Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/39990346F47111EFBA83069C762E951A.roa
File: 39990346F47111EFBA83069C762E951A.roa (raw, json)
Hash identifier: jru/ArQOXIf60K+wVKy2EV2/tXu+tk33SaT+oXmKAUQ=
Subject key identifier: A4:E5:4E:9E:C9:FD:A7:3B:E1:FF:3A:1F:29:92:CF:A2:2D:C6:C3:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016566
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/39990346F47111EFBA83069C762E951A.roa
Signing time: Wed 26 Feb 2025 18:41:01 +0000
ROA not before: Wed 26 Feb 2025 18:40:57 +0000
ROA not after: Sat 19 Feb 2028 18:40:57 +0000
asID: 17561
IP address blocks: 154.218.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91494 (0x16566)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 18:40:57 2025 GMT
Not After : Feb 19 18:40:57 2028 GMT
Subject: CN=67bf603d-3f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6e:37:21:29:11:bc:3d:b2:9a:78:4d:4c:c4:
6a:f2:b5:f5:23:bd:76:4e:d6:3a:71:33:a6:64:87:
97:7d:6e:22:b6:d6:95:b3:26:6e:b0:e4:52:ba:9d:
1d:00:c6:82:ed:61:ae:e0:13:5d:5d:79:f5:a1:3a:
16:2a:23:bc:7e:c5:8a:d7:bc:db:b7:6a:6d:a4:d7:
4a:1c:48:75:df:cc:b7:ff:7a:03:c5:35:89:6e:ed:
26:ca:0f:9b:ad:6d:da:f1:57:81:6d:5e:ca:dd:18:
46:27:2a:2f:31:01:9b:d1:51:7e:11:7a:d0:e3:cf:
eb:79:20:a7:45:88:77:94:b1:a4:23:ca:c6:06:79:
1e:5b:d4:91:d3:72:19:49:a5:e2:e3:d7:e9:7a:1c:
ca:36:f5:4d:44:9d:39:31:5c:0e:12:e5:a0:07:eb:
9c:0b:c4:3c:66:be:5d:2d:16:5f:b4:d2:ae:32:7f:
44:00:52:33:56:7b:e5:c7:26:20:ab:fd:6b:e8:9d:
57:59:e8:28:30:78:fa:cb:00:19:ab:2f:7c:57:2c:
39:45:bd:bd:10:cd:85:5e:e9:d0:fd:fe:bc:9f:16:
99:3e:e0:85:75:35:42:9f:3e:a9:be:4f:91:d5:11:
9f:36:ad:36:7d:e5:8a:07:9b:01:21:0e:5d:ca:63:
bb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E5:4E:9E:C9:FD:A7:3B:E1:FF:3A:1F:29:92:CF:A2:2D:C6:C3:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/39990346F47111EFBA83069C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.9.0/24
Signature Algorithm: sha256WithRSAEncryption
66:56:c0:77:a3:63:54:9e:5c:85:4b:f3:90:0f:58:c1:1e:d6:
29:be:0e:03:20:0e:64:f4:00:ee:bf:db:05:57:48:94:4d:ca:
35:a2:aa:15:90:13:10:d8:7a:b7:94:37:12:40:60:52:45:57:
f9:87:a6:42:ae:1a:c3:52:26:0d:ea:52:e2:63:c7:53:2c:9f:
b8:8f:0b:84:32:18:18:79:05:1b:85:3a:0f:b9:b8:9e:53:98:
6a:96:15:e4:88:e0:8f:7e:f7:7f:fa:28:63:59:38:50:ab:f2:
e6:19:13:0c:99:28:d3:bb:21:77:c9:ca:22:2b:f3:09:e9:fc:
90:59:9c:08:d8:54:e7:29:c0:c8:25:d5:6d:53:0f:9b:b7:8b:
f0:8a:d3:e7:3f:ec:0d:09:92:3b:58:34:ab:70:22:3d:b5:1b:
42:fe:36:5a:da:96:f3:e2:25:9e:77:25:41:5f:20:a6:1e:71:
78:01:d3:03:00:52:85:e0:e5:cd:ae:b3:4b:f5:b8:a5:13:d4:
e5:e1:ba:de:a1:8a:1f:fe:97:2b:c5:89:44:6d:59:77:94:0f:
43:07:3c:e4:ef:3f:52:1a:71:ef:bc:e1:b5:d5:b3:db:82:10:
d1:d6:a8:b0:6c:02:99:40:34:d8:c2:44:05:dd:ed:32:d9:ba:
de:09:85:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWVmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTg0MDU3WhcNMjgwMjE5MTg0MDU3WjAYMRYw
FAYDVQQDEw02N2JmNjAzZC0zZjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmm43ISkRvD2ymnhNTMRq8rX1I712TtY6cTOmZIeXfW4ittaVsyZusORS
up0dAMaC7WGu4BNdXXn1oToWKiO8fsWK17zbt2ptpNdKHEh138y3/3oDxTWJbu0m
yg+brW3a8VeBbV7K3RhGJyovMQGb0VF+EXrQ48/reSCnRYh3lLGkI8rGBnkeW9SR
03IZSaXi49fpehzKNvVNRJ05MVwOEuWgB+ucC8Q8Zr5dLRZftNKuMn9EAFIzVnvl
xyYgq/1r6J1XWegoMHj6ywAZqy98Vyw5Rb29EM2FXunQ/f68nxaZPuCFdTVCnz6p
vk+R1RGfNq02feWKB5sBIQ5dymO7OQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKTl
Tp7J/ac74f86HymSz6ItxsNWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOTk5MDM0NkY0NzExMUVGQkE4MzA2OUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtoJMA0GCSqGSIb3DQEB
CwUAA4IBAQBmVsB3o2NUnlyFS/OQD1jBHtYpvg4DIA5k9ADuv9sFV0iUTco1oqoV
kBMQ2Hq3lDcSQGBSRVf5h6ZCrhrDUiYN6lLiY8dTLJ+4jwuEMhgYeQUbhToPubie
U5hqlhXkiOCPfvd/+ihjWThQq/LmGRMMmSjTuyF3ycoiK/MJ6fyQWZwI2FTnKcDI
JdVtUw+bt4vwitPnP+wNCZI7WDSrcCI9tRtC/jZa2pbz4iWedyVBXyCmHnF4AdMD
AFKF4OXNrrNL9bilE9Tl4breoYof/pcrxYlEbVl3lA9DBzzk7z9SGnHvvOG11bPb
ghDR1qiwbAKZQDTYwkQF3e0y2breCYWj
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:40 2025 by rpki-client