Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/356506AA0A1811F0BD0A0167762E951A.roa
File: 356506AA0A1811F0BD0A0167762E951A.roa (raw, json)
Hash identifier: 5F1cdnFPH6X6RsZmNWH/DInqRFg9tZV0Pido/udx2s8=
Subject key identifier: 77:A9:7F:84:93:FF:C3:01:AD:5A:5A:D7:87:D9:21:46:45:47:49:79
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01765D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/356506AA0A1811F0BD0A0167762E951A.roa
Signing time: Wed 26 Mar 2025 07:59:14 +0000
ROA not before: Wed 26 Mar 2025 07:59:10 +0000
ROA not after: Tue 03 Jun 2025 07:59:10 +0000
asID: 140666
IP address blocks: 154.93.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95837 (0x1765d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 26 07:59:10 2025 GMT
Not After : Jun 3 07:59:10 2025 GMT
Subject: CN=67e3b3d2-431b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:c7:83:5a:24:20:69:34:b0:17:7f:d3:0f:
5f:08:68:01:05:55:0c:b2:c1:6d:04:b6:7d:9b:5b:
5f:03:bd:7a:b3:be:d0:82:26:e4:7f:5b:00:30:69:
cf:1b:b0:75:73:7b:cf:ab:66:45:16:d5:69:46:e3:
39:aa:87:fe:8f:63:72:a1:52:c0:59:2f:93:a1:d1:
03:96:b5:71:93:70:98:4b:5b:8c:20:3d:3a:ad:33:
59:ec:c0:0f:a2:21:b0:90:3b:dd:f9:bb:2a:41:5b:
9f:f7:1b:ea:b2:6f:82:70:21:35:db:fc:68:60:63:
01:a0:42:2c:f6:aa:4c:d1:b3:91:11:d4:b1:aa:23:
6b:52:69:9a:75:ef:a3:45:90:f3:8f:47:72:b4:e3:
94:99:16:40:18:27:35:44:d5:25:62:dd:40:f6:6d:
1f:84:f8:ef:75:fb:67:62:a6:b8:ce:65:c8:01:9a:
34:a8:4c:33:58:df:94:1d:65:70:19:cc:5a:9f:90:
9b:5e:89:fb:08:28:03:d2:7f:7f:52:4f:5f:71:5b:
26:54:10:54:aa:4e:7d:f7:5f:21:2c:a2:c0:20:63:
da:71:c6:c7:f3:61:7c:e9:79:3e:54:82:c3:28:31:
a4:1a:0b:8d:d4:31:d3:cc:61:74:2a:7f:34:a5:0c:
5c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A9:7F:84:93:FF:C3:01:AD:5A:5A:D7:87:D9:21:46:45:47:49:79
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/356506AA0A1811F0BD0A0167762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.87.0/24
Signature Algorithm: sha256WithRSAEncryption
12:7b:c1:60:21:06:0c:5e:6c:78:72:33:52:8d:c1:49:1f:09:
af:ed:9c:00:c7:8d:25:33:cf:a1:c2:91:8f:ac:ad:94:ba:73:
ff:71:0c:93:54:a9:24:52:66:0f:65:26:fa:b5:bf:67:9f:72:
27:e1:61:c0:f1:2d:32:ec:d5:b2:33:7a:89:8f:1a:b6:66:98:
61:8e:e2:d5:2a:0c:55:47:22:3f:2f:9e:1b:28:ed:f6:cb:55:
d8:79:71:66:88:47:b8:9e:21:a7:ce:f4:af:1c:ea:b3:50:b1:
ab:25:dd:1a:ce:8b:71:e9:05:68:08:26:a9:1e:65:9a:1e:26:
62:60:df:c4:d4:59:85:7d:15:60:d1:8d:64:5e:e0:be:7f:b1:
5a:3d:91:47:1c:38:60:81:47:d8:0a:d0:f3:a3:79:50:c8:d6:
2d:87:7d:e1:98:99:06:0e:86:0d:bd:37:e9:52:80:b4:94:13:
5f:50:c1:d4:fb:0a:d6:c3:89:3d:47:63:e5:f4:8b:c6:95:04:
ac:8b:a4:c0:88:d0:ce:64:7d:6f:cb:08:21:ba:8d:79:e5:b4:
a7:9d:6c:8a:34:aa:81:c5:15:71:2a:75:53:7c:d7:51:9a:c4:
03:a0:b4:08:03:85:6e:60:71:e2:bf:00:d5:22:7e:0a:12:bd:
bf:27:8b:18
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXZdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI2MDc1OTEwWhcNMjUwNjAzMDc1OTEwWjAYMRYw
FAYDVQQDEw02N2UzYjNkMi00MzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo37Hg1okIGk0sBd/0w9fCGgBBVUMssFtBLZ9m1tfA716s77Qgibkf1sA
MGnPG7B1c3vPq2ZFFtVpRuM5qof+j2NyoVLAWS+TodEDlrVxk3CYS1uMID06rTNZ
7MAPoiGwkDvd+bsqQVuf9xvqsm+CcCE12/xoYGMBoEIs9qpM0bOREdSxqiNrUmma
de+jRZDzj0dytOOUmRZAGCc1RNUlYt1A9m0fhPjvdftnYqa4zmXIAZo0qEwzWN+U
HWVwGcxan5CbXon7CCgD0n9/Uk9fcVsmVBBUqk59918hLKLAIGPaccbH82F86Xk+
VILDKDGkGguN1DHTzGF0Kn80pQxcOwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHep
f4ST/8MBrVpa14fZIUZFR0l5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNTY1MDZBQTBBMTgxMUYwQkQwQTAxNjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml1XMA0GCSqGSIb3DQEB
CwUAA4IBAQASe8FgIQYMXmx4cjNSjcFJHwmv7ZwAx40lM8+hwpGPrK2UunP/cQyT
VKkkUmYPZSb6tb9nn3In4WHA8S0y7NWyM3qJjxq2ZphhjuLVKgxVRyI/L54bKO32
y1XYeXFmiEe4niGnzvSvHOqzULGrJd0azotx6QVoCCapHmWaHiZiYN/E1FmFfRVg
0Y1kXuC+f7FaPZFHHDhggUfYCtDzo3lQyNYth33hmJkGDoYNvTfpUoC0lBNfUMHU
+wrWw4k9R2Pl9IvGlQSsi6TAiNDOZH1vywghuo155bSnnWyKNKqBxRVxKnVTfNdR
msQDoLQIA4VuYHHivwDVIn4KEr2/J4sY
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:47 2025 by rpki-client