Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/024F3FFCFFE011EF9FAA1AA7762E951A.roa
File: 024F3FFCFFE011EF9FAA1AA7762E951A.roa (raw, json)
Hash identifier: TjjQoZyRvmgO5NfqHfRNZAoyfs6P5/FXOYJyDKlcVus=
Subject key identifier: B5:20:4D:A4:A6:8D:58:F7:1D:F4:06:DF:2E:33:C2:CC:E2:A4:79:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01740B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/024F3FFCFFE011EF9FAA1AA7762E951A.roa
Signing time: Thu 13 Mar 2025 07:51:45 +0000
ROA not before: Thu 13 Mar 2025 07:51:41 +0000
ROA not after: Mon 21 Apr 2025 07:51:41 +0000
asID: 25198
IP address blocks: 154.197.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95243 (0x1740b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 13 07:51:41 2025 GMT
Not After : Apr 21 07:51:41 2025 GMT
Subject: CN=67d28e91-7dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d8:2d:30:2e:4b:29:a6:57:1d:b9:79:a0:12:
90:19:fa:44:8f:00:6e:f4:ce:fa:a8:39:e7:87:12:
48:96:eb:cb:e4:b0:61:86:e1:10:b8:d3:17:23:ea:
f6:1b:7b:b2:62:c7:a9:8a:ea:1f:72:01:48:0d:1e:
d8:2b:3a:63:83:28:2e:51:9f:3c:93:d4:36:a1:82:
47:54:1a:16:2f:ac:6a:d4:e8:d1:94:bc:60:e4:e5:
a6:db:7f:50:0e:07:ce:0b:de:f4:cd:60:4c:ac:37:
9e:8b:b5:d8:c3:37:e4:13:12:12:cd:ad:44:20:14:
17:ad:3f:48:e4:6d:02:b7:30:c8:73:ba:10:3a:26:
73:e1:54:25:04:59:65:f0:13:89:09:02:4e:7f:ce:
7d:84:8a:a4:1e:f5:96:f3:95:f1:d5:a5:be:74:0b:
7a:c1:5b:4a:0c:c7:3c:a7:54:6d:a4:fd:59:75:6a:
40:5c:b3:d1:eb:c7:99:31:29:b4:85:4c:aa:d4:cd:
11:3e:77:98:6e:e3:e7:11:e9:36:50:9f:1e:0c:54:
ca:c3:92:c7:23:44:ab:0e:22:b9:0b:39:01:37:76:
b0:76:a3:07:ef:47:de:84:b3:61:4f:a1:60:3d:02:
59:ef:6a:c4:a9:21:48:bf:7b:99:53:6a:e3:44:10:
05:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:20:4D:A4:A6:8D:58:F7:1D:F4:06:DF:2E:33:C2:CC:E2:A4:79:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/024F3FFCFFE011EF9FAA1AA7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.104.0/24
Signature Algorithm: sha256WithRSAEncryption
39:78:8b:4f:11:dc:27:77:c1:81:32:a3:8f:4d:3e:e1:5a:a5:
9a:61:c3:1f:2b:03:27:8c:57:d1:0d:d8:04:fb:2c:21:11:d7:
a5:d7:99:3a:d0:70:bd:36:04:9d:34:e1:56:1f:71:2f:5e:63:
01:f8:30:e1:67:65:14:87:50:af:1f:6e:7e:74:10:46:ff:1f:
93:04:fc:64:0d:98:37:5a:36:46:41:c1:46:c8:85:22:ff:f8:
17:60:a6:a6:07:4b:14:d4:d2:46:32:2f:70:84:26:f0:7d:19:
54:21:78:9c:82:17:39:06:77:dc:f0:4d:11:84:9e:67:de:40:
f5:5b:52:21:63:4d:03:c5:8d:40:9d:8b:3d:3d:2b:37:ab:b0:
ce:c5:ea:c5:b0:3e:92:2a:31:78:80:4f:35:14:91:be:a7:f3:
4b:08:45:f1:07:68:27:42:94:8a:60:9d:d6:0d:fe:ed:ec:8e:
a4:de:df:46:d0:36:b2:5e:9c:0d:4d:b3:9b:49:8a:e9:60:e8:
81:83:0f:39:01:33:25:5e:db:59:ee:1a:bc:dc:8b:ab:ba:65:
b1:89:26:ee:01:56:06:91:77:df:68:8c:28:64:e2:7e:f1:f7:
4e:29:12:a3:7a:31:66:de:50:a9:b5:91:34:b0:7b:4e:b2:15:
0f:3f:5c:1f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXQLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEzMDc1MTQxWhcNMjUwNDIxMDc1MTQxWjAYMRYw
FAYDVQQDEw02N2QyOGU5MS03ZGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn9gtMC5LKaZXHbl5oBKQGfpEjwBu9M76qDnnhxJIluvL5LBhhuEQuNMX
I+r2G3uyYsepiuofcgFIDR7YKzpjgyguUZ88k9Q2oYJHVBoWL6xq1OjRlLxg5OWm
239QDgfOC970zWBMrDeei7XYwzfkExISza1EIBQXrT9I5G0CtzDIc7oQOiZz4VQl
BFll8BOJCQJOf859hIqkHvWW85Xx1aW+dAt6wVtKDMc8p1RtpP1ZdWpAXLPR68eZ
MSm0hUyq1M0RPneYbuPnEek2UJ8eDFTKw5LHI0SrDiK5CzkBN3awdqMH70fehLNh
T6FgPQJZ72rEqSFIv3uZU2rjRBAFyQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLUg
TaSmjVj3HfQG3y4zwszipHn6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMjRGM0ZGQ0ZGRTAxMUVGOUZBQTFBQTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVoMA0GCSqGSIb3DQEB
CwUAA4IBAQA5eItPEdwnd8GBMqOPTT7hWqWaYcMfKwMnjFfRDdgE+ywhEdel15k6
0HC9NgSdNOFWH3EvXmMB+DDhZ2UUh1CvH25+dBBG/x+TBPxkDZg3WjZGQcFGyIUi
//gXYKamB0sU1NJGMi9whCbwfRlUIXicghc5Bnfc8E0RhJ5n3kD1W1IhY00DxY1A
nYs9PSs3q7DOxerFsD6SKjF4gE81FJG+p/NLCEXxB2gnQpSKYJ3WDf7t7I6k3t9G
0DayXpwNTbObSYrpYOiBgw85ATMlXttZ7hq83IurumWxiSbuAVYGkXffaIwoZOJ+
8fdOKRKjejFm3lCptZE0sHtOshUPP1wf
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:43:51 2025 by rpki-client