Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CD15EDAE2D311EFB66703BD762E951A.roa
File: 0CD15EDAE2D311EFB66703BD762E951A.roa (raw, json)
Hash identifier: 928LgZsk8jbsJ3aXH0/zxtN0Ld7rDd2T54TEoK9Di1Y=
Subject key identifier: 4E:35:C2:F9:32:9A:D8:4A:98:C3:33:19:A3:16:9F:B6:9E:DA:57:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0150AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CD15EDAE2D311EFB66703BD762E951A.roa
Signing time: Tue 04 Feb 2025 08:35:55 +0000
ROA not before: Tue 04 Feb 2025 08:35:51 +0000
ROA not after: Wed 30 Apr 2025 08:35:51 +0000
asID: 18229
IP address blocks: 154.210.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86188 (0x150ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 08:35:51 2025 GMT
Not After : Apr 30 08:35:51 2025 GMT
Subject: CN=67a1d16b-c819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:27:d1:24:63:85:f2:90:60:d3:36:c6:56:06:
ed:04:62:f1:1f:34:0b:fa:16:23:3c:a7:ca:81:b7:
dc:a5:bb:b2:cb:bb:f0:89:06:05:0e:eb:c2:01:26:
6f:be:d2:98:67:e9:d5:e4:26:b5:22:2a:d9:f3:e1:
94:25:85:4c:4f:4a:a1:44:9e:9e:c9:62:46:95:14:
6c:b3:42:8f:cd:87:6d:5a:40:f5:49:c0:e7:99:c3:
c7:9d:56:f9:3c:99:08:1a:2d:6f:24:d4:83:b0:42:
b9:af:ad:7b:b9:b7:cf:a5:e0:15:b6:ae:b6:2e:86:
5f:44:98:d9:58:f6:99:d4:a6:d7:fe:24:48:01:87:
9c:9e:5c:a1:77:4d:80:3a:dd:22:fe:02:98:e4:8a:
be:0f:16:55:a9:dd:61:03:20:79:20:7e:3d:a4:7c:
b5:d3:85:7b:4a:fe:65:52:b8:4f:4b:23:ac:16:a4:
d7:e2:0a:8b:72:e5:c2:94:4a:55:c7:35:e4:f4:3c:
ac:4d:c3:96:1c:24:a4:9e:b8:3a:ff:a7:60:35:ce:
88:1b:6b:9d:6d:f0:48:f2:74:8a:ef:73:4b:70:67:
6e:c9:26:0d:52:6e:8a:2d:39:b3:08:7e:81:52:60:
b0:39:5d:5d:54:26:e1:ec:79:ac:88:cd:9f:29:4d:
8c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:35:C2:F9:32:9A:D8:4A:98:C3:33:19:A3:16:9F:B6:9E:DA:57:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CD15EDAE2D311EFB66703BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.179.0/24
Signature Algorithm: sha256WithRSAEncryption
21:75:5d:cf:df:90:5c:60:82:31:43:9c:b1:9f:da:55:32:11:
63:8e:5c:64:13:f9:e8:68:8c:e2:18:92:1e:50:68:7e:dc:e2:
87:aa:75:f9:90:9d:49:fc:fa:63:12:6a:3c:7a:ba:b5:79:09:
54:bc:84:44:b1:45:ea:df:6d:4b:b1:74:87:ad:03:4d:82:cf:
06:90:31:e8:98:36:45:cd:d5:ac:b8:e8:9d:ad:45:7b:a0:ff:
2f:52:51:fe:16:1d:b4:bb:8f:15:f1:dd:28:91:5c:e3:d0:75:
61:d3:6a:9f:20:a4:30:9d:e2:73:1a:e7:6b:78:0b:f8:29:86:
30:e8:b8:3f:87:ab:00:17:48:78:93:7a:12:66:fd:fa:1e:34:
0e:37:6f:14:ff:68:c8:35:8a:15:98:ab:03:b4:aa:2f:c4:c8:
92:c0:d5:7a:00:39:1e:6d:0e:36:0e:af:34:5f:a3:1a:84:79:
c3:c5:9d:57:25:d8:77:ea:60:c6:b5:dd:c7:7d:92:3a:bd:7a:
b1:dd:be:63:bc:b6:b6:56:09:67:a0:28:77:1b:47:12:10:34:
ef:ef:0f:8d:54:4f:41:14:0c:bb:d5:9b:40:28:68:a1:4b:3d:
c7:85:d5:00:99:b3:2d:ed:3b:c4:b7:93:de:82:58:58:c8:0d:
25:ce:3b:ae
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVCsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDgzNTUxWhcNMjUwNDMwMDgzNTUxWjAYMRYw
FAYDVQQDEw02N2ExZDE2Yi1jODE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ifRJGOF8pBg0zbGVgbtBGLxHzQL+hYjPKfKgbfcpbuyy7vwiQYFDuvC
ASZvvtKYZ+nV5Ca1IirZ8+GUJYVMT0qhRJ6eyWJGlRRss0KPzYdtWkD1ScDnmcPH
nVb5PJkIGi1vJNSDsEK5r617ubfPpeAVtq62LoZfRJjZWPaZ1KbX/iRIAYecnlyh
d02AOt0i/gKY5Iq+DxZVqd1hAyB5IH49pHy104V7Sv5lUrhPSyOsFqTX4gqLcuXC
lEpVxzXk9DysTcOWHCSknrg6/6dgNc6IG2udbfBI8nSK73NLcGduySYNUm6KLTmz
CH6BUmCwOV1dVCbh7HmsiM2fKU2MRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE41
wvkymthKmMMzGaMWn7ae2lekMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQ0QxNUVEQUUyRDMxMUVGQjY2NzAzQkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKzMA0GCSqGSIb3DQEB
CwUAA4IBAQAhdV3P35BcYIIxQ5yxn9pVMhFjjlxkE/noaIziGJIeUGh+3OKHqnX5
kJ1J/PpjEmo8erq1eQlUvIREsUXq321LsXSHrQNNgs8GkDHomDZFzdWsuOidrUV7
oP8vUlH+Fh20u48V8d0okVzj0HVh02qfIKQwneJzGudreAv4KYYw6Lg/h6sAF0h4
k3oSZv36HjQON28U/2jINYoVmKsDtKovxMiSwNV6ADkebQ42Dq80X6MahHnDxZ1X
Jdh36mDGtd3HfZI6vXqx3b5jvLa2VglnoCh3G0cSEDTv7w+NVE9BFAy71ZtAKGih
Sz3HhdUAmbMt7TvEt5PeglhYyA0lzjuu
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:02:21 2025 by rpki-client