Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B38068215F411F0BAB8AC076EB8BCC6.roa
File: 6B38068215F411F0BAB8AC076EB8BCC6.roa (raw, json)
Hash identifier: HWPonC2cnp0AIuSBv1eGTBsxwKCWkwn5NlRGFizB+Ps=
Subject key identifier: 1B:47:1A:4D:9D:2F:56:14:C6:63:AA:E1:37:BB:D5:FB:0E:69:71:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0178CA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B38068215F411F0BAB8AC076EB8BCC6.roa
Signing time: Thu 10 Apr 2025 10:13:16 +0000
ROA not before: Thu 10 Apr 2025 10:13:13 +0000
ROA not after: Sat 10 May 2025 10:13:13 +0000
asID: 141159
IP address blocks: 154.94.224.0/24 maxlen: 24
154.94.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 17 Apr 2025 00:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96458 (0x178ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 10:13:13 2025 GMT
Not After : May 10 10:13:13 2025 GMT
Subject: CN=67f799bc-97bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c2:a9:71:da:af:76:5f:46:8a:cd:0d:4f:8f:
6b:3e:81:55:fd:fd:5d:da:55:35:ec:da:3c:2a:5b:
4d:a9:58:19:37:a1:60:20:c4:c7:3c:6f:c5:e0:09:
59:52:ef:bd:94:8d:bf:27:3f:b7:c5:6b:ef:1f:c3:
18:22:16:54:6c:cb:d1:3b:58:b1:f3:d1:68:5c:ce:
77:90:cc:a0:7c:c7:fe:9e:9f:69:7d:bc:b8:52:76:
75:68:c3:61:d2:fe:7f:bd:61:9a:23:99:a5:f9:04:
8d:cc:63:20:27:a9:d9:4e:95:29:d1:15:f7:3e:1e:
2a:bb:da:03:e2:98:bc:25:2b:4b:26:e4:b6:36:db:
36:2c:18:b1:70:ce:3d:fd:e8:2c:d8:45:19:0a:b0:
cd:52:81:d1:ae:2a:99:db:d6:c0:d7:03:b6:09:dd:
4b:a4:3f:1e:f0:db:4e:74:3b:53:e5:b3:d6:1b:62:
16:f1:ad:0d:29:28:6a:0a:ae:fb:65:94:db:c0:b5:
36:36:90:99:e5:ad:36:34:d6:89:fa:97:2b:f3:69:
d3:5b:93:85:9e:ca:bb:c0:51:9e:ee:e8:a5:46:54:
25:14:16:59:aa:55:28:9c:45:bf:fc:af:f1:1c:39:
71:f5:d1:e4:a5:3c:19:5a:ec:22:3c:48:da:2a:cd:
0d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:47:1A:4D:9D:2F:56:14:C6:63:AA:E1:37:BB:D5:FB:0E:69:71:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B38068215F411F0BAB8AC076EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/23
Signature Algorithm: sha256WithRSAEncryption
28:f2:b7:e8:23:e4:a4:e9:cc:37:e3:3d:ce:b3:2b:be:04:e5:
11:30:20:74:a0:89:31:3a:fd:4b:f3:d6:54:76:f7:ed:f9:5c:
e2:7d:40:1e:b0:e7:7d:cc:b4:53:77:3e:af:08:98:4c:ed:71:
9c:1a:f7:3d:27:fe:09:49:45:93:15:39:36:03:f4:c6:72:a2:
a6:4b:e3:e0:59:f9:c4:18:5e:e9:05:72:18:03:1f:08:f5:cb:
77:6e:66:47:41:94:b2:9e:0e:fe:a6:b0:f9:f4:84:ae:1c:53:
52:e2:be:cd:06:0f:72:8a:74:5a:12:88:99:9a:79:04:4a:6d:
44:83:74:6a:ca:8d:a8:b3:97:c6:64:78:86:41:57:17:43:2f:
25:23:22:4f:15:8f:d0:2a:d6:a9:45:ab:a4:b4:c9:1b:62:07:
84:40:dc:ac:fa:6b:11:6e:e9:96:b9:48:af:27:3b:5c:d5:dd:
7e:33:65:ab:c1:97:3b:50:75:7f:49:ed:de:13:52:95:56:34:
5d:28:3c:93:32:a1:79:32:a3:72:c7:45:55:9b:ea:e8:a8:21:
d2:5b:79:04:32:9c:8a:90:aa:d5:73:9e:f2:09:e9:0c:a1:3b:
b0:45:45:b4:c5:25:c4:43:b4:25:b3:6a:0f:90:4f:4f:fc:c4:
a6:5b:06:ea
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXjKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDEwMTAxMzEzWhcNMjUwNTEwMTAxMzEzWjAYMRYw
FAYDVQQDEw02N2Y3OTliYy05N2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqsKpcdqvdl9Gis0NT49rPoFV/f1d2lU17No8KltNqVgZN6FgIMTHPG/F
4AlZUu+9lI2/Jz+3xWvvH8MYIhZUbMvRO1ix89FoXM53kMygfMf+np9pfby4UnZ1
aMNh0v5/vWGaI5ml+QSNzGMgJ6nZTpUp0RX3Ph4qu9oD4pi8JStLJuS2Nts2LBix
cM49/egs2EUZCrDNUoHRriqZ29bA1wO2Cd1LpD8e8NtOdDtT5bPWG2IW8a0NKShq
Cq77ZZTbwLU2NpCZ5a02NNaJ+pcr82nTW5OFnsq7wFGe7uilRlQlFBZZqlUonEW/
/K/xHDlx9dHkpTwZWuwiPEjaKs0NMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBtH
Gk2dL1YUxmOq4Te71fsOaXH6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QjM4MDY4MjE1RjQxMUYwQkFCOEFDMDc2RUI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQAo8rfoI+Sk6cw34z3Osyu+BOURMCB0oIkxOv1L89ZUdvft+VzifUAe
sOd9zLRTdz6vCJhM7XGcGvc9J/4JSUWTFTk2A/TGcqKmS+PgWfnEGF7pBXIYAx8I
9ct3bmZHQZSyng7+prD59ISuHFNS4r7NBg9yinRaEoiZmnkESm1Eg3Rqyo2os5fG
ZHiGQVcXQy8lIyJPFY/QKtapRauktMkbYgeEQNys+msRbumWuUivJztc1d1+M2Wr
wZc7UHV/Se3eE1KVVjRdKDyTMqF5MqNyx0VVm+roqCHSW3kEMpyKkKrVc57yCekM
oTuwRUW0xSXEQ7Qls2oPkE9P/MSmWwbq
-----END CERTIFICATE-----
Generated at Tue Apr 15 15:01:39 2025 by rpki-client