Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21257E3CF99611EF996071B9762E951A.roa
File: 21257E3CF99611EF996071B9762E951A.roa (raw, json)
Hash identifier: 9EfbANf4jHDeic593muj7FjRqdWTBSqjobBOXFkVRmM=
Subject key identifier: 41:B6:82:4A:87:CC:A2:FD:38:14:EF:49:69:9B:B4:F1:11:7B:58:EB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017240
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21257E3CF99611EF996071B9762E951A.roa
Signing time: Wed 05 Mar 2025 07:47:47 +0000
ROA not before: Wed 05 Mar 2025 07:47:43 +0000
ROA not after: Sun 13 Apr 2025 07:47:43 +0000
asID: 211826
IP address blocks: 154.197.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94784 (0x17240)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 5 07:47:43 2025 GMT
Not After : Apr 13 07:47:43 2025 GMT
Subject: CN=67c801a3-5596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:92:68:b7:06:68:84:71:b5:27:8c:6a:3b:
ae:4b:0d:fd:11:74:3b:dd:9f:d4:e9:b4:4d:b8:e2:
e2:64:e7:45:a7:71:8a:b7:ed:af:28:71:d5:e2:d9:
73:0d:54:c5:7c:18:4b:51:8f:de:13:71:dd:69:a5:
f1:be:dc:d7:d7:09:cc:85:06:20:0e:75:3e:b1:26:
77:e7:86:f0:dd:77:51:53:d0:3d:a7:86:bd:5d:42:
c7:dc:68:28:fc:63:46:47:ae:64:dc:6c:10:e1:55:
cc:a1:86:35:a2:fe:1a:29:48:13:f4:f3:f5:05:fa:
ea:86:46:ac:e3:91:e6:c4:82:5d:b9:5c:7a:fa:99:
20:97:37:d9:6a:ca:08:05:d3:e5:11:8e:c2:2a:06:
18:1d:cd:9e:78:c5:38:af:7f:51:4a:f0:b1:96:ee:
82:ee:b8:c1:3e:f8:33:90:4b:8e:97:02:3d:f3:2a:
be:97:aa:12:9d:97:bf:a5:e6:94:fc:a7:4e:ba:f2:
a7:d7:ce:1b:94:47:88:01:51:4d:13:d5:75:88:34:
a8:03:ea:35:8d:4c:61:02:86:b5:e9:ce:c0:87:36:
57:f8:71:82:0c:93:22:4a:66:4d:72:60:74:18:5b:
11:05:37:8b:11:e7:bd:a6:3b:84:4f:48:10:28:c9:
b4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B6:82:4A:87:CC:A2:FD:38:14:EF:49:69:9B:B4:F1:11:7B:58:EB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21257E3CF99611EF996071B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.91.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a3:94:dc:ef:b2:e4:68:36:cf:7f:9e:b8:bb:63:45:ef:1c:
e2:2a:70:dc:81:52:51:a2:fd:7b:ae:6a:ad:c4:38:f7:bc:7b:
aa:83:2b:5f:ed:b2:86:c0:cc:47:5e:50:6b:2c:1e:08:6b:12:
67:c5:1a:3b:fe:99:95:dc:61:72:b5:e1:b7:25:25:a8:f9:51:
c9:7b:08:f9:2b:a7:03:cf:f1:42:bd:08:72:52:2e:fa:e2:84:
f8:da:06:63:34:96:40:6d:c1:36:71:75:44:7e:20:60:69:7b:
fd:e4:b1:fa:89:c6:82:4d:f5:b2:04:53:bc:d6:b8:a7:ac:ab:
d3:66:0c:22:74:8a:8b:7b:f6:65:58:ad:83:db:e4:97:f0:11:
82:e1:c9:39:df:a1:45:aa:47:34:22:22:d1:f1:80:11:68:28:
d5:53:50:25:50:59:18:99:31:71:aa:8a:4c:85:a1:1f:f2:96:
77:fb:b7:74:b8:85:79:9c:24:11:1e:0f:d5:f2:f4:ec:61:76:
ca:10:4c:c9:f8:c1:46:d5:d3:6c:6d:4e:91:98:f4:bf:6c:f2:
7d:5d:fc:b3:42:80:d3:42:bc:cc:77:cb:a1:b4:10:33:40:27:
03:92:04:78:5d:e8:86:d4:bb:6b:01:3d:6b:48:3f:a0:27:b9:
c7:b8:62:0b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXJAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA1MDc0NzQzWhcNMjUwNDEzMDc0NzQzWjAYMRYw
FAYDVQQDEw02N2M4MDFhMy01NTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApJ2SaLcGaIRxtSeMajuuSw39EXQ73Z/U6bRNuOLiZOdFp3GKt+2vKHHV
4tlzDVTFfBhLUY/eE3HdaaXxvtzX1wnMhQYgDnU+sSZ354bw3XdRU9A9p4a9XULH
3Ggo/GNGR65k3GwQ4VXMoYY1ov4aKUgT9PP1Bfrqhkas45HmxIJduVx6+pkglzfZ
asoIBdPlEY7CKgYYHc2eeMU4r39RSvCxlu6C7rjBPvgzkEuOlwI98yq+l6oSnZe/
peaU/KdOuvKn184blEeIAVFNE9V1iDSoA+o1jUxhAoa16c7AhzZX+HGCDJMiSmZN
cmB0GFsRBTeLEee9pjuET0gQKMm0qwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEG2
gkqHzKL9OBTvSWmbtPERe1jrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTI1N0UzQ0Y5OTYxMUVGOTk2MDcxQjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVbMA0GCSqGSIb3DQEB
CwUAA4IBAQAto5Tc77LkaDbPf564u2NF7xziKnDcgVJRov17rmqtxDj3vHuqgytf
7bKGwMxHXlBrLB4IaxJnxRo7/pmV3GFyteG3JSWo+VHJewj5K6cDz/FCvQhyUi76
4oT42gZjNJZAbcE2cXVEfiBgaXv95LH6icaCTfWyBFO81rinrKvTZgwidIqLe/Zl
WK2D2+SX8BGC4ck536FFqkc0IiLR8YARaCjVU1AlUFkYmTFxqopMhaEf8pZ3+7d0
uIV5nCQRHg/V8vTsYXbKEEzJ+MFG1dNsbU6RmPS/bPJ9XfyzQoDTQrzMd8uhtBAz
QCcDkgR4XeiG1LtrAT1rSD+gJ7nHuGIL
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:53 2025 by rpki-client