Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AFECCEA114111F093226483762E951A.roa
File: 0AFECCEA114111F093226483762E951A.roa (raw, json)
Hash identifier: ZMkSZ3005ihiIJws9cH1198SHlA7J0099pV25ga0a7s=
Subject key identifier: 66:10:C5:D2:FD:4B:7D:B5:B2:12:BA:D8:9E:96:C0:68:91:A8:85:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0177BA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AFECCEA114111F093226483762E951A.roa
Signing time: Fri 04 Apr 2025 10:39:11 +0000
ROA not before: Fri 04 Apr 2025 10:39:06 +0000
ROA not after: Mon 14 Apr 2025 10:39:06 +0000
asID: 132513
IP address blocks: 154.197.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 10:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96186 (0x177ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 4 10:39:06 2025 GMT
Not After : Apr 14 10:39:06 2025 GMT
Subject: CN=67efb6ce-93fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1c:b2:db:70:a5:79:65:9b:89:90:be:33:e1:
f0:f7:23:82:33:3c:c0:cd:64:34:66:6c:5f:03:14:
ab:7f:3a:05:dd:00:1d:0e:aa:28:31:a5:d3:31:de:
6a:a5:c3:de:38:54:ae:35:20:fb:ea:ef:15:e5:be:
97:d5:36:3d:3e:93:5c:f3:dc:2a:bb:f1:f6:44:fa:
bf:5d:4a:cd:2a:61:86:60:1b:7c:d0:cf:f8:9c:bd:
5d:7a:3f:62:29:db:48:08:02:64:0a:55:78:e2:43:
a2:ac:03:68:6b:63:77:f4:37:d0:da:72:66:95:bd:
e9:be:63:f4:eb:1a:12:7c:3e:31:62:04:d8:6d:34:
73:90:c5:20:85:be:bf:41:c2:5b:5f:50:ee:a0:fa:
18:b3:0f:33:c4:e9:97:9a:3e:dd:a7:72:33:ff:49:
05:b0:20:c1:43:7d:d0:bf:1b:5f:43:de:f3:d9:c7:
14:10:e7:6d:c1:4f:4c:ba:ed:c5:f0:d7:f0:2c:fa:
8d:d1:87:d8:a5:c5:e7:41:e0:9f:cf:99:d6:9b:24:
9c:d7:c6:61:24:fb:24:23:e8:b7:bb:6f:c7:b3:e1:
3b:ef:37:88:e3:07:55:0f:9b:ef:56:26:17:9e:e4:
a4:92:d5:89:0c:8b:c2:6e:73:d4:79:9a:8b:e1:47:
9a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:10:C5:D2:FD:4B:7D:B5:B2:12:BA:D8:9E:96:C0:68:91:A8:85:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AFECCEA114111F093226483762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.44.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a9:66:f6:c4:c9:f7:3b:c9:22:7f:22:2d:2b:a9:96:7e:ba:
ef:cf:ef:8b:e0:c4:85:7d:b5:bb:ff:e1:9a:76:70:bd:6c:5f:
1a:7e:b8:19:0e:70:ec:5b:51:33:17:6f:38:2a:5b:bc:af:b1:
98:75:8c:b9:71:41:36:c5:a4:49:6b:e6:51:f5:2c:b0:5a:a1:
dd:ba:89:b7:41:e1:78:e1:81:f9:77:4a:bc:ec:cf:11:cc:32:
2e:a0:0b:bc:45:f9:1d:f9:27:c0:63:53:35:4d:e0:5a:c2:8f:
c5:a5:db:28:b1:a6:54:9d:b2:45:8e:75:24:64:56:ff:60:c5:
5b:c8:31:52:fc:21:6a:85:a3:e1:e8:84:6f:bf:d9:0f:fb:b6:
71:98:6f:57:8f:f7:47:37:c3:26:48:09:f5:ab:6f:8d:1c:99:
0f:98:79:ae:51:5d:7f:94:4e:d6:c8:e6:ae:b4:76:c5:ef:d2:
77:c3:42:23:e1:50:36:cf:02:8e:9b:ea:55:d0:f5:b4:02:c8:
15:b8:61:b9:66:d5:fb:72:3e:0e:4c:af:02:ee:df:f4:f4:8e:
e9:5d:40:16:71:5b:eb:32:6f:ae:1f:7f:d6:30:41:10:6e:ee:
c0:c0:d8:fc:97:30:f1:93:a1:b8:8a:a3:57:e1:cd:bf:ce:81:
bf:3c:9b:0f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXe6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA0MTAzOTA2WhcNMjUwNDE0MTAzOTA2WjAYMRYw
FAYDVQQDEw02N2VmYjZjZS05M2ZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAohyy23CleWWbiZC+M+Hw9yOCMzzAzWQ0ZmxfAxSrfzoF3QAdDqooMaXT
Md5qpcPeOFSuNSD76u8V5b6X1TY9PpNc89wqu/H2RPq/XUrNKmGGYBt80M/4nL1d
ej9iKdtICAJkClV44kOirANoa2N39DfQ2nJmlb3pvmP06xoSfD4xYgTYbTRzkMUg
hb6/QcJbX1DuoPoYsw8zxOmXmj7dp3Iz/0kFsCDBQ33QvxtfQ97z2ccUEOdtwU9M
uu3F8NfwLPqN0YfYpcXnQeCfz5nWmySc18ZhJPskI+i3u2/Hs+E77zeI4wdVD5vv
ViYXnuSkktWJDIvCbnPUeZqL4UeaVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGYQ
xdL9S321shK62J6WwGiRqIUOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQUZFQ0NFQTExNDExMUYwOTMyMjY0ODM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsUsMA0GCSqGSIb3DQEB
CwUAA4IBAQB0qWb2xMn3O8kifyItK6mWfrrvz++L4MSFfbW7/+GadnC9bF8afrgZ
DnDsW1EzF284Klu8r7GYdYy5cUE2xaRJa+ZR9SywWqHduom3QeF44YH5d0q87M8R
zDIuoAu8Rfkd+SfAY1M1TeBawo/FpdsosaZUnbJFjnUkZFb/YMVbyDFS/CFqhaPh
6IRvv9kP+7ZxmG9Xj/dHN8MmSAn1q2+NHJkPmHmuUV1/lE7WyOautHbF79J3w0Ij
4VA2zwKOm+pV0PW0AsgVuGG5ZtX7cj4OTK8C7t/09I7pXUAWcVvrMm+uH3/WMEEQ
bu7AwNj8lzDxk6G4iqNX4c2/zoG/PJsP
-----END CERTIFICATE-----
Generated at Mon Apr 14 09:49:42 2025 by rpki-client