Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35E956E6F45911EF8C07B576762E951A.roa
File: 35E956E6F45911EF8C07B576762E951A.roa (raw, json)
Hash identifier: Ryg5usUy+BEPIqHrsF1Zh8ldIrDFfj3zlxqhGNXiKuE=
Subject key identifier: 67:9A:50:A2:0E:80:EF:21:B5:DE:01:C6:AE:E3:FC:FC:2B:6E:D2:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0164F2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35E956E6F45911EF8C07B576762E951A.roa
Signing time: Wed 26 Feb 2025 15:49:07 +0000
ROA not before: Wed 26 Feb 2025 15:49:01 +0000
ROA not after: Thu 19 Feb 2026 15:49:01 +0000
asID: 984
IP address blocks: 154.210.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91378 (0x164f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 15:49:01 2025 GMT
Not After : Feb 19 15:49:01 2026 GMT
Subject: CN=67bf37f3-5d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:68:2a:61:1f:d2:a8:3c:d2:aa:46:06:23:9d:
69:72:b7:ab:03:02:91:91:da:0d:e7:c8:b5:3e:cf:
0d:99:3a:be:67:33:ac:4b:42:6e:ea:b8:aa:2e:df:
85:13:3f:e6:97:5d:f3:50:00:e2:40:f3:c2:d6:de:
3a:86:76:74:78:11:cb:9c:4b:22:61:01:3b:d7:c8:
da:2e:56:5b:40:06:d4:7f:38:9a:44:0d:d6:9c:84:
84:47:f9:3e:e2:0a:bf:80:b4:02:d0:fd:f5:5e:8d:
9c:94:5c:57:75:31:7a:38:b7:3e:3a:13:a0:ef:fc:
48:f4:ca:02:20:ef:97:40:5a:34:28:c8:a0:c5:2c:
7d:6b:ee:4c:23:af:16:1e:78:a0:29:a9:b0:da:6d:
d9:cc:40:0b:4a:e1:7b:38:3d:65:29:29:56:96:91:
b1:fa:a0:5b:37:44:72:9e:71:53:19:12:fe:ae:0b:
33:00:3a:4f:db:79:b5:a5:41:32:42:5c:ac:0d:57:
b1:51:ea:41:93:68:50:91:56:3a:b7:e5:1c:95:d7:
5c:e3:76:11:2e:04:ca:30:51:35:8b:95:ca:e0:b8:
61:33:98:8a:13:c3:7a:48:f7:a8:fa:5f:5f:34:f4:
27:26:44:b1:59:45:54:d7:a0:25:aa:34:df:89:93:
23:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9A:50:A2:0E:80:EF:21:B5:DE:01:C6:AE:E3:FC:FC:2B:6E:D2:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35E956E6F45911EF8C07B576762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.102.0/24
Signature Algorithm: sha256WithRSAEncryption
48:59:cf:bf:e2:49:3b:7c:f6:39:a7:ee:f2:e1:c0:f3:85:34:
6c:cf:24:6b:16:ed:e5:cb:80:b0:45:2f:a1:d5:a4:3e:83:3e:
f0:34:81:9a:cd:f6:eb:0c:a7:e8:0d:8c:eb:99:f3:f6:71:f2:
dc:56:3f:0d:1c:f8:e3:96:58:58:99:d4:aa:ef:9e:97:72:42:
d5:84:f0:de:64:81:c8:79:2e:2d:e5:cd:21:a5:99:d5:86:ec:
27:56:86:0a:30:6f:72:ac:28:7f:4e:9d:27:bf:17:b4:5c:f2:
82:a5:00:e7:36:d9:d3:ef:8e:56:4f:68:72:ae:f0:c1:6c:59:
0a:bf:f4:97:fd:97:46:04:83:26:51:a9:58:ea:52:22:8c:7e:
3c:bd:af:50:36:a4:d7:1e:eb:a8:80:a0:ef:4b:c6:f4:e9:37:
4b:bd:d0:ae:00:a3:88:2a:9d:55:e5:25:10:ed:27:99:1d:e9:
77:5d:31:75:a3:ea:a2:75:3d:65:d1:19:18:f4:38:4d:27:e0:
dc:82:3e:81:c0:b1:f1:2f:ed:66:ac:b8:18:45:a2:c0:3c:fd:
26:b6:f0:64:3c:0f:1f:ff:91:ed:ad:ca:31:b3:38:bb:4e:20:
6d:f6:bf:25:c2:59:4d:a5:6e:62:55:b0:32:e7:d1:77:d8:d6:
a9:07:b0:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWTyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTU0OTAxWhcNMjYwMjE5MTU0OTAxWjAYMRYw
FAYDVQQDEw02N2JmMzdmMy01ZDRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4GgqYR/SqDzSqkYGI51pcrerAwKRkdoN58i1Ps8NmTq+ZzOsS0Ju6riq
Lt+FEz/ml13zUADiQPPC1t46hnZ0eBHLnEsiYQE718jaLlZbQAbUfziaRA3WnISE
R/k+4gq/gLQC0P31Xo2clFxXdTF6OLc+OhOg7/xI9MoCIO+XQFo0KMigxSx9a+5M
I68WHnigKamw2m3ZzEALSuF7OD1lKSlWlpGx+qBbN0RynnFTGRL+rgszADpP23m1
pUEyQlysDVexUepBk2hQkVY6t+Uclddc43YRLgTKMFE1i5XK4LhhM5iKE8N6SPeo
+l9fNPQnJkSxWUVU16AlqjTfiZMjewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGea
UKIOgO8htd4Bxq7j/PwrbtK7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNUU5NTZFNkY0NTkxMUVGOEMwN0I1NzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJmMA0GCSqGSIb3DQEB
CwUAA4IBAQBIWc+/4kk7fPY5p+7y4cDzhTRszyRrFu3ly4CwRS+h1aQ+gz7wNIGa
zfbrDKfoDYzrmfP2cfLcVj8NHPjjllhYmdSq756XckLVhPDeZIHIeS4t5c0hpZnV
huwnVoYKMG9yrCh/Tp0nvxe0XPKCpQDnNtnT745WT2hyrvDBbFkKv/SX/ZdGBIMm
UalY6lIijH48va9QNqTXHuuogKDvS8b06TdLvdCuAKOIKp1V5SUQ7SeZHel3XTF1
o+qidT1l0RkY9DhNJ+Dcgj6BwLHxL+1mrLgYRaLAPP0mtvBkPA8f/5Htrcoxszi7
TiBt9r8lwllNpW5iVbAy59F32NapB7Bv
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:15 2025 by rpki-client