Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AF74FEEF62C11EF95DFC77B762E951A.roa
File: 1AF74FEEF62C11EF95DFC77B762E951A.roa (raw, json)
Hash identifier: WiLHw6BJIzseOyQryzoC0Cq8WTqwcGkkjtrMp6bPX7c=
Subject key identifier: 9A:3E:5F:47:1F:BC:A4:4E:E8:77:DC:D8:17:35:94:F0:FC:A3:D6:94
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CD3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AF74FEEF62C11EF95DFC77B762E951A.roa
Signing time: Fri 28 Feb 2025 23:31:16 +0000
ROA not before: Fri 28 Feb 2025 23:31:13 +0000
ROA not after: Sat 19 Apr 2025 23:31:13 +0000
asID: 138915
IP address blocks: 154.93.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93395 (0x16cd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 23:31:13 2025 GMT
Not After : Apr 19 23:31:13 2025 GMT
Subject: CN=67c24744-35ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ce:ea:38:02:48:0d:60:00:0a:77:d4:69:83:
ae:2a:04:ff:48:16:37:8b:af:f9:4c:76:85:f0:1b:
42:db:81:32:24:05:bc:9f:e7:0f:87:fb:57:e0:dd:
95:6d:e2:a7:a5:13:6c:d7:08:5a:b6:1b:5b:7f:68:
4b:d1:68:5d:1c:b8:c3:d3:66:d5:3f:89:b1:46:f6:
5f:17:b8:73:6a:5e:24:21:dc:79:bf:46:c5:08:f2:
4c:cb:90:d2:4c:ef:aa:56:aa:07:82:43:f1:0d:7b:
18:22:b4:17:6b:e0:6c:d6:36:85:01:80:af:8b:59:
03:91:7e:87:72:65:50:79:96:d7:fe:ef:2f:62:78:
79:de:a2:8f:06:74:d1:a9:89:ed:07:2e:15:c7:d1:
94:64:76:c4:51:f0:63:9f:4c:40:d4:38:08:1f:2b:
a2:4e:4a:63:53:4c:2e:1f:b7:d0:3a:15:59:e0:d6:
b8:60:e7:c2:10:d4:0f:98:93:eb:2f:1f:d5:77:d8:
f0:ef:9c:79:9f:b0:3e:08:6b:57:ae:cc:87:e5:aa:
ba:12:ec:f1:29:8a:b5:b5:23:06:4c:0d:67:96:d3:
51:12:c9:4d:57:62:55:60:50:7f:79:9e:56:62:23:
f0:20:3c:0a:a5:90:2a:ac:54:12:e3:e8:aa:27:7f:
af:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3E:5F:47:1F:BC:A4:4E:E8:77:DC:D8:17:35:94:F0:FC:A3:D6:94
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AF74FEEF62C11EF95DFC77B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.45.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:44:92:1e:69:5a:1d:cd:b4:82:b7:7d:7c:3f:42:d2:da:c6:
8a:98:8e:97:d8:b1:74:e6:26:73:2c:78:e1:f1:a6:98:48:14:
1b:88:92:97:46:8e:71:5e:53:37:f5:40:ee:31:70:17:e7:a2:
8d:d4:b8:46:0f:5c:0f:67:63:ff:b3:b5:31:49:a8:8d:5a:be:
f7:5b:a8:b9:bd:8e:9f:f2:e9:e7:34:17:59:f6:12:65:bc:bb:
0e:5a:e5:e0:78:97:9e:e3:23:2e:99:b5:43:c3:7b:ee:a0:08:
81:fb:b2:f5:53:da:48:d3:db:ea:78:a2:17:63:3a:7e:9c:7c:
11:8d:0e:bb:2f:68:85:6c:d2:e6:0d:4d:cb:70:48:4b:82:8f:
8d:90:1c:cc:94:e2:35:ba:5d:7b:af:16:e2:b5:7c:6a:77:1b:
b7:dc:29:de:2a:e2:b9:54:d0:13:43:4d:c6:58:4f:1b:a1:5d:
ff:b9:3b:7a:c2:3f:64:e2:74:6d:f6:a9:d7:19:62:d3:6c:28:
86:45:9c:6d:8c:32:58:b5:13:8d:08:53:76:7c:04:ae:9b:dd:
51:1a:c2:62:34:4c:9a:01:3e:1b:9d:4a:32:4a:ff:b8:e1:92:
7f:7b:6f:da:95:7d:10:2a:ca:e1:ca:4b:fe:01:30:fa:79:fb:
86:22:67:4a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWzTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjMzMTEzWhcNMjUwNDE5MjMzMTEzWjAYMRYw
FAYDVQQDEw02N2MyNDc0NC0zNWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvM7qOAJIDWAACnfUaYOuKgT/SBY3i6/5THaF8BtC24EyJAW8n+cPh/tX
4N2VbeKnpRNs1whathtbf2hL0WhdHLjD02bVP4mxRvZfF7hzal4kIdx5v0bFCPJM
y5DSTO+qVqoHgkPxDXsYIrQXa+Bs1jaFAYCvi1kDkX6HcmVQeZbX/u8vYnh53qKP
BnTRqYntBy4Vx9GUZHbEUfBjn0xA1DgIHyuiTkpjU0wuH7fQOhVZ4Na4YOfCENQP
mJPrLx/Vd9jw75x5n7A+CGtXrsyH5aq6EuzxKYq1tSMGTA1nltNREslNV2JVYFB/
eZ5WYiPwIDwKpZAqrFQS4+iqJ3+v5QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJo+
X0cfvKRO6Hfc2Bc1lPD8o9aUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQUY3NEZFRUY2MkMxMUVGOTVERkM3N0I3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml0tMA0GCSqGSIb3DQEB
CwUAA4IBAQAtRJIeaVodzbSCt318P0LS2saKmI6X2LF05iZzLHjh8aaYSBQbiJKX
Ro5xXlM39UDuMXAX56KN1LhGD1wPZ2P/s7UxSaiNWr73W6i5vY6f8unnNBdZ9hJl
vLsOWuXgeJee4yMumbVDw3vuoAiB+7L1U9pI09vqeKIXYzp+nHwRjQ67L2iFbNLm
DU3LcEhLgo+NkBzMlOI1ul17rxbitXxqdxu33CneKuK5VNATQ03GWE8boV3/uTt6
wj9k4nRt9qnXGWLTbCiGRZxtjDJYtRONCFN2fASum91RGsJiNEyaAT4bnUoySv+4
4ZJ/e2/alX0QKsrhykv+ATD6efuGImdK
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:27:15 2025 by rpki-client