Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F9302F4F35411EF9AD42475762E951A.roa
File: 0F9302F4F35411EF9AD42475762E951A.roa (raw, json)
Hash identifier: oWqIlS2yPmFyj+hc3YKkQICT3NN+t0Iki6GOWo4IjaU=
Subject key identifier: CD:F7:59:DF:0A:C0:45:B5:CB:0D:50:19:D7:33:85:FF:F7:8E:D8:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015DB2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F9302F4F35411EF9AD42475762E951A.roa
Signing time: Tue 25 Feb 2025 08:39:44 +0000
ROA not before: Tue 25 Feb 2025 08:39:40 +0000
ROA not after: Mon 07 Apr 2025 08:39:40 +0000
asID: 63139
IP address blocks: 154.223.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89522 (0x15db2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 08:39:40 2025 GMT
Not After : Apr 7 08:39:40 2025 GMT
Subject: CN=67bd81cf-056c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:4e:97:36:3a:6b:a5:80:34:ed:7c:26:2c:30:
3a:ab:48:ff:3d:ac:dd:da:6e:a1:c5:e7:c7:b9:1f:
f1:1e:ae:60:9d:dc:de:f8:f5:e1:3b:93:c8:4b:2f:
47:75:58:2c:8b:b9:28:9f:c0:da:7e:d9:aa:c4:f8:
41:13:1d:ba:18:94:c5:93:6a:db:d3:df:6a:2f:65:
b8:a0:9a:c4:36:8c:b1:8f:3b:95:f4:8b:df:e4:0b:
b1:d9:eb:12:ef:9d:c8:bf:c7:97:86:03:d8:64:3f:
1e:75:6c:63:6e:bd:d6:79:d2:42:44:5b:7a:9f:bc:
39:a7:12:92:a7:5d:99:18:b5:e4:c1:0d:80:7f:9b:
dc:1b:21:c4:a1:71:b2:ce:84:9c:14:80:44:c4:a4:
c7:6b:11:37:ee:f1:b5:b9:9c:98:71:1f:cb:e2:a2:
c0:5f:94:4d:8b:7a:a4:e4:00:5c:03:8a:7e:4d:be:
ae:68:1c:89:28:3e:d4:92:cf:c1:34:73:44:96:a0:
f1:37:5c:bf:92:ef:9c:2f:79:b5:e7:93:3e:8c:16:
9f:eb:e9:56:aa:56:44:81:72:d8:5d:93:a2:a5:8f:
fc:b7:d2:6c:15:fe:ef:0f:62:f6:4e:e4:93:26:ab:
e7:ad:a7:7a:94:e9:34:c3:80:9d:67:05:d4:bd:31:
45:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F7:59:DF:0A:C0:45:B5:CB:0D:50:19:D7:33:85:FF:F7:8E:D8:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F9302F4F35411EF9AD42475762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.50.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:69:83:8d:e1:fc:52:d6:ab:83:e1:f2:f5:79:d9:89:1f:81:
e8:45:31:59:8d:49:cb:36:a0:da:10:f9:38:88:14:c5:28:7b:
0b:b6:bf:73:54:ec:2d:a8:45:e1:5a:18:07:c4:c6:fa:ec:c6:
a7:2a:df:fe:30:63:8c:66:be:5e:67:53:b4:87:2a:1b:46:ca:
32:77:29:6a:de:10:d0:61:69:c1:b5:21:98:d2:ec:0c:0f:38:
09:50:e1:01:11:7c:c6:08:9e:2a:14:3f:a6:98:49:6d:43:fa:
2d:9d:b2:65:82:c7:10:cc:89:f7:78:f7:f1:73:af:e4:a4:e2:
1a:ac:bc:88:66:24:2b:83:4d:6b:62:03:d3:e8:1c:ff:a9:e5:
37:80:4e:b6:5d:b9:22:84:30:0d:5c:5a:e9:62:b6:e1:df:ee:
9b:3a:62:6e:5c:b3:85:8c:46:36:05:2a:c7:4f:0a:84:64:98:
15:c0:69:63:ef:d0:47:b7:ce:fd:c6:24:f2:3c:0f:19:cc:03:
d4:b8:6f:92:a9:71:a9:38:10:e7:6d:f8:d3:6a:69:cd:51:60:
5b:9a:8e:ee:40:a4:80:75:f1:f7:3c:b6:26:be:f5:3f:76:7d:
90:de:c8:66:a9:34:1d:9b:14:db:40:94:ea:04:22:15:cf:6c:
e4:4a:14:03
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV2yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDgzOTQwWhcNMjUwNDA3MDgzOTQwWjAYMRYw
FAYDVQQDEw02N2JkODFjZi0wNTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4E6XNjprpYA07XwmLDA6q0j/Pazd2m6hxefHuR/xHq5gndze+PXhO5PI
Sy9HdVgsi7kon8DaftmqxPhBEx26GJTFk2rb099qL2W4oJrENoyxjzuV9Ivf5Aux
2esS753Iv8eXhgPYZD8edWxjbr3WedJCRFt6n7w5pxKSp12ZGLXkwQ2Af5vcGyHE
oXGyzoScFIBExKTHaxE37vG1uZyYcR/L4qLAX5RNi3qk5ABcA4p+Tb6uaByJKD7U
ks/BNHNElqDxN1y/ku+cL3m155M+jBaf6+lWqlZEgXLYXZOipY/8t9JsFf7vD2L2
TuSTJqvnrad6lOk0w4CdZwXUvTFFCQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM33
Wd8KwEW1yw1QGdczhf/3jtioMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRjkzMDJGNEYzNTQxMUVGOUFENDI0NzU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8yMA0GCSqGSIb3DQEB
CwUAA4IBAQALaYON4fxS1quD4fL1edmJH4HoRTFZjUnLNqDaEPk4iBTFKHsLtr9z
VOwtqEXhWhgHxMb67ManKt/+MGOMZr5eZ1O0hyobRsoydylq3hDQYWnBtSGY0uwM
DzgJUOEBEXzGCJ4qFD+mmEltQ/otnbJlgscQzIn3ePfxc6/kpOIarLyIZiQrg01r
YgPT6Bz/qeU3gE62XbkihDANXFrpYrbh3+6bOmJuXLOFjEY2BSrHTwqEZJgVwGlj
79BHt879xiTyPA8ZzAPUuG+SqXGpOBDnbfjTamnNUWBbmo7uQKSAdfH3PLYmvvU/
dn2Q3shmqTQdmxTbQJTqBCIVz2zkShQD
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:57 2025 by rpki-client