Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/252DA436FF2311EF91CDCF64762E951A.roa
File: 252DA436FF2311EF91CDCF64762E951A.roa (raw, json)
Hash identifier: gBGOkhPXXpEH9UZ3pk96yqfX4Mf6WZfQR6DHRvbtjPk=
Subject key identifier: BA:CD:29:F1:CA:6E:77:5E:B2:20:E3:EC:EC:EB:E7:78:CC:73:91:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173C9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/252DA436FF2311EF91CDCF64762E951A.roa
Signing time: Wed 12 Mar 2025 09:19:48 +0000
ROA not before: Wed 12 Mar 2025 09:19:45 +0000
ROA not after: Thu 24 Apr 2025 09:19:45 +0000
asID: 8796
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95177 (0x173c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 09:19:45 2025 GMT
Not After : Apr 24 09:19:45 2025 GMT
Subject: CN=67d151b4-85e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:84:72:2e:e7:b8:2c:2f:5e:ed:ca:da:e5:6c:
cf:b0:16:69:98:6a:24:ff:a6:9c:b2:3a:17:51:c2:
87:e0:91:cc:62:5c:99:e6:5a:8b:c1:42:28:f5:65:
89:f9:ce:ef:15:7a:2b:b4:b5:e4:66:29:69:79:7b:
13:74:12:eb:9c:ef:94:ab:07:64:5f:1a:2e:82:ba:
93:16:53:d6:e4:0e:61:ba:72:5d:60:47:b8:13:6d:
7d:eb:d7:f3:56:b7:55:94:04:00:4f:cd:ab:84:f4:
e4:0b:cf:65:0c:8d:69:92:ab:53:c0:cb:4c:44:21:
ec:c7:fd:77:2b:7a:48:31:d1:b6:15:5f:92:91:1e:
11:f8:13:44:a5:91:be:25:e4:8d:d1:ad:e7:a0:d0:
01:aa:9b:d3:8c:f1:3c:4d:1d:a8:c9:72:47:c3:4c:
d0:3f:d1:d8:1f:a9:e5:51:e4:f8:38:bd:e4:ae:e4:
e3:ab:a2:46:6f:ab:7d:0c:f7:2c:1f:17:27:eb:8c:
34:bf:23:dc:94:d9:ab:a5:f2:1d:5c:f5:dc:0d:70:
b8:42:dc:a5:66:1b:e3:cf:67:8d:7e:ef:ac:ff:47:
25:24:d5:91:48:5d:c9:54:df:14:1d:92:de:ed:92:
2f:c8:f7:bd:1e:38:c7:64:7f:f9:0f:06:c7:2b:ee:
83:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CD:29:F1:CA:6E:77:5E:B2:20:E3:EC:EC:EB:E7:78:CC:73:91:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/252DA436FF2311EF91CDCF64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:d2:f2:46:0e:18:98:bb:2e:3a:93:7c:a6:c1:55:bb:f6:ab:
6a:4a:2d:95:62:55:15:a6:b6:5a:4f:ca:b5:89:9e:15:0d:a2:
e5:82:c2:f3:1e:60:c7:49:19:00:41:87:cd:aa:96:d7:d7:aa:
e8:de:b1:29:a6:bb:c9:54:a7:ae:1b:27:76:a2:5e:36:75:d1:
be:c2:35:03:b3:aa:12:c5:e9:aa:cb:49:7e:c1:ab:e7:10:df:
1c:8b:cb:3d:35:39:3c:75:74:b3:1a:0e:a7:2f:93:f2:6d:64:
98:88:bf:d1:9d:e7:ce:6f:93:41:30:a2:91:ae:b0:45:65:af:
ac:cb:dd:86:fb:4e:b3:76:2e:c2:ac:5b:22:c3:1c:32:02:d0:
cc:68:78:31:1a:af:e8:e9:49:74:08:6f:ad:5d:6a:37:22:14:
7f:17:f6:52:8f:85:f6:61:1a:47:ce:62:bd:f3:a0:e3:1d:5f:
0c:12:13:16:ca:01:a9:0f:9e:3f:38:38:ba:2e:ff:69:d2:34:
97:bf:fd:9f:0a:0c:f4:93:d6:e9:db:da:83:61:1d:fe:e2:c8:
24:1c:de:25:28:04:73:58:33:6b:2e:59:7f:e6:7c:07:a6:3d:
17:b9:e1:97:e5:3c:50:a8:c5:21:61:16:db:cd:84:c0:d5:80:
12:6a:3c:5f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXPJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMDkxOTQ1WhcNMjUwNDI0MDkxOTQ1WjAYMRYw
FAYDVQQDEw02N2QxNTFiNC04NWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1IRyLue4LC9e7cra5WzPsBZpmGok/6acsjoXUcKH4JHMYlyZ5lqLwUIo
9WWJ+c7vFXortLXkZilpeXsTdBLrnO+UqwdkXxougrqTFlPW5A5hunJdYEe4E219
69fzVrdVlAQAT82rhPTkC89lDI1pkqtTwMtMRCHsx/13K3pIMdG2FV+SkR4R+BNE
pZG+JeSN0a3noNABqpvTjPE8TR2oyXJHw0zQP9HYH6nlUeT4OL3kruTjq6JGb6t9
DPcsHxcn64w0vyPclNmrpfIdXPXcDXC4QtylZhvjz2eNfu+s/0clJNWRSF3JVN8U
HZLe7ZIvyPe9HjjHZH/5DwbHK+6DwwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFLrN
KfHKbndesiDj7Ozr53jMc5FPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNTJEQTQzNkZGMjMxMUVGOTFDRENGNjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASaWZADBASaWcADBACa
XxgwDQYJKoZIhvcNAQELBQADggEBAFzS8kYOGJi7LjqTfKbBVbv2q2pKLZViVRWm
tlpPyrWJnhUNouWCwvMeYMdJGQBBh82qltfXqujesSmmu8lUp64bJ3aiXjZ10b7C
NQOzqhLF6arLSX7Bq+cQ3xyLyz01OTx1dLMaDqcvk/JtZJiIv9Gd585vk0EwopGu
sEVlr6zL3Yb7TrN2LsKsWyLDHDIC0MxoeDEar+jpSXQIb61dajciFH8X9lKPhfZh
GkfOYr3zoOMdXwwSExbKAakPnj84OLou/2nSNJe//Z8KDPST1unb2oNhHf7iyCQc
3iUoBHNYM2suWX/mfAemPRe54ZflPFCoxSFhFtvNhMDVgBJqPF8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:06:50 2025 by rpki-client