Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03CAD7E407B311F099BE404A762E951A.roa
File: 03CAD7E407B311F099BE404A762E951A.roa (raw, json)
Hash identifier: jj0xR4L7uw9izlf0cy8wpwMxLsLiazxUNeww0b9gWR8=
Subject key identifier: B3:80:EB:2A:1E:3D:98:88:EB:98:54:2F:36:61:21:67:12:A4:3A:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0175B1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03CAD7E407B311F099BE404A762E951A.roa
Signing time: Sun 23 Mar 2025 06:49:49 +0000
ROA not before: Sun 23 Mar 2025 06:49:45 +0000
ROA not after: Sat 03 May 2025 06:49:45 +0000
asID: 203020
IP address blocks: 154.223.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95665 (0x175b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 23 06:49:45 2025 GMT
Not After : May 3 06:49:45 2025 GMT
Subject: CN=67dfaf0d-59a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:86:95:c1:66:7f:10:fa:04:64:a8:29:2d:b7:
28:34:8b:4e:5f:65:60:78:29:ce:3e:70:ef:ed:ad:
2f:9c:09:12:74:f8:11:cb:35:fb:c7:0c:5c:c5:d9:
56:15:6d:b0:3a:d3:04:ae:d5:56:08:eb:f9:7d:7a:
6f:42:13:32:96:80:73:7f:59:13:74:43:3d:a2:fd:
89:07:b2:53:8b:a2:07:60:65:47:05:85:dd:7d:46:
67:e8:15:0f:fa:84:15:db:1d:a3:e9:6a:02:00:c5:
55:0c:d0:4b:1b:b0:db:4c:1e:e3:33:9d:7a:c9:39:
f7:58:3b:0a:50:bd:27:90:39:9d:79:47:1c:0a:ec:
67:d0:1b:66:a6:95:d2:69:62:14:66:ad:2c:b9:9f:
0c:fb:85:a6:93:a5:3d:7f:2a:29:fe:8d:60:12:35:
21:ad:bb:6a:fb:12:36:f4:57:13:3b:bf:59:43:35:
26:06:8c:d4:1c:19:04:cd:6f:d6:01:87:1c:32:54:
0a:2d:b3:e6:4c:61:ae:e0:39:ab:49:df:be:3f:0f:
c7:76:03:86:ae:f2:33:ed:e3:a0:6b:bf:d9:75:d4:
9d:b9:f6:f3:b1:61:53:39:8b:dc:f8:27:c3:9c:30:
6d:cd:1f:ac:f0:80:00:30:30:21:f2:84:c9:25:82:
c8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:80:EB:2A:1E:3D:98:88:EB:98:54:2F:36:61:21:67:12:A4:3A:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03CAD7E407B311F099BE404A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.144.0/20
Signature Algorithm: sha256WithRSAEncryption
cc:3e:0a:7d:a4:81:33:c9:7a:2b:16:00:2f:d8:07:c1:c2:49:
e7:e1:02:e2:69:a2:15:2b:b4:b7:39:47:f5:54:13:51:5c:be:
06:36:2d:a5:42:25:1f:e3:13:f0:15:07:5e:3f:a1:9b:6c:13:
ae:3e:2e:2b:15:0c:66:a6:a0:67:16:bf:dc:cd:19:c8:f9:20:
5d:db:49:cc:45:fa:0f:09:a2:9f:d3:8a:4d:a0:94:e6:23:31:
12:b7:c1:48:6d:94:dc:d0:af:9b:27:33:27:2f:83:82:7e:95:
0e:8c:1d:27:19:5a:10:e2:79:a9:6c:18:89:4e:ed:a2:4a:c6:
5a:b8:e8:5b:4a:03:8c:1e:b9:19:72:7b:04:1e:78:26:b9:c4:
b6:df:58:2e:47:c3:a8:28:6d:c9:cc:ec:45:c8:bc:5b:0c:6e:
de:6b:3c:cd:a8:e7:fc:e3:09:70:e2:e0:26:c7:fb:61:ff:39:
a8:1f:cd:33:f8:f8:c7:8e:84:06:22:4b:46:af:14:05:1d:a5:
5b:ca:e5:b9:06:7c:78:95:29:ae:b6:57:3a:fd:cb:bf:85:7f:
ff:52:2a:15:82:e0:4d:df:c1:17:7a:ea:ab:aa:10:44:04:c6:
74:72:b6:0b:25:28:93:53:ba:56:7b:ea:e1:bd:bf:a9:a3:f2:
85:33:56:fd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXWxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIzMDY0OTQ1WhcNMjUwNTAzMDY0OTQ1WjAYMRYw
FAYDVQQDEw02N2RmYWYwZC01OWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1YaVwWZ/EPoEZKgpLbcoNItOX2VgeCnOPnDv7a0vnAkSdPgRyzX7xwxc
xdlWFW2wOtMErtVWCOv5fXpvQhMyloBzf1kTdEM9ov2JB7JTi6IHYGVHBYXdfUZn
6BUP+oQV2x2j6WoCAMVVDNBLG7DbTB7jM516yTn3WDsKUL0nkDmdeUccCuxn0Btm
ppXSaWIUZq0suZ8M+4Wmk6U9fyop/o1gEjUhrbtq+xI29FcTO79ZQzUmBozUHBkE
zW/WAYccMlQKLbPmTGGu4DmrSd++Pw/HdgOGrvIz7eOga7/ZddSdufbzsWFTOYvc
+CfDnDBtzR+s8IAAMDAh8oTJJYLIWwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLOA
6yoePZiI65hULzZhIWcSpDqwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wM0NBRDdFNDA3QjMxMUYwOTlCRTQwNEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt+QMA0GCSqGSIb3DQEB
CwUAA4IBAQDMPgp9pIEzyXorFgAv2AfBwknn4QLiaaIVK7S3OUf1VBNRXL4GNi2l
QiUf4xPwFQdeP6GbbBOuPi4rFQxmpqBnFr/czRnI+SBd20nMRfoPCaKf04pNoJTm
IzESt8FIbZTc0K+bJzMnL4OCfpUOjB0nGVoQ4nmpbBiJTu2iSsZauOhbSgOMHrkZ
cnsEHngmucS231guR8OoKG3JzOxFyLxbDG7eazzNqOf84wlw4uAmx/th/zmoH80z
+PjHjoQGIktGrxQFHaVbyuW5Bnx4lSmutlc6/cu/hX//UioVguBN38EXeuqrqhBE
BMZ0crYLJSiTU7pWe+rhvb+po/KFM1b9
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:35:13 2025 by rpki-client