Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D32BB04F41E11EF91D79258762E951A.roa
File: 2D32BB04F41E11EF91D79258762E951A.roa (raw, json)
Hash identifier: z3v8h2ZhICxUzi4xzh4cwvrxTiFJb+tUH2KC6/1W2F0=
Subject key identifier: DA:1B:8C:29:1F:15:5F:5B:C6:3D:82:C2:85:60:99:22:9A:FF:22:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016175
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D32BB04F41E11EF91D79258762E951A.roa
Signing time: Wed 26 Feb 2025 08:46:32 +0000
ROA not before: Wed 26 Feb 2025 08:46:28 +0000
ROA not after: Thu 19 Feb 2026 08:46:28 +0000
asID: 328608
IP address blocks: 154.200.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90485 (0x16175)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 08:46:28 2025 GMT
Not After : Feb 19 08:46:28 2026 GMT
Subject: CN=67bed4e8-8840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6e:45:dd:a4:13:69:17:4c:ec:26:4f:94:35:
12:a5:69:4b:f8:06:03:42:c4:60:76:d7:f9:15:90:
02:09:51:45:ff:dc:06:57:d2:95:25:c5:0d:7a:6e:
18:83:08:c9:eb:42:59:28:bd:9a:4e:b3:5d:73:72:
34:2f:10:16:a4:59:ae:79:ff:da:b8:0f:aa:51:03:
a5:e2:0d:fc:d7:dd:51:e2:e6:f0:a7:73:4a:de:f4:
86:8e:b2:87:07:1b:b9:6b:58:97:69:3f:92:ac:b8:
04:34:15:e3:4f:06:87:f3:31:54:77:6e:85:c0:20:
88:85:80:69:6f:e3:5c:73:42:e8:89:41:3e:f1:bd:
7b:47:59:9e:15:e5:b2:8b:e2:67:9b:c8:67:35:47:
96:97:95:56:df:83:88:08:69:83:61:9c:8b:b3:03:
1a:80:a5:c3:3d:62:cc:6d:3a:98:59:11:ba:db:1b:
74:fb:cf:ae:19:e4:f0:2a:a6:a1:39:90:b1:83:48:
01:bf:ae:8f:4b:35:1d:eb:ca:5a:d1:28:8c:af:52:
3a:07:e7:bf:db:fb:67:e3:66:e0:c3:ab:df:f2:2c:
b6:85:a6:22:97:8a:31:4d:19:74:9d:83:9a:ed:a7:
6b:26:f4:47:7e:97:ae:8f:25:f5:37:2f:a5:ae:f0:
ae:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1B:8C:29:1F:15:5F:5B:C6:3D:82:C2:85:60:99:22:9A:FF:22:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D32BB04F41E11EF91D79258762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.198.0/24
Signature Algorithm: sha256WithRSAEncryption
41:e9:95:32:f6:27:43:a3:80:c1:09:e7:a1:39:25:8c:2a:b4:
5f:97:2b:8f:47:6d:95:68:ae:4c:d0:cf:8f:51:cd:2e:29:13:
52:c5:2f:6c:5d:72:1d:6f:b3:9c:86:36:c9:f5:69:9d:9e:4e:
21:aa:db:70:04:d3:c7:f9:d4:0a:3f:2b:5a:bc:71:c5:3a:92:
24:fc:0d:51:e5:61:38:79:ce:5c:c3:5a:e0:eb:cd:c2:63:e8:
2c:86:57:1e:d1:58:09:85:13:d7:4e:18:04:00:ff:d2:ce:61:
42:4b:15:6a:d3:77:0e:cf:43:e6:65:ee:69:8c:53:5b:ac:1e:
e4:8c:b1:42:8f:30:fa:1f:d3:ce:83:76:90:a5:c2:fd:2e:42:
cc:3a:28:62:0f:7f:ce:ac:d1:dc:04:7c:ec:59:c2:21:1b:9b:
6a:a5:5f:84:5b:09:39:1a:15:20:07:0e:d6:7f:29:46:58:cc:
7e:42:fc:c9:83:b4:76:8e:cc:63:86:ff:3e:14:42:ce:61:8d:
da:2c:01:22:b2:40:a2:c5:47:a7:54:d7:b5:af:dc:5f:d5:31:
53:63:f4:10:3a:6c:6a:0c:13:ea:99:f5:f9:58:68:69:a7:ed:
2c:3c:ef:e5:0a:ec:3f:a0:be:69:a1:78:f4:2c:fd:cc:f3:58:
9e:12:df:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWF1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDg0NjI4WhcNMjYwMjE5MDg0NjI4WjAYMRYw
FAYDVQQDEw02N2JlZDRlOC04ODQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz25F3aQTaRdM7CZPlDUSpWlL+AYDQsRgdtf5FZACCVFF/9wGV9KVJcUN
em4YgwjJ60JZKL2aTrNdc3I0LxAWpFmuef/auA+qUQOl4g38191R4ubwp3NK3vSG
jrKHBxu5a1iXaT+SrLgENBXjTwaH8zFUd26FwCCIhYBpb+Ncc0LoiUE+8b17R1me
FeWyi+Jnm8hnNUeWl5VW34OICGmDYZyLswMagKXDPWLMbTqYWRG62xt0+8+uGeTw
KqahOZCxg0gBv66PSzUd68pa0SiMr1I6B+e/2/tn42bgw6vf8iy2haYil4oxTRl0
nYOa7adrJvRHfpeujyX1Ny+lrvCuTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNob
jCkfFV9bxj2CwoVgmSKa/yJNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRDMyQkIwNEY0MUUxMUVGOTFENzkyNTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjGMA0GCSqGSIb3DQEB
CwUAA4IBAQBB6ZUy9idDo4DBCeehOSWMKrRflyuPR22VaK5M0M+PUc0uKRNSxS9s
XXIdb7OchjbJ9Wmdnk4hqttwBNPH+dQKPytavHHFOpIk/A1R5WE4ec5cw1rg683C
Y+gshlce0VgJhRPXThgEAP/SzmFCSxVq03cOz0PmZe5pjFNbrB7kjLFCjzD6H9PO
g3aQpcL9LkLMOihiD3/OrNHcBHzsWcIhG5tqpV+EWwk5GhUgBw7WfylGWMx+QvzJ
g7R2jsxjhv8+FELOYY3aLAEiskCixUenVNe1r9xf1TFTY/QQOmxqDBPqmfX5WGhp
p+0sPO/lCuw/oL5poXj0LP3M81ieEt96
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:26:14 2025 by rpki-client