Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/308F6044F44211EFB8F90C55762E951A.roa
File: 308F6044F44211EFB8F90C55762E951A.roa (raw, json)
Hash identifier: hz+cBMxnbjCfSvMuAC6/sv86uajL2pQoJBkfQezeX/w=
Subject key identifier: 5B:04:3A:54:AA:76:86:20:0F:E8:28:EB:13:1E:BB:AF:DF:9C:67:43
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01637C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/308F6044F44211EFB8F90C55762E951A.roa
Signing time: Wed 26 Feb 2025 13:04:20 +0000
ROA not before: Wed 26 Feb 2025 13:04:13 +0000
ROA not after: Thu 19 Feb 2026 13:04:13 +0000
asID: 984
IP address blocks: 154.208.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91004 (0x1637c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 13:04:13 2025 GMT
Not After : Feb 19 13:04:13 2026 GMT
Subject: CN=67bf1154-da2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:00:14:7c:ba:2e:40:76:12:9e:fd:fb:7d:b8:
e1:75:23:2e:5b:ef:70:7e:1c:0b:2f:29:c0:4a:46:
a3:0b:bf:d9:f8:ab:96:b8:76:63:81:57:9f:e8:1c:
54:6b:7c:ef:42:03:c1:89:0b:ad:15:96:2b:36:7c:
45:3e:31:ce:f4:4a:73:79:1a:f0:01:02:9c:3a:aa:
ce:f5:a5:b8:88:43:5f:15:d3:7c:ee:74:82:fe:15:
64:2f:81:3f:e9:80:c4:3e:b1:22:0b:ec:7a:1f:1a:
8b:49:11:fd:27:fa:86:4b:a8:6f:76:df:f3:3a:dc:
97:6d:5d:68:1f:f1:d2:56:43:7d:88:1d:24:b3:37:
f0:b6:fe:8a:bd:ed:de:b0:2e:11:21:a9:fd:80:19:
e3:3d:03:9d:89:ab:30:a6:ad:6e:0a:87:c6:45:4c:
00:6d:fc:b5:93:c3:6c:90:8c:84:12:eb:22:fe:6b:
8c:b0:d1:94:3b:bf:5b:0f:3c:51:d1:86:f7:a7:f7:
b8:d8:9f:d1:bd:35:61:83:54:7c:52:cd:7e:b8:64:
13:cd:a7:a5:c2:8a:aa:11:2d:b1:a0:d8:12:ac:62:
22:55:48:5c:5f:cd:46:77:16:ad:73:19:5c:d7:7c:
7a:b4:d7:55:77:18:ce:02:dd:d2:5f:c3:f1:a7:6a:
ec:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:04:3A:54:AA:76:86:20:0F:E8:28:EB:13:1E:BB:AF:DF:9C:67:43
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/308F6044F44211EFB8F90C55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.183.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:46:db:cd:14:43:09:a9:bd:93:34:37:7e:e1:e2:a0:82:69:
28:eb:65:39:38:29:13:fe:21:ac:d2:5a:67:00:e7:2c:8c:eb:
13:51:de:9d:5f:2e:94:99:4b:07:f8:ba:ed:40:22:49:0b:49:
01:cc:4f:c5:4a:71:64:95:19:4b:8b:1c:a6:d3:49:7c:74:92:
17:c6:f4:80:ce:3e:16:f1:2c:a2:aa:5f:a2:7a:6b:47:d5:59:
70:b1:41:b0:d3:8a:d9:3c:0d:6d:fb:93:ac:27:65:64:c1:9c:
49:e6:e6:47:61:4f:e0:4d:75:d9:b8:56:cd:09:ed:94:91:43:
f6:8a:60:64:62:56:16:62:fc:15:7a:00:6e:47:95:3f:35:19:
86:97:fe:7d:d2:ed:19:bb:49:63:aa:a0:4d:f3:6e:73:5f:13:
61:5f:34:63:9b:25:4a:c7:71:3a:32:5c:05:62:08:ea:3f:9a:
6e:c4:9e:52:54:3f:11:74:3c:e5:eb:ab:61:28:ad:89:4a:40:
d8:4d:d7:73:ee:b8:9b:90:e9:0b:47:64:92:50:9f:76:23:f0:
2d:4e:25:7c:7e:4c:b4:45:73:45:7c:34:87:de:e2:b9:8d:9f:
c5:93:e3:cd:bd:f1:81:21:b5:88:5a:e4:80:de:5f:8e:0e:4c:
3b:a8:60:77
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWN8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTMwNDEzWhcNMjYwMjE5MTMwNDEzWjAYMRYw
FAYDVQQDEw02N2JmMTE1NC1kYTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwQAUfLouQHYSnv37fbjhdSMuW+9wfhwLLynASkajC7/Z+KuWuHZjgVef
6BxUa3zvQgPBiQutFZYrNnxFPjHO9EpzeRrwAQKcOqrO9aW4iENfFdN87nSC/hVk
L4E/6YDEPrEiC+x6HxqLSRH9J/qGS6hvdt/zOtyXbV1oH/HSVkN9iB0kszfwtv6K
ve3esC4RIan9gBnjPQOdiaswpq1uCofGRUwAbfy1k8NskIyEEusi/muMsNGUO79b
DzxR0Yb3p/e42J/RvTVhg1R8Us1+uGQTzaelwoqqES2xoNgSrGIiVUhcX81Gdxat
cxlc13x6tNdVdxjOAt3SX8Pxp2rsPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFsE
OlSqdoYgD+go6xMeu6/fnGdDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMDhGNjA0NEY0NDIxMUVGQjhGOTBDNTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtC3MA0GCSqGSIb3DQEB
CwUAA4IBAQCrRtvNFEMJqb2TNDd+4eKggmko62U5OCkT/iGs0lpnAOcsjOsTUd6d
Xy6UmUsH+LrtQCJJC0kBzE/FSnFklRlLixym00l8dJIXxvSAzj4W8Syiql+iemtH
1VlwsUGw04rZPA1t+5OsJ2VkwZxJ5uZHYU/gTXXZuFbNCe2UkUP2imBkYlYWYvwV
egBuR5U/NRmGl/590u0Zu0ljqqBN825zXxNhXzRjmyVKx3E6MlwFYgjqP5puxJ5S
VD8RdDzl66thKK2JSkDYTddz7ribkOkLR2SSUJ92I/AtTiV8fky0RXNFfDSH3uK5
jZ/Fk+PNvfGBIbWIWuSA3l+ODkw7qGB3
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:39 2025 by rpki-client