Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A1B888CC92B11EF87B5544D762E951A.roa
File: 3A1B888CC92B11EF87B5544D762E951A.roa (raw, json)
Hash identifier: q006kJceogpHMK9NlnW+9erHBiYm4VjHIyYTs9WqfFw=
Subject key identifier: 4B:25:B0:31:C3:00:74:CA:03:29:74:57:96:F5:C1:29:DC:24:A5:3A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01337D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A1B888CC92B11EF87B5544D762E951A.roa
Signing time: Thu 02 Jan 2025 17:01:37 +0000
ROA not before: Thu 02 Jan 2025 17:01:33 +0000
ROA not after: Sat 13 Dec 2025 17:01:33 +0000
asID: 984
IP address blocks: 154.222.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78717 (0x1337d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 17:01:33 2025 GMT
Not After : Dec 13 17:01:33 2025 GMT
Subject: CN=6776c671-cb43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:72:7b:fd:bd:87:1f:34:b5:ce:c7:1c:32:7e:
ff:b2:c2:9a:9c:c9:79:50:90:d3:92:3c:05:c8:38:
1e:58:cd:6f:9e:00:dd:ae:f7:47:17:ba:f1:27:ef:
89:88:56:3e:40:56:7a:52:76:4a:8b:9f:c9:66:89:
56:a1:c9:63:30:07:e0:a6:53:17:17:53:f3:d5:8f:
a7:17:9d:75:c7:af:0f:4f:9d:ae:89:2c:fb:0e:df:
b5:6c:24:63:c8:53:cd:af:a8:2c:85:14:5c:5d:43:
17:57:1a:5b:e0:cf:ff:88:0b:32:6c:4d:1c:59:7c:
22:0e:1e:1b:69:69:48:9e:08:63:d8:be:56:c5:8b:
61:12:eb:1f:d1:cb:d6:8c:cd:d7:1c:91:e2:5a:14:
5f:70:a6:ff:05:03:3f:83:ca:7f:cc:7d:72:16:61:
7d:ed:a5:20:5d:65:3d:b4:47:06:25:a8:a9:88:34:
2e:47:d8:96:1e:51:63:f7:a3:c1:b5:fd:cd:3e:8f:
82:18:f2:63:ca:ef:4c:13:d4:ab:39:2f:fc:fc:87:
b9:6c:cc:af:36:52:5b:d7:2c:5b:a8:d2:07:7c:49:
56:5d:66:3c:0a:00:27:93:ce:0b:90:b1:2b:34:d3:
e4:fc:58:0c:2c:5d:1a:7b:47:78:88:fc:18:2c:fc:
25:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:25:B0:31:C3:00:74:CA:03:29:74:57:96:F5:C1:29:DC:24:A5:3A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A1B888CC92B11EF87B5544D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.138.0/24
Signature Algorithm: sha256WithRSAEncryption
05:a7:3b:f6:73:94:5d:82:32:1a:9d:b0:8e:53:f1:71:13:ad:
9b:ba:b4:ea:88:46:c0:68:9a:f2:8c:53:c5:84:3a:8e:41:cc:
7d:36:e0:5d:d6:64:fc:b6:af:14:a9:13:8d:42:ce:9a:d3:79:
2b:7e:08:fe:ba:6b:de:73:ab:9b:8b:ad:f6:6e:cb:af:54:68:
a3:78:51:ff:72:05:c2:4e:3e:a7:f6:e6:d4:2e:2e:b9:32:55:
68:a8:27:bc:a6:63:7a:d0:4b:47:ae:ff:e4:6d:b7:d3:2b:5e:
72:99:09:eb:b2:65:9e:39:c7:76:76:06:b8:8e:5f:da:f9:74:
33:2d:f8:c7:8c:5e:0e:83:67:7b:1e:8b:a5:ea:26:28:4a:f2:
93:9a:35:c7:55:a2:d2:de:c4:5d:64:81:03:8b:bd:4e:14:f7:
e5:ab:b6:5b:87:dd:ad:97:e2:29:ed:52:a3:d7:f6:65:e8:88:
44:49:dd:19:78:87:04:d2:95:be:d0:8b:a1:c1:d3:07:2a:e8:
ed:bd:95:35:87:ee:bd:5d:57:87:dd:ff:26:ad:38:0e:c2:3d:
ad:ad:03:46:33:82:d9:e1:a6:36:9f:37:a0:b6:b4:da:6b:ed:
e2:a6:0b:b5:fd:4c:c0:7c:d6:de:3f:5c:64:7a:1c:83:d8:28:
c8:db:8d:71
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATN9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTcwMTMzWhcNMjUxMjEzMTcwMTMzWjAYMRYw
FAYDVQQDEw02Nzc2YzY3MS1jYjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtXJ7/b2HHzS1zsccMn7/ssKanMl5UJDTkjwFyDgeWM1vngDdrvdHF7rx
J++JiFY+QFZ6UnZKi5/JZolWocljMAfgplMXF1Pz1Y+nF511x68PT52uiSz7Dt+1
bCRjyFPNr6gshRRcXUMXVxpb4M//iAsybE0cWXwiDh4baWlInghj2L5WxYthEusf
0cvWjM3XHJHiWhRfcKb/BQM/g8p/zH1yFmF97aUgXWU9tEcGJaipiDQuR9iWHlFj
96PBtf3NPo+CGPJjyu9ME9SrOS/8/Ie5bMyvNlJb1yxbqNIHfElWXWY8CgAnk84L
kLErNNPk/FgMLF0ae0d4iPwYLPwlKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEsl
sDHDAHTKAyl0V5b1wSncJKU6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTFCODg4Q0M5MkIxMUVGODdCNTU0NEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6KMA0GCSqGSIb3DQEB
CwUAA4IBAQAFpzv2c5RdgjIanbCOU/FxE62burTqiEbAaJryjFPFhDqOQcx9NuBd
1mT8tq8UqRONQs6a03krfgj+umvec6ubi632bsuvVGijeFH/cgXCTj6n9ubULi65
MlVoqCe8pmN60EtHrv/kbbfTK15ymQnrsmWeOcd2dga4jl/a+XQzLfjHjF4Og2d7
Houl6iYoSvKTmjXHVaLS3sRdZIEDi71OFPflq7Zbh92tl+Ip7VKj1/Zl6IhESd0Z
eIcE0pW+0IuhwdMHKujtvZU1h+69XVeH3f8mrTgOwj2trQNGM4LZ4aY2nzegtrTa
a+3ipgu1/UzAfNbeP1xkehyD2CjI241x
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:01:31 2025 by rpki-client