Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24C179B8F8D011EFBA78707E762E951A.roa
File: 24C179B8F8D011EFBA78707E762E951A.roa (raw, json)
Hash identifier: iLj9c4A86gmS+1I6Ye2UqYfPPwGHjwoYF4YOcMVPqD4=
Subject key identifier: 46:39:D7:BF:FE:F1:66:D1:80:11:4D:59:D4:D6:DE:0A:15:5A:C9:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01718A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24C179B8F8D011EFBA78707E762E951A.roa
Signing time: Tue 04 Mar 2025 08:10:33 +0000
ROA not before: Tue 04 Mar 2025 08:10:29 +0000
ROA not after: Sun 11 May 2025 08:10:29 +0000
asID: 3561
IP address blocks: 154.197.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94602 (0x1718a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 4 08:10:29 2025 GMT
Not After : May 11 08:10:29 2025 GMT
Subject: CN=67c6b578-c540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d1:8f:9e:2c:01:2f:2d:bf:68:6d:c8:50:6f:
a1:19:79:a2:bd:69:e8:74:a7:0b:a0:66:18:be:c0:
96:f1:25:ab:90:82:98:c6:89:2f:cb:dd:de:f7:99:
17:db:4d:dd:f8:c2:8e:21:29:97:87:13:ed:2c:b9:
6d:7a:b5:82:9d:e5:f9:7d:0f:ff:99:5c:51:9d:0e:
1f:e9:5d:50:55:a7:3d:22:f4:75:e7:e2:98:c9:23:
b5:5b:1a:89:84:38:a2:c8:47:db:37:b9:21:4a:35:
54:dc:5b:3e:14:b7:44:0c:c0:17:7b:0f:ff:45:9a:
b9:42:27:a7:65:a7:38:07:56:e4:9e:82:c1:28:c6:
4a:98:20:da:60:2e:90:f2:f3:e4:6b:ea:1b:1b:a5:
3c:6a:5a:8b:83:0b:af:bf:4a:68:2e:0c:57:fb:c0:
eb:ef:30:13:27:e0:e5:af:d7:7c:e8:aa:d7:f8:62:
b3:8f:63:01:f0:b9:25:80:b5:40:a1:83:1e:d1:2f:
8a:2f:dc:0d:22:20:87:f1:9a:d9:54:fb:96:4e:6a:
dc:a8:59:92:ed:6d:62:e8:ff:72:21:58:3f:43:ca:
18:66:f4:bb:01:54:6a:ea:54:5e:c1:3e:2a:fb:bd:
a6:97:ed:fa:bf:b0:d7:8d:44:ee:93:8b:78:d4:fd:
82:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:39:D7:BF:FE:F1:66:D1:80:11:4D:59:D4:D6:DE:0A:15:5A:C9:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24C179B8F8D011EFBA78707E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.8.0/22
Signature Algorithm: sha256WithRSAEncryption
35:25:b9:42:8f:81:0b:ca:0c:2e:5d:95:e5:a0:2b:c8:d1:61:
27:6b:84:95:6e:8a:7d:60:87:e9:45:3e:a1:da:62:95:d0:d3:
28:4c:fe:4d:b2:24:30:43:20:c6:26:c8:a7:57:f9:e8:15:23:
6d:5d:e2:1f:fd:4d:0a:5b:69:16:a7:e0:7b:44:2b:07:b4:16:
89:14:d9:74:b8:9e:b5:7f:5e:d6:ed:4b:7f:4b:7e:e1:a2:93:
57:8a:f4:e1:82:69:82:96:e2:30:11:a7:e7:a0:b6:62:50:e6:
ad:c3:d6:ff:87:87:04:a0:09:48:05:a0:30:08:0a:e6:04:26:
b5:b5:f3:44:a4:a9:da:45:de:d3:5f:cd:4b:03:e1:a0:c5:c5:
e2:2d:4f:a8:b2:79:ed:38:04:80:db:3a:c9:8c:c3:ca:f2:21:
a7:6e:00:57:be:2b:f8:cd:b5:4f:5f:e4:9e:93:a0:87:2e:be:
53:49:46:da:81:9d:bf:3b:20:7b:5a:ea:ce:b1:b4:1d:c0:ac:
84:28:cf:f1:5a:9e:ad:f9:89:b8:c1:6b:1f:8f:f1:c2:8b:53:
cb:e6:d7:d3:02:41:69:3f:d9:b1:44:c4:eb:b3:a0:e4:4d:44:
97:c6:af:7c:39:90:cd:42:f1:7f:64:36:4b:ec:9e:f0:7a:c1:
5c:31:dd:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXGKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA0MDgxMDI5WhcNMjUwNTExMDgxMDI5WjAYMRYw
FAYDVQQDEw02N2M2YjU3OC1jNTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArdGPniwBLy2/aG3IUG+hGXmivWnodKcLoGYYvsCW8SWrkIKYxokvy93e
95kX203d+MKOISmXhxPtLLlterWCneX5fQ//mVxRnQ4f6V1QVac9IvR15+KYySO1
WxqJhDiiyEfbN7khSjVU3Fs+FLdEDMAXew//RZq5QienZac4B1bknoLBKMZKmCDa
YC6Q8vPka+obG6U8alqLgwuvv0poLgxX+8Dr7zATJ+Dlr9d86KrX+GKzj2MB8Lkl
gLVAoYMe0S+KL9wNIiCH8ZrZVPuWTmrcqFmS7W1i6P9yIVg/Q8oYZvS7AVRq6lRe
wT4q+72ml+36v7DXjUTuk4t41P2ChQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEY5
17/+8WbRgBFNWdTW3goVWslCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNEMxNzlCOEY4RDAxMUVGQkE3ODcwN0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsUIMA0GCSqGSIb3DQEB
CwUAA4IBAQA1JblCj4ELygwuXZXloCvI0WEna4SVbop9YIfpRT6h2mKV0NMoTP5N
siQwQyDGJsinV/noFSNtXeIf/U0KW2kWp+B7RCsHtBaJFNl0uJ61f17W7Ut/S37h
opNXivThgmmCluIwEafnoLZiUOatw9b/h4cEoAlIBaAwCArmBCa1tfNEpKnaRd7T
X81LA+GgxcXiLU+osnntOASA2zrJjMPK8iGnbgBXviv4zbVPX+Sek6CHLr5TSUba
gZ2/OyB7WurOsbQdwKyEKM/xWp6t+Ym4wWsfj/HCi1PL5tfTAkFpP9mxRMTrs6Dk
TUSXxq98OZDNQvF/ZDZL7J7wesFcMd28
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:13:01 2025 by rpki-client