Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06968CDC070111F0AC8E3A88762E951A.roa
File: 06968CDC070111F0AC8E3A88762E951A.roa (raw, json)
Hash identifier: ChsByVyAGL1+jprOgiy05EahEFaLWgfyKrcESe43a+s=
Subject key identifier: F8:12:84:A6:09:2A:AB:0A:D1:E8:46:13:CC:A2:A5:C9:FB:F2:57:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01756E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06968CDC070111F0AC8E3A88762E951A.roa
Signing time: Sat 22 Mar 2025 09:35:44 +0000
ROA not before: Sat 22 Mar 2025 09:35:40 +0000
ROA not after: Wed 09 Apr 2025 09:35:40 +0000
asID: 212238
IP address blocks: 154.94.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95598 (0x1756e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 22 09:35:40 2025 GMT
Not After : Apr 9 09:35:40 2025 GMT
Subject: CN=67de846f-255b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:8e:1f:81:c2:85:ee:a5:38:ff:39:fb:d8:60:
45:e5:ef:91:fa:29:23:a3:8d:de:ef:96:1f:24:58:
d4:ca:c6:8f:35:6c:8b:95:08:db:84:73:5e:72:61:
8d:24:6a:37:22:15:e0:7a:7c:18:bc:48:ad:a2:55:
19:d2:f2:b4:af:4b:ba:c5:9a:87:c0:a0:9a:a3:c4:
f8:31:10:d1:5b:ad:9f:ed:d7:1b:ab:92:55:5f:41:
26:57:e5:e4:70:5a:4b:f9:90:d5:bf:07:c6:1d:b7:
c9:c4:e5:97:f0:fb:95:84:8f:87:52:c7:8a:38:d2:
cb:a5:70:26:fd:51:47:96:95:1f:06:2a:e0:02:98:
c1:dd:56:ca:f4:8f:72:44:1c:65:24:46:ac:cf:bb:
81:b5:10:ae:0d:40:00:44:33:d4:a2:fb:cf:58:ad:
2a:1c:f6:df:69:e8:fa:71:8b:b1:b6:38:7a:8e:67:
36:6c:4e:4d:0c:6c:1a:45:cd:21:8e:8c:bc:78:f9:
ce:a2:5a:23:ca:33:ab:f7:e2:5b:1f:55:a7:9e:30:
1f:74:f8:8e:d2:5b:2f:d0:29:a2:a1:c9:52:a0:97:
c3:97:45:a8:11:15:21:e8:d0:7f:73:59:77:d2:2f:
01:47:6b:44:0a:4e:47:41:cc:e2:0b:f7:04:4b:97:
a9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:12:84:A6:09:2A:AB:0A:D1:E8:46:13:CC:A2:A5:C9:FB:F2:57:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06968CDC070111F0AC8E3A88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.39.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f7:29:2c:c0:85:6c:66:58:91:bb:11:6a:5f:27:1c:53:66:
18:ad:75:55:1c:60:3b:22:75:54:9c:96:a3:48:f3:65:b2:ee:
fc:8c:0b:60:2e:c9:de:98:f6:c2:fd:0b:15:3d:37:b1:86:bb:
9b:a5:79:5a:1a:e3:1f:b0:0e:ba:ed:3e:62:d8:22:b8:a3:9c:
29:b2:69:9e:e5:17:0d:de:ad:09:19:36:d1:ad:77:48:18:bd:
ae:37:fa:53:96:03:38:fc:8e:5d:f6:17:97:9c:04:1f:2e:91:
39:a8:41:9d:09:28:f1:87:22:da:b7:45:e4:e0:b9:dd:5c:f6:
9a:71:75:c5:e2:c7:44:9d:ae:40:0d:b2:90:dc:96:58:f2:54:
ce:1c:e6:f2:0c:5c:97:1e:2d:2f:c3:96:9c:f9:67:56:04:34:
0c:08:14:e7:dd:bf:22:cc:77:55:f4:ce:48:cf:ed:18:45:2d:
af:44:4e:a1:49:5c:dd:0a:38:8d:6e:bb:85:cf:fc:25:60:30:
0a:37:ff:d8:78:c3:40:a4:08:50:4a:c5:39:38:2e:f1:cb:10:
b9:ac:b2:10:ee:6f:13:db:c0:ef:17:a1:9c:8f:57:39:ba:cb:
d6:cf:29:e9:2e:9d:1b:d5:3f:65:e3:a5:0d:cb:bf:5b:0a:67:
ff:a9:0d:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXVuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIyMDkzNTQwWhcNMjUwNDA5MDkzNTQwWjAYMRYw
FAYDVQQDEw02N2RlODQ2Zi0yNTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5I4fgcKF7qU4/zn72GBF5e+R+ikjo43e75YfJFjUysaPNWyLlQjbhHNe
cmGNJGo3IhXgenwYvEitolUZ0vK0r0u6xZqHwKCao8T4MRDRW62f7dcbq5JVX0Em
V+XkcFpL+ZDVvwfGHbfJxOWX8PuVhI+HUseKONLLpXAm/VFHlpUfBirgApjB3VbK
9I9yRBxlJEasz7uBtRCuDUAARDPUovvPWK0qHPbfaej6cYuxtjh6jmc2bE5NDGwa
Rc0hjoy8ePnOolojyjOr9+JbH1WnnjAfdPiO0lsv0CmioclSoJfDl0WoERUh6NB/
c1l30i8BR2tECk5HQcziC/cES5epbwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPgS
hKYJKqsK0ehGE8yipcn78leIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNjk2OENEQzA3MDExMUYwQUM4RTNBODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4nMA0GCSqGSIb3DQEB
CwUAA4IBAQCS9ykswIVsZliRuxFqXyccU2YYrXVVHGA7InVUnJajSPNlsu78jAtg
LsnemPbC/QsVPTexhrubpXlaGuMfsA667T5i2CK4o5wpsmme5RcN3q0JGTbRrXdI
GL2uN/pTlgM4/I5d9heXnAQfLpE5qEGdCSjxhyLat0Xk4LndXPaacXXF4sdEna5A
DbKQ3JZY8lTOHObyDFyXHi0vw5ac+WdWBDQMCBTn3b8izHdV9M5Iz+0YRS2vRE6h
SVzdCjiNbruFz/wlYDAKN//YeMNApAhQSsU5OC7xyxC5rLIQ7m8T28DvF6Gcj1c5
usvWzynpLp0b1T9l46UNy79bCmf/qQ0U
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:48 2025 by rpki-client