Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/373DB142F44311EF8787A25C762E951A.roa
File: 373DB142F44311EF8787A25C762E951A.roa (raw, json)
Hash identifier: MyRC8UqcCG1g7W8sdKc8GPT8TZttG+ssHB8hGnhZ9c8=
Subject key identifier: 70:36:23:98:87:45:6D:CC:0F:51:C3:59:57:9E:00:5C:14:72:CE:F6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016393
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/373DB142F44311EF8787A25C762E951A.roa
Signing time: Wed 26 Feb 2025 13:11:40 +0000
ROA not before: Wed 26 Feb 2025 13:11:36 +0000
ROA not after: Fri 20 Feb 2026 13:11:36 +0000
asID: 984
IP address blocks: 154.83.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91027 (0x16393)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 13:11:36 2025 GMT
Not After : Feb 20 13:11:36 2026 GMT
Subject: CN=67bf130c-f513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c4:b8:1a:26:43:37:b9:d8:a5:4b:f4:e3:8d:
1f:d6:37:39:e6:8c:f7:ba:b7:45:05:e6:41:4b:c2:
72:a4:4c:03:b8:f4:a2:a8:4f:f7:b0:f3:6c:86:e4:
01:f2:e5:7d:a3:68:97:3d:95:d0:9e:af:0b:59:2b:
8d:fb:de:bf:eb:71:5a:b9:f1:fb:85:6e:f4:3e:73:
ab:d8:32:46:f4:bd:7f:b1:08:23:70:dc:d3:5a:ab:
f9:33:3b:65:1d:45:30:c4:e2:cf:72:88:24:77:f1:
72:a4:0d:b8:5c:71:72:f8:76:4a:79:0e:5e:bc:87:
97:c8:8d:4a:80:27:a4:ff:61:bc:ee:cc:a4:70:95:
71:d2:2b:40:75:73:20:96:95:57:17:e1:a2:ba:f5:
7c:0b:69:28:03:02:dd:49:cf:eb:c0:99:f2:56:94:
bf:ef:ed:1b:e9:a9:69:30:15:d4:ba:f6:af:0d:36:
4b:f1:0c:f6:02:50:7a:d3:ed:22:80:1f:95:10:99:
84:c6:6e:fc:00:f0:4f:cc:c4:44:b8:9b:4e:da:ca:
fe:e2:cc:c5:26:2a:86:49:4f:5e:7f:c5:0e:23:a8:
4e:07:55:1f:ec:c7:5c:e3:81:05:75:6a:bb:62:da:
c8:e2:2d:c2:fa:30:57:fa:e1:af:26:8a:43:d1:42:
52:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:36:23:98:87:45:6D:CC:0F:51:C3:59:57:9E:00:5C:14:72:CE:F6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/373DB142F44311EF8787A25C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.164.0/24
Signature Algorithm: sha256WithRSAEncryption
49:74:b5:c8:9d:5e:cc:85:d2:5f:0e:7e:73:47:59:77:8b:c4:
51:4e:30:02:c9:be:a7:e0:6e:ef:20:7d:5b:57:14:7b:dd:91:
0e:a8:95:67:c2:ee:0d:b3:b8:ed:71:d7:87:35:04:51:c9:9c:
c9:d1:02:75:32:42:35:aa:52:96:94:d1:32:86:64:f9:66:b7:
37:de:05:00:d1:1f:f2:6c:14:e8:f3:de:18:60:ba:49:9d:90:
00:7f:fb:60:99:71:25:1f:da:12:ad:30:eb:28:10:95:cd:6d:
24:f2:f1:6e:22:f5:11:12:41:99:69:69:44:6b:f7:a8:5b:6f:
62:a3:0c:d6:14:36:18:8a:6c:95:e6:97:05:c5:c4:16:80:47:
5c:4b:33:31:a9:92:c5:39:d3:ad:a5:c2:30:05:83:8f:68:4d:
7b:7f:ec:b2:10:08:77:02:bf:b2:55:75:1e:2b:e6:bb:7e:94:
83:d7:f2:31:22:70:3a:57:e4:22:a7:f6:ab:69:13:99:6a:c5:
60:77:2a:31:6b:f4:ac:fc:6a:28:2b:b3:4d:d8:d0:2f:cc:d9:
fb:e4:be:f1:1d:27:45:41:c9:ba:32:4c:59:f7:1b:b0:91:be:
a2:b7:7d:31:06:c7:d4:99:0a:83:e1:a7:51:e2:14:da:22:46:
47:bd:a0:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWOTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTMxMTM2WhcNMjYwMjIwMTMxMTM2WjAYMRYw
FAYDVQQDEw02N2JmMTMwYy1mNTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0MS4GiZDN7nYpUv0440f1jc55oz3urdFBeZBS8JypEwDuPSiqE/3sPNs
huQB8uV9o2iXPZXQnq8LWSuN+96/63FaufH7hW70PnOr2DJG9L1/sQgjcNzTWqv5
MztlHUUwxOLPcogkd/FypA24XHFy+HZKeQ5evIeXyI1KgCek/2G87sykcJVx0itA
dXMglpVXF+GiuvV8C2koAwLdSc/rwJnyVpS/7+0b6alpMBXUuvavDTZL8Qz2AlB6
0+0igB+VEJmExm78APBPzMREuJtO2sr+4szFJiqGSU9ef8UOI6hOB1Uf7Mdc44EF
dWq7YtrI4i3C+jBX+uGvJopD0UJSgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHA2
I5iHRW3MD1HDWVeeAFwUcs72MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNzNEQjE0MkY0NDMxMUVGODc4N0EyNUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOkMA0GCSqGSIb3DQEB
CwUAA4IBAQBJdLXInV7MhdJfDn5zR1l3i8RRTjACyb6n4G7vIH1bVxR73ZEOqJVn
wu4Ns7jtcdeHNQRRyZzJ0QJ1MkI1qlKWlNEyhmT5Zrc33gUA0R/ybBTo894YYLpJ
nZAAf/tgmXElH9oSrTDrKBCVzW0k8vFuIvUREkGZaWlEa/eoW29iowzWFDYYimyV
5pcFxcQWgEdcSzMxqZLFOdOtpcIwBYOPaE17f+yyEAh3Ar+yVXUeK+a7fpSD1/Ix
InA6V+Qip/araROZasVgdyoxa/Ss/GooK7NN2NAvzNn75L7xHSdFQcm6MkxZ9xuw
kb6it30xBsfUmQqD4adR4hTaIkZHvaDL
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:54 2025 by rpki-client