Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D1AAAA0F61411EFA3BC365B762E951A.roa
File: 0D1AAAA0F61411EFA3BC365B762E951A.roa (raw, json)
Hash identifier: YkVRdA6dWL+aWeek6p39uPtObGuIjzX4sib1wxxG88I=
Subject key identifier: AE:B4:3E:36:85:EA:9C:9C:51:C9:26:C7:CC:66:83:8A:09:59:FF:B4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016C01
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D1AAAA0F61411EFA3BC365B762E951A.roa
Signing time: Fri 28 Feb 2025 20:39:05 +0000
ROA not before: Fri 28 Feb 2025 20:39:02 +0000
ROA not after: Sun 13 Apr 2025 20:39:02 +0000
asID: 138915
IP address blocks: 154.206.76.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93185 (0x16c01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 20:39:02 2025 GMT
Not After : Apr 13 20:39:02 2025 GMT
Subject: CN=67c21ee9-15a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:33:65:6b:38:69:53:1c:0e:7a:e4:27:e9:42:
f0:a1:cf:bc:12:c7:cd:5a:1b:fc:54:02:19:7a:2f:
ae:7f:c5:e8:4c:9b:c0:bb:2c:fb:75:7f:7f:84:7c:
c2:26:01:98:cc:92:3b:77:aa:77:56:cc:fa:3b:4b:
82:11:de:88:32:87:e3:cf:20:94:43:95:a2:36:cf:
33:74:fc:70:82:7d:3e:59:79:d1:7b:4d:4d:71:8b:
89:d1:47:3c:a0:50:69:a7:d6:cb:0a:cd:ca:1d:8f:
47:e0:12:90:ee:d6:33:aa:fd:57:dd:da:92:50:94:
be:1d:c5:80:04:8d:0e:5b:3f:19:95:78:c6:76:da:
ad:db:90:cf:9b:c8:65:4a:24:a1:72:30:ac:ee:73:
a1:b8:0a:d8:8f:f8:21:5a:ad:af:de:8c:77:84:dd:
07:a1:6f:aa:e9:15:fb:26:3c:a5:df:f1:a5:10:dd:
c3:8b:9b:4b:07:b9:7b:54:34:9c:15:fc:67:4d:1c:
66:45:f3:55:84:89:e8:73:91:b3:d1:3c:dc:ac:05:
24:28:d3:7d:77:fa:7f:a5:93:05:97:29:e7:4f:c9:
a6:f4:58:07:7a:90:c2:67:7e:9b:93:45:f2:2d:ef:
b4:94:06:d9:ee:ee:8d:e8:80:ee:79:70:9f:85:41:
b3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B4:3E:36:85:EA:9C:9C:51:C9:26:C7:CC:66:83:8A:09:59:FF:B4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D1AAAA0F61411EFA3BC365B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.76.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:08:ef:00:67:37:06:83:9c:2c:bf:b5:e4:69:bd:8c:a6:fc:
71:93:7f:bf:ef:e5:54:7f:ea:73:ba:1a:f6:d3:fe:7c:22:0e:
30:22:a4:26:b6:b8:dd:07:16:08:42:7d:50:86:13:c4:f8:b1:
08:32:98:e3:5a:a4:52:48:05:0b:b0:c4:c6:a9:77:d9:c4:5b:
89:a5:16:8f:bb:81:73:e7:00:7f:28:dd:7b:74:9a:69:95:ad:
ee:89:d9:79:27:3c:a6:0d:56:1b:91:d8:7c:11:ed:07:a6:1b:
b1:d9:e0:4a:40:53:cb:99:27:ab:eb:b9:05:9f:02:5d:6f:67:
8e:a7:eb:76:a9:dd:d1:19:9f:96:17:9b:da:af:ad:aa:14:2b:
e1:5f:d3:64:83:2b:aa:5d:47:22:a7:b1:80:7f:1b:26:40:90:
04:ee:e6:fe:48:dd:83:8f:79:6f:06:f6:07:41:da:91:09:0e:
99:e1:02:9e:a2:30:6d:3d:b9:89:84:80:59:b2:a7:d4:80:12:
c7:aa:26:f2:37:cb:7c:ce:0b:12:18:3c:93:b7:79:bc:07:0a:
43:c3:a9:31:33:0d:40:f6:84:e3:63:8b:44:28:bd:c6:4b:ea:
d6:5d:bb:03:df:bd:73:13:4b:4d:21:e5:d5:a6:21:1e:89:87:
da:a8:8c:26
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWwBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjAzOTAyWhcNMjUwNDEzMjAzOTAyWjAYMRYw
FAYDVQQDEw02N2MyMWVlOS0xNWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxzNlazhpUxwOeuQn6ULwoc+8EsfNWhv8VAIZei+uf8XoTJvAuyz7dX9/
hHzCJgGYzJI7d6p3Vsz6O0uCEd6IMofjzyCUQ5WiNs8zdPxwgn0+WXnRe01NcYuJ
0Uc8oFBpp9bLCs3KHY9H4BKQ7tYzqv1X3dqSUJS+HcWABI0OWz8ZlXjGdtqt25DP
m8hlSiShcjCs7nOhuArYj/ghWq2v3ox3hN0HoW+q6RX7Jjyl3/GlEN3Di5tLB7l7
VDScFfxnTRxmRfNVhInoc5Gz0TzcrAUkKNN9d/p/pZMFlynnT8mm9FgHepDCZ36b
k0XyLe+0lAbZ7u6N6IDueXCfhUGzrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK60
PjaF6pycUckmx8xmg4oJWf+0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRDFBQUFBMEY2MTQxMUVGQTNCQzM2NUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms5MMA0GCSqGSIb3DQEB
CwUAA4IBAQCdCO8AZzcGg5wsv7Xkab2Mpvxxk3+/7+VUf+pzuhr20/58Ig4wIqQm
trjdBxYIQn1QhhPE+LEIMpjjWqRSSAULsMTGqXfZxFuJpRaPu4Fz5wB/KN17dJpp
la3uidl5JzymDVYbkdh8Ee0Hphux2eBKQFPLmSer67kFnwJdb2eOp+t2qd3RGZ+W
F5var62qFCvhX9NkgyuqXUcip7GAfxsmQJAE7ub+SN2Dj3lvBvYHQdqRCQ6Z4QKe
ojBtPbmJhIBZsqfUgBLHqibyN8t8zgsSGDyTt3m8BwpDw6kxMw1A9oTjY4tEKL3G
S+rWXbsD371zE0tNIeXVpiEeiYfaqIwm
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:25 2025 by rpki-client