Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/378A0FFAC8BB11EF94BBC091762E951A.roa
File: 378A0FFAC8BB11EF94BBC091762E951A.roa (raw, json)
Hash identifier: /ysoOWAjnJuK1O1eKylTymaC9FqnXhgSKx4qhWn6dB8=
Subject key identifier: 70:F3:31:5B:EC:C8:2F:19:7D:46:26:A9:F6:37:2F:EB:F9:13:84:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0131D0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/378A0FFAC8BB11EF94BBC091762E951A.roa
Signing time: Thu 02 Jan 2025 03:39:49 +0000
ROA not before: Thu 02 Jan 2025 03:39:45 +0000
ROA not after: Mon 13 Dec 2027 03:39:45 +0000
asID: 17561
IP address blocks: 154.221.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78288 (0x131d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 03:39:45 2025 GMT
Not After : Dec 13 03:39:45 2027 GMT
Subject: CN=67760a85-2def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0e:fc:6f:db:ac:b7:4c:f2:06:99:ee:e3:af:
4f:81:70:b9:c5:db:ac:c1:5e:a8:ea:08:75:c7:fd:
fd:c0:91:48:a6:82:ef:68:c8:ff:81:a6:5d:82:3e:
5f:3e:5a:09:7f:21:29:e6:08:a6:f0:54:f7:91:86:
52:c2:08:4d:f3:5c:d6:3f:0b:7e:c3:46:93:11:a6:
b2:57:3e:88:3a:56:d9:20:a0:18:8a:f9:38:17:11:
86:15:12:f5:fe:ea:28:54:8c:8f:fd:9e:9a:bf:30:
40:98:4d:9d:ac:b7:f3:7c:59:26:8c:51:e7:7f:b5:
bb:d0:8c:2d:e0:aa:70:6b:20:9e:04:72:85:8b:02:
40:05:b7:ad:d9:89:df:72:4a:d3:bd:f0:21:f6:80:
bd:82:ae:cd:11:1b:ac:83:3b:ac:7d:22:1d:fd:3d:
bf:3b:86:ff:11:9a:5b:e6:10:a6:36:53:07:f8:a2:
88:3b:a1:0f:aa:88:2b:4a:3e:ce:ab:5e:9b:d6:bb:
65:05:99:8f:aa:cb:c7:8d:79:84:67:77:ba:fe:bb:
44:cc:1c:3c:83:8a:9c:88:80:fe:89:15:aa:3a:66:
81:0a:63:6a:cc:78:a5:b8:12:87:a6:ac:10:e2:8e:
a5:39:11:c9:09:d2:14:23:44:be:cb:d9:5b:42:ee:
a5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F3:31:5B:EC:C8:2F:19:7D:46:26:A9:F6:37:2F:EB:F9:13:84:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/378A0FFAC8BB11EF94BBC091762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.40.0/24
Signature Algorithm: sha256WithRSAEncryption
97:b9:e1:3f:3a:e6:c6:7e:1f:c5:c6:d3:b5:9b:9f:6f:98:01:
ae:99:7a:57:40:0c:6b:d1:eb:02:ac:ff:0c:55:6c:8b:19:00:
82:32:97:f1:88:c2:bf:79:43:91:3d:3e:31:30:a1:44:2f:c9:
0f:79:0d:7d:49:1f:b8:67:39:72:c0:e2:09:a3:c5:90:f6:3a:
a9:df:26:01:67:ef:52:7c:c6:a6:11:d2:fe:ba:ed:99:dc:8f:
2d:18:05:67:f7:10:64:81:5b:13:e9:2c:43:48:00:e7:e8:5c:
d6:8c:86:82:00:d6:98:f0:4f:a8:2e:60:72:83:84:b6:a6:7d:
39:0b:f5:0d:6c:c0:7a:b2:37:ed:61:a1:56:03:bc:49:83:af:
4d:95:c6:4f:46:0a:92:2f:37:ab:84:39:42:dd:7a:61:2c:30:
80:f4:c9:11:9a:f8:a3:b6:c5:3c:ac:34:21:f1:d4:ba:cf:71:
bb:56:d5:b8:b5:88:75:c7:3c:35:ae:19:61:ac:a5:36:e0:fb:
54:9b:59:a7:25:fc:c5:71:42:e6:d2:dd:f9:d0:33:49:cd:12:
44:b7:15:6d:bf:69:56:02:0b:62:60:a0:f9:25:27:8b:70:b9:
2f:ed:27:93:8b:af:a2:cc:67:14:9f:97:e1:7c:48:5a:c7:5e:
65:9b:08:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATHQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDMzOTQ1WhcNMjcxMjEzMDMzOTQ1WjAYMRYw
FAYDVQQDEw02Nzc2MGE4NS0yZGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzw78b9ust0zyBpnu469PgXC5xduswV6o6gh1x/39wJFIpoLvaMj/gaZd
gj5fPloJfyEp5gim8FT3kYZSwghN81zWPwt+w0aTEaayVz6IOlbZIKAYivk4FxGG
FRL1/uooVIyP/Z6avzBAmE2drLfzfFkmjFHnf7W70Iwt4KpwayCeBHKFiwJABbet
2YnfckrTvfAh9oC9gq7NERusgzusfSId/T2/O4b/EZpb5hCmNlMH+KKIO6EPqogr
Sj7Oq16b1rtlBZmPqsvHjXmEZ3e6/rtEzBw8g4qciID+iRWqOmaBCmNqzHiluBKH
pqwQ4o6lORHJCdIUI0S+y9lbQu6lxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHDz
MVvsyC8ZfUYmqfY3L+v5E4RBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNzhBMEZGQUM4QkIxMUVGOTRCQkMwOTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt0oMA0GCSqGSIb3DQEB
CwUAA4IBAQCXueE/OubGfh/FxtO1m59vmAGumXpXQAxr0esCrP8MVWyLGQCCMpfx
iMK/eUORPT4xMKFEL8kPeQ19SR+4ZzlywOIJo8WQ9jqp3yYBZ+9SfMamEdL+uu2Z
3I8tGAVn9xBkgVsT6SxDSADn6FzWjIaCANaY8E+oLmByg4S2pn05C/UNbMB6sjft
YaFWA7xJg69NlcZPRgqSLzerhDlC3XphLDCA9MkRmvijtsU8rDQh8dS6z3G7VtW4
tYh1xzw1rhlhrKU24PtUm1mnJfzFcULm0t350DNJzRJEtxVtv2lWAgtiYKD5JSeL
cLkv7SeTi6+izGcUn5fhfEhax15lmwhu
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:12 2025 by rpki-client