Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B457276F61311EF97CE6E56762E951A.roa
File: 3B457276F61311EF97CE6E56762E951A.roa (raw, json)
Hash identifier: eJZgLFmFj2AeJ9E5nbYHwrg+al7kwl8uMEy4YjMvoTY=
Subject key identifier: A0:3F:1B:63:19:DA:F7:C6:C4:14:59:03:15:0E:E8:ED:B9:02:3A:C4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016BFD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B457276F61311EF97CE6E56762E951A.roa
Signing time: Fri 28 Feb 2025 20:33:13 +0000
ROA not before: Fri 28 Feb 2025 20:33:10 +0000
ROA not after: Sun 13 Apr 2025 20:33:10 +0000
asID: 138915
IP address blocks: 154.206.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93181 (0x16bfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 20:33:10 2025 GMT
Not After : Apr 13 20:33:10 2025 GMT
Subject: CN=67c21d89-1657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a4:ff:95:f0:e3:63:86:4b:c6:f3:a9:7c:f3:
3f:7a:b9:72:50:d9:7c:ca:6d:72:df:fd:c8:28:b3:
a2:c4:f4:94:9a:1f:83:00:13:d8:2e:26:4c:94:38:
d6:32:96:48:0d:61:99:bd:e3:64:31:c0:a7:2f:c8:
75:fa:7d:ff:80:7a:b4:5c:62:a8:ab:42:12:bf:8f:
16:0a:90:12:c4:03:53:10:3b:32:fe:88:6e:d9:9e:
2d:b2:a3:5c:f1:91:bd:af:cb:a4:c7:09:e0:3e:65:
3b:4c:2a:d3:f3:b5:5e:f4:63:5f:10:0b:f4:46:1c:
cc:42:7c:0f:43:29:21:6b:f6:64:0f:ac:21:e9:22:
7a:df:2d:2c:5a:53:8f:a5:e9:25:10:73:58:d4:f3:
30:8a:5d:65:56:62:ef:6e:19:ae:d3:c1:ef:90:d6:
3d:a8:19:fe:e3:c4:1c:68:36:9a:e2:ca:93:b7:d6:
8e:0d:77:5e:d8:08:9d:8b:76:c1:98:79:47:c0:59:
03:34:2e:24:b2:c2:ba:e7:70:4d:af:38:59:26:85:
9c:2d:05:9f:45:79:73:c7:81:07:01:98:2c:3d:76:
41:78:5c:77:f5:41:2e:a6:3e:5a:d2:12:fe:2b:ef:
0c:4f:75:71:cd:f3:e0:e1:4a:96:e6:ab:d2:92:72:
10:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3F:1B:63:19:DA:F7:C6:C4:14:59:03:15:0E:E8:ED:B9:02:3A:C4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B457276F61311EF97CE6E56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.94.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:47:b2:40:77:73:aa:75:4f:dd:40:d9:65:c0:1a:d2:ab:1c:
93:cf:ba:7c:30:df:6b:36:75:3e:c5:fd:f2:c9:b1:7d:1a:cb:
23:98:14:9b:b5:b0:17:d8:d7:5b:51:d0:d9:e2:03:72:a7:ca:
3b:22:4d:97:62:e8:93:c5:64:8e:45:03:d9:8f:8e:99:13:34:
22:40:5a:78:9d:83:08:62:24:38:29:8b:fb:56:1e:95:f9:8b:
59:e4:59:5e:2f:13:5f:46:53:d9:59:9f:dc:a3:04:51:1f:96:
4f:24:14:48:a3:2a:19:f5:89:e6:3b:75:10:20:52:c0:89:57:
48:85:70:d3:bb:42:04:fd:e7:8c:82:3a:4b:5f:2d:a3:fd:86:
4c:a1:b9:d5:3f:cb:5b:57:ef:ab:69:c2:c8:50:3b:47:39:ab:
c3:3d:c5:fa:e7:7c:43:8f:70:6d:51:cc:e6:24:85:cb:d9:00:
cc:c1:6d:67:e7:1b:5e:39:b3:a2:70:34:fe:52:45:d5:7b:16:
20:8b:9c:79:e3:bc:2c:53:e0:7e:43:cd:21:0a:9d:6d:00:cd:
f3:72:60:d2:0b:ce:8c:01:fe:a1:88:88:a2:6b:15:04:7b:02:
59:2f:71:69:29:c7:01:ba:25:b7:c1:72:2e:44:1c:ce:65:a4:
8a:34:f8:a9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWv9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjAzMzEwWhcNMjUwNDEzMjAzMzEwWjAYMRYw
FAYDVQQDEw02N2MyMWQ4OS0xNjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz6T/lfDjY4ZLxvOpfPM/erlyUNl8ym1y3/3IKLOixPSUmh+DABPYLiZM
lDjWMpZIDWGZveNkMcCnL8h1+n3/gHq0XGKoq0ISv48WCpASxANTEDsy/ohu2Z4t
sqNc8ZG9r8ukxwngPmU7TCrT87Ve9GNfEAv0RhzMQnwPQykha/ZkD6wh6SJ63y0s
WlOPpeklEHNY1PMwil1lVmLvbhmu08HvkNY9qBn+48QcaDaa4sqTt9aODXde2Aid
i3bBmHlHwFkDNC4kssK653BNrzhZJoWcLQWfRXlzx4EHAZgsPXZBeFx39UEupj5a
0hL+K+8MT3VxzfPg4UqW5qvSknIQ4wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKA/
G2MZ2vfGxBRZAxUO6O25AjrEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQjQ1NzI3NkY2MTMxMUVGOTdDRTZFNTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms5eMA0GCSqGSIb3DQEB
CwUAA4IBAQAuR7JAd3OqdU/dQNllwBrSqxyTz7p8MN9rNnU+xf3yybF9GssjmBSb
tbAX2NdbUdDZ4gNyp8o7Ik2XYuiTxWSORQPZj46ZEzQiQFp4nYMIYiQ4KYv7Vh6V
+YtZ5FleLxNfRlPZWZ/cowRRH5ZPJBRIoyoZ9YnmO3UQIFLAiVdIhXDTu0IE/eeM
gjpLXy2j/YZMobnVP8tbV++racLIUDtHOavDPcX653xDj3BtUczmJIXL2QDMwW1n
5xteObOicDT+UkXVexYgi5x547wsU+B+Q80hCp1tAM3zcmDSC86MAf6hiIiiaxUE
ewJZL3FpKccBuiW3wXIuRBzOZaSKNPip
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:46 2025 by rpki-client