Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/155CDC82DB1711EF872CC898762E951A.roa
File: 155CDC82DB1711EF872CC898762E951A.roa (raw, json)
Hash identifier: JQ7Hv+6eZlFzObJn4tHa/t9lXwr91dp4F+7AUhp/lBo=
Subject key identifier: 72:9C:AD:EB:C6:65:3D:2B:6A:4A:CF:FC:7F:3E:CE:56:A3:84:E0:3B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014940
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/155CDC82DB1711EF872CC898762E951A.roa
Signing time: Sat 25 Jan 2025 12:22:46 +0000
ROA not before: Sat 25 Jan 2025 12:22:42 +0000
ROA not after: Mon 02 Feb 2026 12:22:42 +0000
asID: 132839
IP address blocks: 154.213.128.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84288 (0x14940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 25 12:22:42 2025 GMT
Not After : Feb 2 12:22:42 2026 GMT
Subject: CN=6794d796-91c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:58:09:6d:a8:55:9e:0d:aa:6d:6b:e1:51:1c:
63:58:d2:e6:67:82:04:39:90:e9:1c:8d:e3:51:ef:
8a:e4:ed:0e:89:90:63:8e:e2:d9:fe:90:0c:c9:33:
a5:e1:f5:8e:7d:82:9f:73:12:c0:b3:8e:28:28:42:
3a:f7:ab:cc:26:62:5f:cb:f4:ce:a9:0a:a9:bd:f9:
5e:92:26:f8:c7:0d:6f:ab:f2:33:32:89:03:ed:9a:
e5:17:6d:89:ae:02:47:e7:77:2a:1a:49:58:66:8f:
a9:69:5c:f4:a3:8e:d8:7f:5e:25:cb:78:11:74:f5:
f9:56:d7:1a:f2:fd:ff:10:54:ed:da:1f:8e:2a:7b:
d6:89:66:9e:c4:cd:7f:48:93:02:ea:d4:16:40:11:
1f:02:9f:73:70:56:05:df:94:0a:98:42:f9:2a:96:
fc:b6:a3:7d:ba:9d:2d:3d:3f:4b:5a:b3:66:98:d7:
51:26:f9:30:7c:e8:47:1d:d8:16:3c:97:3e:e5:11:
60:1a:6e:df:5a:7e:e8:0c:b0:4e:61:49:fd:f7:74:
a0:f2:dc:f7:6e:01:9f:9c:45:86:3f:0e:34:c1:f9:
dd:5f:ce:21:be:c9:28:e3:fa:52:a1:27:ab:1e:fb:
85:08:2c:f5:63:0e:17:8c:b8:f5:c4:8b:6f:39:75:
56:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9C:AD:EB:C6:65:3D:2B:6A:4A:CF:FC:7F:3E:CE:56:A3:84:E0:3B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/155CDC82DB1711EF872CC898762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.128.0/19
Signature Algorithm: sha256WithRSAEncryption
25:50:e8:25:d7:38:a6:7e:65:92:e6:53:2a:a5:6d:da:18:8c:
5e:ed:90:5b:34:f0:52:8c:69:cd:ad:1e:38:30:e2:a7:36:ad:
5a:c6:88:2c:d9:b6:b5:d1:81:bd:59:e6:0b:d9:cb:28:a8:4b:
37:8e:ce:42:5f:65:43:c8:8b:41:32:11:42:f8:f2:d8:51:d1:
ea:c2:50:00:49:db:aa:07:88:2a:7f:c7:f0:6a:c9:9b:2a:9a:
f8:7a:02:82:9d:c4:ce:69:f6:80:72:3b:d9:30:8c:d8:c8:72:
b3:6c:0d:20:9b:d5:c9:b2:0a:6b:6b:a9:64:d9:35:30:83:87:
33:8c:18:68:32:2d:19:79:0f:f3:87:fa:49:f1:e0:9a:ee:6f:
f8:32:ba:b6:b6:6f:2a:03:21:ed:af:31:a5:59:33:0a:6e:dd:
55:15:ba:b1:06:61:09:af:a1:41:84:67:d6:0f:9d:95:27:06:
29:d6:c9:c3:91:48:96:81:2f:8e:db:31:a6:fe:23:24:a0:a8:
d6:51:ff:e5:b3:03:e9:5a:7f:f0:e6:5e:19:85:f1:a8:9f:ec:
a4:0c:7a:52:de:6c:ad:29:6f:4c:5e:11:16:80:39:fb:62:e8:
30:55:cb:9a:37:4b:27:a0:90:3a:70:92:77:73:7f:75:f8:83:
3d:c7:b8:50
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUlAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTIyMjQyWhcNMjYwMjAyMTIyMjQyWjAYMRYw
FAYDVQQDEw02Nzk0ZDc5Ni05MWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzlgJbahVng2qbWvhURxjWNLmZ4IEOZDpHI3jUe+K5O0OiZBjjuLZ/pAM
yTOl4fWOfYKfcxLAs44oKEI696vMJmJfy/TOqQqpvflekib4xw1vq/IzMokD7Zrl
F22JrgJH53cqGklYZo+paVz0o47Yf14ly3gRdPX5Vtca8v3/EFTt2h+OKnvWiWae
xM1/SJMC6tQWQBEfAp9zcFYF35QKmEL5Kpb8tqN9up0tPT9LWrNmmNdRJvkwfOhH
HdgWPJc+5RFgGm7fWn7oDLBOYUn993Sg8tz3bgGfnEWGPw40wfndX84hvsko4/pS
oSerHvuFCCz1Yw4XjLj1xItvOXVWKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHKc
revGZT0rakrP/H8+zlajhOA7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNTVDREM4MkRCMTcxMUVGODcyQ0M4OTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtWAMA0GCSqGSIb3DQEB
CwUAA4IBAQAlUOgl1zimfmWS5lMqpW3aGIxe7ZBbNPBSjGnNrR44MOKnNq1axogs
2ba10YG9WeYL2csoqEs3js5CX2VDyItBMhFC+PLYUdHqwlAASduqB4gqf8fwasmb
Kpr4egKCncTOafaAcjvZMIzYyHKzbA0gm9XJsgpra6lk2TUwg4czjBhoMi0ZeQ/z
h/pJ8eCa7m/4Mrq2tm8qAyHtrzGlWTMKbt1VFbqxBmEJr6FBhGfWD52VJwYp1snD
kUiWgS+O2zGm/iMkoKjWUf/lswPpWn/w5l4ZhfGon+ykDHpS3mytKW9MXhEWgDn7
YugwVcuaN0snoJA6cJJ3c391+IM9x7hQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:07 2025 by rpki-client