Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14C65E78F35511EFA8D3197D762E951A.roa
File: 14C65E78F35511EFA8D3197D762E951A.roa (raw, json)
Hash identifier: Y22cvygdvPjEymPDvO7KjigGHP79SJm3TrJgKy3EjyY=
Subject key identifier: D9:3B:F8:A0:01:BA:FF:F1:93:9E:BE:C0:03:A7:8F:5D:C3:07:CC:14
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015DBE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14C65E78F35511EFA8D3197D762E951A.roa
Signing time: Tue 25 Feb 2025 08:47:02 +0000
ROA not before: Tue 25 Feb 2025 08:46:58 +0000
ROA not after: Mon 07 Apr 2025 08:46:58 +0000
asID: 138915
IP address blocks: 154.223.76.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89534 (0x15dbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 08:46:58 2025 GMT
Not After : Apr 7 08:46:58 2025 GMT
Subject: CN=67bd8386-2e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d0:bf:bd:79:4b:99:39:f6:49:6c:87:dd:45:
07:86:46:93:ae:81:39:4e:02:9d:40:d9:77:8e:e2:
e6:11:3a:02:8a:2f:1d:69:c7:47:53:83:ee:b3:af:
0d:cf:67:94:7e:fd:cd:af:09:c4:47:33:60:af:a2:
e5:ed:ce:bf:01:f2:95:e2:4c:1c:38:85:23:76:9f:
6a:f9:3b:99:8b:47:fb:8a:53:e1:7f:63:3d:96:0b:
12:6b:77:c6:62:29:7c:a2:96:bd:7a:c9:87:6b:8c:
1b:9c:22:31:36:af:a9:6a:72:19:c6:db:e1:15:4a:
c8:47:b1:53:25:42:42:5c:76:ef:b5:30:ca:4e:70:
f2:86:1b:d7:4b:a9:b3:22:ab:8d:67:18:6b:c6:24:
90:ec:83:61:e8:12:6e:5d:bc:cb:70:47:a6:98:c3:
fe:71:43:d5:c4:54:45:78:d5:eb:eb:20:f4:a0:02:
e8:8c:41:91:ab:0b:fb:92:7b:6d:27:e0:b0:64:eb:
0b:3c:b8:f6:73:72:92:ca:ba:ba:9a:c5:05:1c:3e:
7b:98:f8:5b:f1:a1:cf:fe:a8:1e:71:bb:a7:ee:88:
3b:c4:9f:73:61:0e:05:25:55:24:70:c8:f7:0b:d4:
ac:6f:8d:1c:2b:85:b8:6b:b5:64:ba:f7:d2:4a:91:
01:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3B:F8:A0:01:BA:FF:F1:93:9E:BE:C0:03:A7:8F:5D:C3:07:CC:14
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14C65E78F35511EFA8D3197D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.76.0/23
Signature Algorithm: sha256WithRSAEncryption
14:67:96:d4:9b:5f:5f:be:17:d6:1a:69:2d:24:1b:1e:44:c5:
b0:c8:d7:b9:58:a3:f0:88:c3:7c:52:a7:b8:86:47:2d:6b:2f:
d1:1a:2c:ec:85:89:70:d9:02:f1:d2:0b:9b:54:69:25:5f:68:
34:90:2b:14:fa:f4:33:98:2f:c4:7c:e4:e1:a9:0f:0a:5c:bf:
77:77:44:5e:c0:2b:3c:7b:fa:1e:7c:82:aa:ac:d9:ee:f3:6c:
c3:59:c7:e4:83:cf:8b:92:f6:70:b7:fa:3f:8a:5c:09:b1:ca:
ff:ab:b3:96:e7:62:05:33:14:fa:6f:c3:c0:99:fa:07:d8:70:
11:a8:32:db:4b:bc:c0:5d:5b:95:98:a9:2b:d3:22:95:d5:33:
35:d1:da:16:53:3e:ca:eb:10:70:99:3b:f2:e4:c4:26:87:dc:
e2:14:32:0c:b0:be:0c:e2:3d:92:5d:7a:9e:36:1d:96:d5:99:
c5:d2:01:81:40:05:d8:8f:d6:64:64:8c:02:aa:22:ab:b9:34:
a4:17:fc:66:39:ad:b7:fe:da:7d:d4:a7:94:cf:ce:af:94:76:
18:2d:f1:a3:74:9f:ed:fa:31:2e:75:83:ac:52:d3:78:52:a8:
21:b8:63:c5:d8:ce:95:4a:64:5e:0a:d8:09:54:38:39:17:cf:
9b:5f:b3:6b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV2+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDg0NjU4WhcNMjUwNDA3MDg0NjU4WjAYMRYw
FAYDVQQDEw02N2JkODM4Ni0yZTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1NC/vXlLmTn2SWyH3UUHhkaTroE5TgKdQNl3juLmEToCii8dacdHU4Pu
s68Nz2eUfv3NrwnERzNgr6Ll7c6/AfKV4kwcOIUjdp9q+TuZi0f7ilPhf2M9lgsS
a3fGYil8opa9esmHa4wbnCIxNq+panIZxtvhFUrIR7FTJUJCXHbvtTDKTnDyhhvX
S6mzIquNZxhrxiSQ7INh6BJuXbzLcEemmMP+cUPVxFRFeNXr6yD0oALojEGRqwv7
knttJ+CwZOsLPLj2c3KSyrq6msUFHD57mPhb8aHP/qgecbun7og7xJ9zYQ4FJVUk
cMj3C9Ssb40cK4W4a7VkuvfSSpEBKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNk7
+KABuv/xk56+wAOnj13DB8wUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNEM2NUU3OEYzNTUxMUVGQThEMzE5N0Q3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt9MMA0GCSqGSIb3DQEB
CwUAA4IBAQAUZ5bUm19fvhfWGmktJBseRMWwyNe5WKPwiMN8Uqe4hkctay/RGizs
hYlw2QLx0gubVGklX2g0kCsU+vQzmC/EfOThqQ8KXL93d0RewCs8e/oefIKqrNnu
82zDWcfkg8+LkvZwt/o/ilwJscr/q7OW52IFMxT6b8PAmfoH2HARqDLbS7zAXVuV
mKkr0yKV1TM10doWUz7K6xBwmTvy5MQmh9ziFDIMsL4M4j2SXXqeNh2W1ZnF0gGB
QAXYj9ZkZIwCqiKruTSkF/xmOa23/tp91KeUz86vlHYYLfGjdJ/t+jEudYOsUtN4
UqghuGPF2M6VSmReCtgJVDg5F8+bX7Nr
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:53:08 2025 by rpki-client