Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23DEEC0CE31C11EFB7BB7AA2762E951A.roa
File: 23DEEC0CE31C11EFB7BB7AA2762E951A.roa (raw, json)
Hash identifier: lqNaf1f6/l8GUPpaa384hT/AUPWWpyIPSU1WwzlT/F4=
Subject key identifier: AF:C8:88:CE:FA:BA:D2:F9:7A:B7:49:F3:41:3D:86:F7:E5:B6:5E:AC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01514B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23DEEC0CE31C11EFB7BB7AA2762E951A.roa
Signing time: Tue 04 Feb 2025 17:19:07 +0000
ROA not before: Tue 04 Feb 2025 17:19:03 +0000
ROA not after: Wed 30 Apr 2025 17:19:03 +0000
asID: 18229
IP address blocks: 154.210.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86347 (0x1514b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 17:19:03 2025 GMT
Not After : Apr 30 17:19:03 2025 GMT
Subject: CN=67a24c0b-dea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:85:c4:85:71:8d:db:e6:4c:da:71:6c:59:78:
ff:14:62:5e:b3:27:84:ca:a8:19:95:93:57:b0:79:
82:01:63:50:d5:2f:34:af:fd:e8:20:e0:76:b2:64:
52:e7:8c:c3:ac:0c:b9:9d:e5:3a:74:18:48:0b:93:
9e:d3:c9:40:d1:2d:37:fb:4d:53:fc:55:4b:43:0f:
b4:d9:cc:27:73:f6:48:47:d4:8b:fa:08:08:dc:e6:
b8:b0:24:2a:45:1f:c2:92:6c:f4:67:07:48:04:4f:
1f:1c:05:06:cb:bb:db:0d:cf:9f:5d:0d:7e:6b:62:
69:15:bc:06:6b:26:c5:44:3c:5e:5f:7f:70:9f:f4:
62:d0:c3:ea:00:4e:c6:b3:1e:92:15:ca:f2:c6:8b:
8d:8b:b4:4c:99:f4:5c:4b:44:3c:0b:ba:f0:d7:d1:
ec:88:d4:1a:16:71:00:21:6a:1d:8e:42:fd:0b:e7:
2e:29:33:1d:33:3b:b0:55:ae:b8:5c:45:e0:09:d3:
67:aa:a5:3a:ef:8f:d1:b9:3f:a3:92:9e:2f:9a:3b:
be:5d:b2:c1:3f:9d:1b:2f:94:72:95:cd:bb:ec:fa:
ec:44:05:2c:c7:8e:36:38:6c:e2:4b:f3:fe:bc:58:
75:6c:45:d1:ec:78:fb:b8:b0:da:80:c7:0b:ef:3c:
9f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:C8:88:CE:FA:BA:D2:F9:7A:B7:49:F3:41:3D:86:F7:E5:B6:5E:AC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23DEEC0CE31C11EFB7BB7AA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.148.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:b7:77:d6:92:07:78:3f:e6:60:25:0b:fe:1a:43:6b:a3:1e:
4c:0c:5b:ff:a4:d9:03:fa:e3:9b:c2:d6:cc:62:fd:8a:b5:f6:
3b:ac:87:50:85:63:86:cc:9e:7c:f2:c9:e0:80:6d:56:9d:f3:
ae:ae:00:56:8b:0a:b2:66:dc:14:a6:ed:4f:56:18:c5:61:8d:
01:7d:05:a9:f1:fa:89:d8:93:1e:6a:66:2c:44:49:42:47:15:
7d:d6:a9:ea:6a:44:4b:39:d7:28:33:c1:b7:72:bd:b6:bd:30:
ac:54:d0:4a:26:20:80:2c:1f:74:14:aa:13:e3:47:dc:b6:57:
a5:9d:6b:2a:7c:e4:7f:bd:cc:08:e9:58:16:cf:ff:ca:3c:51:
4f:a4:1e:ea:82:cf:10:9a:4a:ed:f6:7c:30:53:28:d2:79:09:
d6:fe:d2:6c:24:00:1e:ef:c6:c6:2d:ba:9d:ed:8e:83:00:91:
5b:d6:33:b2:03:f1:96:5b:80:1a:dd:30:c5:b0:ab:a0:2f:0c:
ab:1f:c2:96:48:e1:2f:d0:ad:1e:ae:c7:ec:0c:dd:84:f5:74:
29:54:7a:44:96:4c:62:f8:7c:bc:4d:8f:60:94:0f:2b:14:76:
88:55:64:26:3f:07:5d:1f:f2:81:c8:5b:3e:eb:e9:0a:2e:8c:
f8:46:82:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVFLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MTcxOTAzWhcNMjUwNDMwMTcxOTAzWjAYMRYw
FAYDVQQDEw02N2EyNGMwYi1kZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr4XEhXGN2+ZM2nFsWXj/FGJesyeEyqgZlZNXsHmCAWNQ1S80r/3oIOB2
smRS54zDrAy5neU6dBhIC5Oe08lA0S03+01T/FVLQw+02cwnc/ZIR9SL+ggI3Oa4
sCQqRR/Ckmz0ZwdIBE8fHAUGy7vbDc+fXQ1+a2JpFbwGaybFRDxeX39wn/Ri0MPq
AE7Gsx6SFcryxouNi7RMmfRcS0Q8C7rw19HsiNQaFnEAIWodjkL9C+cuKTMdMzuw
Va64XEXgCdNnqqU674/RuT+jkp4vmju+XbLBP50bL5Rylc277PrsRAUsx442OGzi
S/P+vFh1bEXR7Hj7uLDagMcL7zyfNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK/I
iM76utL5erdJ80E9hvfltl6sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yM0RFRUMwQ0UzMUMxMUVGQjdCQjdBQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKUMA0GCSqGSIb3DQEB
CwUAA4IBAQDPt3fWkgd4P+ZgJQv+GkNrox5MDFv/pNkD+uObwtbMYv2KtfY7rIdQ
hWOGzJ588snggG1WnfOurgBWiwqyZtwUpu1PVhjFYY0BfQWp8fqJ2JMeamYsRElC
RxV91qnqakRLOdcoM8G3cr22vTCsVNBKJiCALB90FKoT40fctlelnWsqfOR/vcwI
6VgWz//KPFFPpB7qgs8Qmkrt9nwwUyjSeQnW/tJsJAAe78bGLbqd7Y6DAJFb1jOy
A/GWW4Aa3TDFsKugLwyrH8KWSOEv0K0ersfsDN2E9XQpVHpElkxi+Hy8TY9glA8r
FHaIVWQmPwddH/KByFs+6+kKLoz4RoJq
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:08 2025 by rpki-client