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96113 (0x17771)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 3 10:45:53 2025 GMT
Not After : Jun 3 10:45:53 2025 GMT
Subject: CN=67ee66e4-9f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:79:61:e8:c2:4a:9d:9e:36:fe:39:fe:a7:59:
44:39:37:67:04:94:92:8d:a1:82:62:10:41:e7:cd:
29:d7:86:54:a4:49:fc:0c:aa:26:c3:fe:a5:77:5b:
b5:bb:40:f8:96:cd:3a:a1:de:4b:96:08:7a:33:a7:
65:56:f5:08:c9:c8:bc:97:30:7a:8d:04:94:37:88:
3f:97:28:90:d4:24:ef:07:a3:b6:59:80:9c:a1:53:
53:e6:41:f7:bd:ff:34:30:7f:58:36:d3:5c:da:1c:
18:9c:d3:e1:f1:24:73:ea:80:f0:6e:33:63:49:64:
0d:68:96:cd:6d:5a:21:92:dc:09:2e:a1:a5:44:1d:
eb:68:55:77:7b:1e:61:8e:ee:3b:06:ac:04:d8:67:
1c:9e:bd:b5:02:b5:a4:be:f8:2d:10:d5:54:a4:f0:
3d:ba:40:b7:17:14:40:69:62:c5:6f:a0:0b:61:71:
9d:bb:cb:50:3b:87:55:e7:af:31:e5:91:56:4e:0f:
b3:29:d5:f4:71:51:83:72:ed:6d:77:ef:8d:b9:cd:
fc:69:0d:a8:c1:c2:5a:6a:a8:15:ef:b7:3e:bd:57:
42:37:f7:1e:67:f5:ab:62:73:31:e5:cd:71:1b:23:
3e:0d:6d:cf:0f:38:16:bb:d6:11:b3:b1:c4:8e:44:
d0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:79:CD:A9:B9:5D:67:DA:8A:06:D8:DA:A0:BD:A7:F9:13:A8:03:DF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2A82AA8107811F0A3C30049762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.20.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f5:67:eb:21:e8:0e:e0:ab:28:d7:4d:32:df:a7:85:0c:57:
83:7d:bd:f5:0a:dd:24:dd:ee:d6:8b:81:7f:62:b0:0b:5f:8b:
51:60:e3:40:09:dd:c6:b0:58:cf:89:bf:6e:46:c3:be:04:82:
86:75:1f:df:68:83:b7:50:41:88:0b:c7:c9:98:19:76:fe:49:
c0:38:cc:12:65:5e:89:91:f2:86:a4:cc:6b:1a:40:85:4c:91:
eb:0b:59:b5:84:df:47:83:0f:6b:0c:f6:25:e5:9c:68:f1:e9:
8c:46:cf:9a:00:14:80:73:cd:7e:e5:33:93:59:4c:83:f3:dc:
9f:3e:ff:2f:3c:96:00:06:cc:58:71:c8:ab:5e:f8:1c:d2:66:
86:0b:97:99:0a:3a:54:57:21:8a:f4:2a:e5:38:79:25:3e:75:
e5:c4:48:15:6f:fc:9e:c4:68:4c:ff:bb:58:44:7e:4a:72:7b:
e9:77:39:dc:d1:cb:34:d9:4c:55:dc:05:58:07:18:ae:e8:b4:
0e:7b:8f:dd:ff:a9:29:ab:47:9c:47:00:0b:68:ba:86:6a:0e:
ed:51:77:f1:52:98:c3:69:c5:36:66:4e:91:96:ce:82:fe:87:
30:fa:4a:ea:50:f6:a6:11:0f:02:84:e3:a5:bd:6c:a0:1a:b5:
8a:78:9a:df
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXdxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDAzMTA0NTUzWhcNMjUwNjAzMTA0NTUzWjAYMRYw
FAYDVQQDEw02N2VlNjZlNC05ZjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv3lh6MJKnZ42/jn+p1lEOTdnBJSSjaGCYhBB580p14ZUpEn8DKomw/6l
d1u1u0D4ls06od5Llgh6M6dlVvUIyci8lzB6jQSUN4g/lyiQ1CTvB6O2WYCcoVNT
5kH3vf80MH9YNtNc2hwYnNPh8SRz6oDwbjNjSWQNaJbNbVohktwJLqGlRB3raFV3
ex5hju47BqwE2Gccnr21ArWkvvgtENVUpPA9ukC3FxRAaWLFb6ALYXGdu8tQO4dV
568x5ZFWTg+zKdX0cVGDcu1td++Nuc38aQ2owcJaaqgV77c+vVdCN/ceZ/WrYnMx
5c1xGyM+DW3PDzgWu9YRs7HEjkTQcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLt5
zam5XWfaigbY2qC9p/kTqAPfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMkE4MkFBODEwNzgxMUYwQTNDMzAwNDk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlwUMA0GCSqGSIb3DQEB
CwUAA4IBAQBe9WfrIegO4Kso100y36eFDFeDfb31Ct0k3e7Wi4F/YrALX4tRYONA
Cd3GsFjPib9uRsO+BIKGdR/faIO3UEGIC8fJmBl2/knAOMwSZV6JkfKGpMxrGkCF
TJHrC1m1hN9Hgw9rDPYl5Zxo8emMRs+aABSAc81+5TOTWUyD89yfPv8vPJYABsxY
ccirXvgc0maGC5eZCjpUVyGK9CrlOHklPnXlxEgVb/yexGhM/7tYRH5Kcnvpdznc
0cs02UxV3AVYBxiu6LQOe4/d/6kpq0ecRwALaLqGag7tUXfxUpjDacU2Zk6Rls6C
/ocw+krqUPamEQ8ChOOlvWygGrWKeJrf
-----END CERTIFICATE-----
Generated at Fri May 2 17:22:04 2025 by rpki-client