Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3207EE28F2CB11EFAF773D4D762E951A.roa
File: 3207EE28F2CB11EFAF773D4D762E951A.roa (raw, json)
Hash identifier: /MSXWXAb/JtNGUgBvy6pQz6NDCKgSvOHaJGghXFSUfI=
Subject key identifier: 4C:AE:14:B1:C5:6A:07:53:92:79:B8:C0:50:12:96:FB:56:C2:B6:59
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015C63
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3207EE28F2CB11EFAF773D4D762E951A.roa
Signing time: Mon 24 Feb 2025 16:20:00 +0000
ROA not before: Mon 24 Feb 2025 16:19:57 +0000
ROA not after: Fri 18 Jul 2025 16:19:57 +0000
asID: 400619
IP address blocks: 154.204.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89187 (0x15c63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 24 16:19:57 2025 GMT
Not After : Jul 18 16:19:57 2025 GMT
Subject: CN=67bc9c30-7b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:36:bd:20:2c:53:06:7c:17:69:b7:d9:aa:3f:
b3:f0:0d:98:0a:90:14:47:8c:30:fd:d0:e8:2d:0f:
97:7d:0d:16:fc:de:20:95:55:87:a1:71:08:4b:2a:
4e:0f:42:8b:3f:4d:f2:26:72:f6:3b:8d:d9:0e:4d:
92:60:9a:ca:21:0c:c7:ce:53:f6:d5:69:e3:5f:b6:
3d:e4:c4:d9:6f:30:8f:79:64:77:43:3e:7f:45:9f:
fe:f4:bb:88:58:30:ea:57:7a:99:ff:fc:56:ef:fe:
c1:66:5c:c0:6f:68:c8:e9:e0:7e:cc:02:11:92:76:
27:02:d8:b5:40:7a:1c:a1:0f:04:fb:48:b5:b0:55:
af:00:83:84:1e:8c:29:7b:f6:35:ef:0c:29:0e:41:
11:5a:ea:2c:3e:9a:3b:45:1d:f4:74:8b:b3:ac:2a:
4d:51:87:cf:a1:40:c0:57:3c:a2:e0:88:5d:b5:94:
81:f0:94:1e:49:58:83:8c:10:78:aa:64:b5:01:91:
5a:0d:cb:5a:e1:c9:0a:11:a3:bd:71:b2:56:0f:69:
11:a8:ef:dd:97:3b:8e:5e:3e:5a:11:b8:9c:1c:81:
5b:ab:ec:16:f9:7b:93:ec:57:ed:ee:ce:90:98:50:
1e:5d:12:e5:38:b9:df:fb:43:8b:1b:20:b8:96:e7:
a6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AE:14:B1:C5:6A:07:53:92:79:B8:C0:50:12:96:FB:56:C2:B6:59
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3207EE28F2CB11EFAF773D4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.8.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:02:f5:b3:e8:f8:80:43:db:ae:5f:4c:8f:af:8d:cf:d3:1c:
b6:35:a2:6f:c7:0e:5d:eb:00:af:fe:18:20:78:af:92:19:b2:
ca:64:d7:45:c2:a5:41:fd:11:3a:b7:a8:5e:87:bc:2a:e8:6f:
aa:57:d6:6a:58:df:f8:0f:8f:05:27:bf:64:56:cf:bc:c9:00:
97:11:25:be:84:0a:47:5c:9c:18:e4:f4:56:44:45:22:c9:10:
06:17:cc:5d:72:3e:a5:6e:87:f6:96:31:9d:f4:bb:f2:8e:01:
71:e8:dc:2f:48:da:98:ba:9f:eb:26:9e:0d:a7:be:8a:41:72:
6d:9f:24:9b:b7:46:9e:7e:6b:2a:e8:ea:ed:9b:8e:de:f5:19:
1e:d8:e0:65:cf:d0:ee:de:81:a9:a0:f4:5d:03:ec:f4:c4:d9:
d8:22:b6:22:e4:8f:88:f5:05:97:68:28:36:75:06:64:71:fd:
a6:7d:d2:a7:8f:9f:a2:89:ee:1f:23:4a:24:e3:57:20:14:d0:
53:a0:0e:1b:d6:21:ae:5b:b4:8b:d2:d3:4e:82:1e:77:64:39:
c4:81:cc:ba:4c:4c:c4:ab:41:10:81:59:61:38:c7:7a:4b:f5:
53:a2:2e:7d:0b:e8:6f:ac:05:5b:0c:9a:33:e8:b7:75:7f:fe:
de:35:8f:f8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVxjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTYxOTU3WhcNMjUwNzE4MTYxOTU3WjAYMRYw
FAYDVQQDEw02N2JjOWMzMC03YjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnTa9ICxTBnwXabfZqj+z8A2YCpAUR4ww/dDoLQ+XfQ0W/N4glVWHoXEI
SypOD0KLP03yJnL2O43ZDk2SYJrKIQzHzlP21WnjX7Y95MTZbzCPeWR3Qz5/RZ/+
9LuIWDDqV3qZ//xW7/7BZlzAb2jI6eB+zAIRknYnAti1QHocoQ8E+0i1sFWvAIOE
Howpe/Y17wwpDkERWuosPpo7RR30dIuzrCpNUYfPoUDAVzyi4IhdtZSB8JQeSViD
jBB4qmS1AZFaDcta4ckKEaO9cbJWD2kRqO/dlzuOXj5aEbicHIFbq+wW+XuT7Fft
7s6QmFAeXRLlOLnf+0OLGyC4luemBwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEyu
FLHFagdTknm4wFASlvtWwrZZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjA3RUUyOEYyQ0IxMUVGQUY3NzNENEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmswIMA0GCSqGSIb3DQEB
CwUAA4IBAQAdAvWz6PiAQ9uuX0yPr43P0xy2NaJvxw5d6wCv/hggeK+SGbLKZNdF
wqVB/RE6t6heh7wq6G+qV9ZqWN/4D48FJ79kVs+8yQCXESW+hApHXJwY5PRWREUi
yRAGF8xdcj6lbof2ljGd9LvyjgFx6NwvSNqYup/rJp4Np76KQXJtnySbt0aefmsq
6Ortm47e9Rke2OBlz9Du3oGpoPRdA+z0xNnYIrYi5I+I9QWXaCg2dQZkcf2mfdKn
j5+iie4fI0ok41cgFNBToA4b1iGuW7SL0tNOgh53ZDnEgcy6TEzEq0EQgVlhOMd6
S/VToi59C+hvrAVbDJoz6Ld1f/7eNY/4
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:37 2025 by rpki-client