Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3561907CF41C11EF91C2324C762E951A.roa
File: 3561907CF41C11EF91C2324C762E951A.roa (raw, json)
Hash identifier: A9TA+8hxU/HdncDNHZ9V5L6WZz70G9lWMh5errAn3VQ=
Subject key identifier: 54:CE:96:DA:94:A2:3E:C4:99:C7:2E:1C:48:C4:14:46:1A:F9:3B:B3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01615F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3561907CF41C11EF91C2324C762E951A.roa
Signing time: Wed 26 Feb 2025 08:32:26 +0000
ROA not before: Wed 26 Feb 2025 08:32:23 +0000
ROA not after: Thu 19 Feb 2026 08:32:23 +0000
asID: 984
IP address blocks: 154.206.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90463 (0x1615f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 08:32:23 2025 GMT
Not After : Feb 19 08:32:23 2026 GMT
Subject: CN=67bed19a-3af7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a8:5f:e4:23:67:5a:2f:22:a7:90:50:6c:46:
2d:c3:29:9b:41:f8:90:b2:de:7d:eb:da:4b:33:c9:
c5:99:a9:ea:9c:08:60:8e:d2:f0:6a:8f:01:47:50:
c0:3c:fc:94:15:84:2a:6f:04:3a:e9:5a:89:92:c3:
82:76:8e:44:ee:a2:a9:a5:c6:74:cc:4a:f3:97:73:
a9:04:02:65:24:a3:39:55:67:e8:fe:e2:3f:48:26:
a8:70:b7:59:01:d6:fb:ea:29:71:92:7e:31:ed:b3:
54:74:8f:f0:c4:e5:c9:ef:eb:c4:d9:0d:4a:c6:b1:
df:5a:56:30:ee:e9:db:18:bc:25:3c:d0:89:2f:b3:
f9:c1:7d:71:ff:d4:c2:d0:ed:1c:90:ff:42:2e:7d:
2a:c9:21:67:ce:a7:81:3b:f5:70:05:46:1d:ff:00:
6c:4f:cb:be:31:96:a2:8c:fe:f1:5e:42:fa:cd:39:
57:fc:2f:9a:4c:fe:1f:30:0b:08:53:45:28:20:10:
31:55:cf:77:48:10:58:ff:6a:e2:13:ee:44:dc:eb:
c3:71:22:66:4c:c3:75:0b:06:f6:5c:1a:4d:f9:cc:
a3:2a:a0:d2:02:c4:ad:8b:b8:36:d1:51:22:01:07:
fb:51:3c:fc:59:45:10:e1:40:d9:33:0d:c5:5e:25:
c3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CE:96:DA:94:A2:3E:C4:99:C7:2E:1C:48:C4:14:46:1A:F9:3B:B3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3561907CF41C11EF91C2324C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.213.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:e1:ae:23:47:d3:9a:e2:d7:07:15:67:94:08:93:f1:ca:86:
46:eb:c6:02:07:47:e8:dd:38:4e:26:a2:41:c3:1e:4d:7b:27:
99:b1:78:29:09:15:1e:a9:b9:9c:a9:4c:76:e5:0e:d7:5a:0d:
fe:ac:a7:37:42:22:31:dd:63:4e:21:11:63:f1:1e:7a:85:a6:
69:a9:06:a3:1c:4c:bf:3d:67:32:dc:1e:7a:36:a5:f7:4f:b4:
d2:26:1f:ad:3e:0d:47:b0:72:05:2e:ac:1d:8a:b8:af:a6:43:
dd:87:70:21:26:67:76:38:ee:2d:5f:5c:48:6e:22:93:3f:02:
40:ec:6e:ba:97:97:05:6c:85:a8:79:a2:07:f4:9a:dd:46:0e:
d4:d9:48:b9:79:8b:d7:71:8c:7f:1c:23:dc:77:f2:d8:b8:23:
66:9b:bb:a5:94:c4:7a:d8:b9:45:7a:cb:d8:98:c9:ac:f4:46:
29:fd:7d:e6:ca:03:7e:d6:7a:ee:83:63:dd:78:c9:66:66:9f:
27:41:d6:bc:4e:77:a1:df:fc:fd:74:28:b7:98:4c:22:30:62:
e5:b4:88:cb:6d:7f:90:19:a8:a5:86:0d:0e:f5:f3:4e:84:a1:
89:e0:3c:87:fc:3d:ed:81:87:4e:1d:a0:5d:b3:09:f8:03:e1:
f2:1a:5e:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWFfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDgzMjIzWhcNMjYwMjE5MDgzMjIzWjAYMRYw
FAYDVQQDEw02N2JlZDE5YS0zYWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArahf5CNnWi8ip5BQbEYtwymbQfiQst5969pLM8nFmanqnAhgjtLwao8B
R1DAPPyUFYQqbwQ66VqJksOCdo5E7qKppcZ0zErzl3OpBAJlJKM5VWfo/uI/SCao
cLdZAdb76ilxkn4x7bNUdI/wxOXJ7+vE2Q1KxrHfWlYw7unbGLwlPNCJL7P5wX1x
/9TC0O0ckP9CLn0qySFnzqeBO/VwBUYd/wBsT8u+MZaijP7xXkL6zTlX/C+aTP4f
MAsIU0UoIBAxVc93SBBY/2riE+5E3OvDcSJmTMN1Cwb2XBpN+cyjKqDSAsSti7g2
0VEiAQf7UTz8WUUQ4UDZMw3FXiXDxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFTO
ltqUoj7EmccuHEjEFEYa+TuzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNTYxOTA3Q0Y0MUMxMUVGOTFDMjMyNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7VMA0GCSqGSIb3DQEB
CwUAA4IBAQC74a4jR9Oa4tcHFWeUCJPxyoZG68YCB0fo3ThOJqJBwx5NeyeZsXgp
CRUeqbmcqUx25Q7XWg3+rKc3QiIx3WNOIRFj8R56haZpqQajHEy/PWcy3B56NqX3
T7TSJh+tPg1HsHIFLqwdirivpkPdh3AhJmd2OO4tX1xIbiKTPwJA7G66l5cFbIWo
eaIH9JrdRg7U2Ui5eYvXcYx/HCPcd/LYuCNmm7ullMR62LlFesvYmMms9EYp/X3m
ygN+1nrug2PdeMlmZp8nQda8Tneh3/z9dCi3mEwiMGLltIjLbX+QGailhg0O9fNO
hKGJ4DyH/D3tgYdOHaBdswn4A+HyGl69
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:14:30 2025 by rpki-client