Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/211BAB88093011F099DBE461762E951A.roa
File: 211BAB88093011F099DBE461762E951A.roa (raw, json)
Hash identifier: SaGhltHbFw6QwFbQlBfDd6BoAnMjYDjIzKovt4nv//I=
Subject key identifier: D6:C9:1B:12:20:E4:09:60:E2:44:6A:58:60:AF:DF:EA:EC:C6:C7:C2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0175E7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/211BAB88093011F099DBE461762E951A.roa
Signing time: Tue 25 Mar 2025 04:17:57 +0000
ROA not before: Tue 25 Mar 2025 04:17:53 +0000
ROA not after: Mon 14 Apr 2025 04:17:53 +0000
asID: 133180
IP address blocks: 154.214.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95719 (0x175e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 04:17:53 2025 GMT
Not After : Apr 14 04:17:53 2025 GMT
Subject: CN=67e22e75-319f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cc:23:35:2f:c6:fa:f0:c5:b9:06:2a:35:50:
5b:21:53:f7:82:36:0e:5d:77:ba:a7:e7:ea:44:da:
9d:34:2b:17:28:59:ef:15:25:25:31:7f:99:9c:29:
eb:53:36:83:4b:2c:5c:df:db:c0:b1:fd:65:1c:e6:
a2:db:2d:cc:dc:bb:7b:ea:51:eb:5a:75:96:4e:a1:
35:06:29:ce:ee:65:75:20:ae:2b:79:02:db:a1:30:
fc:f7:55:a6:3c:16:6d:be:ed:14:ee:01:08:67:ea:
97:a1:a7:7f:8d:40:db:b4:7a:ad:ba:88:81:e0:2c:
3e:32:e5:ba:8c:06:1d:dc:59:32:7e:65:ed:e5:e1:
c4:f1:6f:aa:f3:6c:d5:05:73:8c:92:47:af:61:e7:
6c:05:60:ba:81:6a:5a:0c:ec:08:3d:f9:25:5d:4e:
e4:41:d0:bb:5d:20:65:85:d4:90:91:a6:db:80:57:
c7:fc:fb:62:11:38:a9:73:2a:fc:d8:87:4a:53:0e:
ad:db:0c:dd:c0:1f:f4:09:d2:78:b0:39:09:77:ee:
25:45:b7:89:4c:43:2c:fa:be:9d:db:b9:ae:01:b3:
03:d9:e7:07:63:0b:f2:60:45:c7:46:b1:97:b1:d8:
5a:6a:a3:f8:be:0a:43:b4:cc:68:d5:85:7b:e1:08:
0e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C9:1B:12:20:E4:09:60:E2:44:6A:58:60:AF:DF:EA:EC:C6:C7:C2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/211BAB88093011F099DBE461762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.64.0/18
Signature Algorithm: sha256WithRSAEncryption
74:ab:88:d8:79:7d:d5:05:ce:1f:df:69:d6:d2:90:18:9b:80:
f6:54:b6:61:d8:08:32:de:e8:15:af:02:25:ea:da:4f:b6:01:
42:b8:38:61:89:ac:f1:c6:8c:32:13:8d:f1:08:94:5d:08:97:
02:7a:fe:80:76:c8:33:e7:54:bd:37:5a:d9:16:4c:f8:a6:b9:
9c:c5:14:8e:6e:d6:9d:74:9d:52:30:78:c5:60:10:74:e2:1a:
91:69:e7:c3:1a:ca:9b:20:59:50:1e:99:50:82:cd:78:f2:67:
34:da:ee:e7:46:2e:a6:ef:a1:f1:83:f5:c4:c9:72:b8:3b:11:
66:53:17:93:c6:df:d9:fd:d2:8d:e1:25:19:c7:70:c5:31:41:
e7:29:2b:20:6e:9b:73:54:9b:4b:67:97:8a:fa:20:6f:53:e7:
66:67:f8:8a:1d:9d:18:87:46:51:5b:16:44:cc:62:40:d1:fd:
8c:fe:81:cb:cf:48:54:13:04:46:11:44:69:bf:2c:f8:d8:ae:
f7:94:fc:92:79:06:d0:1f:6f:7f:f5:2b:4e:05:aa:ff:ca:70:
7f:b7:32:f9:0f:94:c2:ee:53:18:14:40:21:f0:06:25:89:91:
8f:26:af:0f:c6:d9:b9:e9:b9:1e:67:d9:61:86:e3:e7:5c:a8:
8b:0d:22:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXXnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MDQxNzUzWhcNMjUwNDE0MDQxNzUzWjAYMRYw
FAYDVQQDEw02N2UyMmU3NS0zMTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzswjNS/G+vDFuQYqNVBbIVP3gjYOXXe6p+fqRNqdNCsXKFnvFSUlMX+Z
nCnrUzaDSyxc39vAsf1lHOai2y3M3Lt76lHrWnWWTqE1BinO7mV1IK4reQLboTD8
91WmPBZtvu0U7gEIZ+qXoad/jUDbtHqtuoiB4Cw+MuW6jAYd3FkyfmXt5eHE8W+q
82zVBXOMkkevYedsBWC6gWpaDOwIPfklXU7kQdC7XSBlhdSQkabbgFfH/PtiETip
cyr82IdKUw6t2wzdwB/0CdJ4sDkJd+4lRbeJTEMs+r6d27muAbMD2ecHYwvyYEXH
RrGXsdhaaqP4vgpDtMxo1YV74QgOfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNbJ
GxIg5Alg4kRqWGCv3+rsxsfCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTFCQUI4ODA5MzAxMUYwOTlEQkU0NjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtZAMA0GCSqGSIb3DQEB
CwUAA4IBAQB0q4jYeX3VBc4f32nW0pAYm4D2VLZh2Agy3ugVrwIl6tpPtgFCuDhh
iazxxowyE43xCJRdCJcCev6Adsgz51S9N1rZFkz4prmcxRSObtaddJ1SMHjFYBB0
4hqRaefDGsqbIFlQHplQgs148mc02u7nRi6m76Hxg/XEyXK4OxFmUxeTxt/Z/dKN
4SUZx3DFMUHnKSsgbptzVJtLZ5eK+iBvU+dmZ/iKHZ0Yh0ZRWxZEzGJA0f2M/oHL
z0hUEwRGEURpvyz42K73lPySeQbQH29/9StOBar/ynB/tzL5D5TC7lMYFEAh8AYl
iZGPJq8Pxtm56bkeZ9lhhuPnXKiLDSJb
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:55:18 2025 by rpki-client