Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29D9CD44F46E11EFB8B76B88762E951A.roa
File: 29D9CD44F46E11EFB8B76B88762E951A.roa (raw, json)
Hash identifier: BXvNqCoJMwKZnumh9LxAntxm2EUbV3iOJyfNNiFOk0c=
Subject key identifier: 7A:76:3C:F8:EB:25:6D:D5:6F:83:98:61:49:3E:F6:2C:17:C7:FA:26
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016556
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29D9CD44F46E11EFB8B76B88762E951A.roa
Signing time: Wed 26 Feb 2025 18:19:06 +0000
ROA not before: Wed 26 Feb 2025 18:19:02 +0000
ROA not after: Sat 19 Feb 2028 18:19:02 +0000
asID: 17561
IP address blocks: 154.201.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91478 (0x16556)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 18:19:02 2025 GMT
Not After : Feb 19 18:19:02 2028 GMT
Subject: CN=67bf5b1a-bf9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:23:b2:64:a0:a1:95:99:a4:a9:bd:32:3e:2f:
e2:c6:80:96:80:49:d1:b9:91:0f:fb:5d:da:51:cc:
64:37:05:54:15:44:fb:28:e5:7a:80:0b:93:0a:25:
d8:2c:cc:99:18:76:59:14:d5:61:8a:3a:16:36:79:
c9:c0:06:8e:9f:f2:87:ac:c2:1b:4d:61:18:6b:34:
ae:2a:71:f8:35:60:f6:79:77:5b:de:7e:9c:7e:6a:
08:e7:e9:f2:0a:ae:01:00:78:f7:da:e2:09:1b:8c:
b9:80:b2:42:8f:f7:97:51:88:3a:2d:ff:99:b5:59:
6c:41:e1:65:55:40:2a:28:b0:a5:3e:cf:b3:8e:81:
38:57:e9:a1:f0:8f:dd:5e:5a:14:26:d6:f2:39:cd:
0d:e6:28:8d:9c:5d:59:f9:18:37:7d:63:63:ee:3e:
ea:ef:ac:5c:7e:09:e2:16:3a:9f:ac:72:09:2b:c5:
91:50:38:ff:d0:fe:57:ea:25:49:cd:3c:2b:bf:ab:
22:fc:2d:39:4b:c3:49:be:0e:21:22:e2:2c:a2:b0:
77:8e:06:cf:64:8b:94:a4:21:75:a2:b1:d2:0b:54:
1c:ac:69:73:f1:98:17:fe:6b:06:22:fd:84:7b:b2:
71:0f:3d:09:7b:53:b1:97:23:ad:69:75:73:b9:4f:
bf:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:76:3C:F8:EB:25:6D:D5:6F:83:98:61:49:3E:F6:2C:17:C7:FA:26
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29D9CD44F46E11EFB8B76B88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.14.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:0f:b4:32:4a:c5:28:6a:57:62:ba:63:e1:39:bc:09:04:b2:
3a:40:6d:99:94:ad:05:ef:2d:98:c6:f1:7d:d3:50:6f:ff:cf:
73:f8:44:f7:27:a7:b8:4a:d3:16:cb:c2:95:91:f2:d1:69:ac:
fe:a5:f4:78:14:11:66:63:8b:59:4a:f7:8b:52:8e:ae:88:a4:
4f:e5:6f:ac:80:f6:59:63:da:ba:22:33:f1:4e:97:5e:d8:5c:
30:db:02:bf:9e:a5:88:d3:fa:29:cd:f1:04:10:c5:b6:9d:ea:
40:ce:b3:97:df:b2:3a:9a:11:3f:59:63:3b:45:87:b9:a8:d2:
5a:c5:71:63:b0:69:17:dc:25:53:25:bc:e8:d3:7e:0e:c0:b7:
76:77:0d:3b:7f:a7:a7:0b:3b:9f:eb:a5:36:e1:83:08:25:f0:
0b:20:e7:8b:cd:5c:ef:8f:3f:eb:42:2e:ed:fd:96:6e:cb:14:
98:64:17:09:49:13:05:66:4d:6a:a8:a8:27:c4:65:02:d4:7a:
2b:0c:53:d2:e8:7a:89:55:d9:f7:db:1d:22:4e:c1:9e:97:66:
d4:63:ae:79:3d:49:e5:c1:73:34:5a:e1:3c:12:6e:43:75:c6:
65:01:99:6c:bf:24:12:73:4e:be:13:25:3f:46:59:a3:26:db:
ff:25:db:11
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWVWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTgxOTAyWhcNMjgwMjE5MTgxOTAyWjAYMRYw
FAYDVQQDEw02N2JmNWIxYS1iZjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqSOyZKChlZmkqb0yPi/ixoCWgEnRuZEP+13aUcxkNwVUFUT7KOV6gAuT
CiXYLMyZGHZZFNVhijoWNnnJwAaOn/KHrMIbTWEYazSuKnH4NWD2eXdb3n6cfmoI
5+nyCq4BAHj32uIJG4y5gLJCj/eXUYg6Lf+ZtVlsQeFlVUAqKLClPs+zjoE4V+mh
8I/dXloUJtbyOc0N5iiNnF1Z+Rg3fWNj7j7q76xcfgniFjqfrHIJK8WRUDj/0P5X
6iVJzTwrv6si/C05S8NJvg4hIuIsorB3jgbPZIuUpCF1orHSC1QcrGlz8ZgX/msG
Iv2Ee7JxDz0Je1OxlyOtaXVzuU+/VQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHp2
PPjrJW3Vb4OYYUk+9iwXx/omMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUQ5Q0Q0NEY0NkUxMUVGQjhCNzZCODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmskOMA0GCSqGSIb3DQEB
CwUAA4IBAQA7D7QySsUoaldiumPhObwJBLI6QG2ZlK0F7y2YxvF901Bv/89z+ET3
J6e4StMWy8KVkfLRaaz+pfR4FBFmY4tZSveLUo6uiKRP5W+sgPZZY9q6IjPxTpde
2Fww2wK/nqWI0/opzfEEEMW2nepAzrOX37I6mhE/WWM7RYe5qNJaxXFjsGkX3CVT
Jbzo034OwLd2dw07f6enCzuf66U24YMIJfALIOeLzVzvjz/rQi7t/ZZuyxSYZBcJ
SRMFZk1qqKgnxGUC1HorDFPS6HqJVdn32x0iTsGel2bUY655PUnlwXM0WuE8Em5D
dcZlAZlsvyQSc06+EyU/RlmjJtv/JdsR
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:29:46 2025 by rpki-client