Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18358E1CF49F11EF9E75B754762E951A.roa
File: 18358E1CF49F11EF9E75B754762E951A.roa (raw, json)
Hash identifier: LCRAb8Er5QhvdSCzM9T/Bvbkau89ZOo6ZKe+MDOzbvg=
Subject key identifier: 7A:5E:3C:9F:05:BD:D8:54:CC:C1:12:C2:1A:F2:32:3E:41:AB:60:04
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0165F7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18358E1CF49F11EF9E75B754762E951A.roa
Signing time: Thu 27 Feb 2025 00:09:21 +0000
ROA not before: Thu 27 Feb 2025 00:00:17 +0000
ROA not after: Sat 19 Feb 2028 00:00:17 +0000
asID: 17561
IP address blocks: 154.94.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91639 (0x165f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 00:00:17 2025 GMT
Not After : Feb 19 00:00:17 2028 GMT
Subject: CN=67bfad31-e554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:af:f1:e9:f6:47:d0:95:80:84:c5:70:4d:f2:
de:4a:80:36:a6:15:3b:8a:50:e6:db:1d:76:a1:5a:
4a:5a:4d:06:d6:fb:78:cc:9b:db:78:28:53:3b:ac:
49:ce:58:21:c6:10:14:05:7f:78:a0:d9:d9:eb:bc:
01:89:2f:0a:3d:b4:01:1d:76:29:43:25:6d:91:da:
88:d6:d9:dd:fc:1d:4f:29:c3:e0:9b:79:ee:5f:e1:
f0:ff:1c:ff:3d:b7:c5:a3:36:77:11:bc:78:af:5b:
32:78:5a:28:eb:20:43:51:c1:c0:48:50:f3:3d:3e:
ed:dc:8c:a6:d3:2a:5b:d2:ee:82:b4:40:5c:8f:f1:
0b:b0:64:dd:73:a4:4c:80:59:d7:f7:c8:e9:ce:a4:
4c:ab:d5:57:05:9b:9a:59:bb:41:a3:a2:b2:7c:97:
aa:32:2e:b2:06:59:a4:bf:4f:2e:ab:f6:40:71:52:
1f:72:e7:a6:b0:2d:60:96:fa:52:66:44:41:97:1e:
c3:e5:4f:86:03:22:2b:c1:2a:f8:53:4c:5a:c6:f7:
1f:1b:0c:80:65:13:43:cd:85:77:8b:51:87:23:b8:
8b:f7:95:3a:24:38:c5:ab:b1:03:c0:0b:39:e1:d9:
81:b3:ec:77:fa:73:60:5d:25:41:e0:e2:96:bf:aa:
10:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:5E:3C:9F:05:BD:D8:54:CC:C1:12:C2:1A:F2:32:3E:41:AB:60:04
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18358E1CF49F11EF9E75B754762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.237.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:d2:6c:65:d9:1f:5d:c4:61:0e:2b:21:60:4e:0e:72:da:40:
5f:18:7f:f8:fe:4c:f4:52:76:5a:e7:bc:44:36:a1:72:9b:61:
11:be:9b:d2:82:50:ef:51:cf:3d:e0:a8:80:4b:cf:92:61:8a:
81:11:0b:f9:17:5e:c5:01:3c:a2:22:c3:0f:f6:85:7f:bf:0d:
0a:3c:cd:d6:d0:db:f1:68:e1:63:7b:6a:b1:18:8b:64:14:67:
cb:0f:81:42:25:2d:a4:3b:96:e2:0b:d4:5b:cc:27:92:96:f6:
d0:b8:e4:ed:ed:59:4a:65:ef:3d:9b:b8:4c:f1:b0:52:51:65:
73:c3:d7:31:19:84:f3:64:4e:3e:4a:4c:39:1e:99:c6:c8:74:
ec:39:5c:1d:c3:eb:74:42:ef:23:5e:36:f9:c5:77:36:62:c6:
45:cc:f7:b8:51:25:e1:ce:6f:7a:fb:8d:30:ba:bb:aa:c8:9a:
41:90:2b:4b:ee:1a:5a:19:0a:46:14:4e:4b:a9:36:22:18:19:
82:be:f6:44:e9:67:ed:e0:0e:4f:b6:ed:49:36:8c:5a:b7:99:
07:c7:82:d3:8a:bb:30:76:f7:c9:8f:81:e9:52:2a:af:70:9b:
3b:64:8d:69:c1:75:c7:d3:a9:a5:6e:61:c9:06:ce:39:d8:9f:
6e:0e:07:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWX3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDAwMDE3WhcNMjgwMjE5MDAwMDE3WjAYMRYw
FAYDVQQDEw02N2JmYWQzMS1lNTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA26/x6fZH0JWAhMVwTfLeSoA2phU7ilDm2x12oVpKWk0G1vt4zJvbeChT
O6xJzlghxhAUBX94oNnZ67wBiS8KPbQBHXYpQyVtkdqI1tnd/B1PKcPgm3nuX+Hw
/xz/PbfFozZ3Ebx4r1syeFoo6yBDUcHASFDzPT7t3Iym0ypb0u6CtEBcj/ELsGTd
c6RMgFnX98jpzqRMq9VXBZuaWbtBo6KyfJeqMi6yBlmkv08uq/ZAcVIfcuemsC1g
lvpSZkRBlx7D5U+GAyIrwSr4U0xaxvcfGwyAZRNDzYV3i1GHI7iL95U6JDjFq7ED
wAs54dmBs+x3+nNgXSVB4OKWv6oQjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHpe
PJ8FvdhUzMESwhryMj5Bq2AEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xODM1OEUxQ0Y0OUYxMUVGOUU3NUI3NTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml7tMA0GCSqGSIb3DQEB
CwUAA4IBAQBO0mxl2R9dxGEOKyFgTg5y2kBfGH/4/kz0UnZa57xENqFym2ERvpvS
glDvUc894KiAS8+SYYqBEQv5F17FATyiIsMP9oV/vw0KPM3W0NvxaOFje2qxGItk
FGfLD4FCJS2kO5biC9RbzCeSlvbQuOTt7VlKZe89m7hM8bBSUWVzw9cxGYTzZE4+
Skw5HpnGyHTsOVwdw+t0Qu8jXjb5xXc2YsZFzPe4USXhzm96+40wuruqyJpBkCtL
7hpaGQpGFE5LqTYiGBmCvvZE6Wft4A5Ptu1JNoxat5kHx4LTirswdvfJj4HpUiqv
cJs7ZI1pwXXH06mlbmHJBs452J9uDgdC
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:21:13 2025 by rpki-client