Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B64D020092E11F0BE210656762E951A.roa
File: 3B64D020092E11F0BE210656762E951A.roa (raw, json)
Hash identifier: ryH1+605dg2vE5zGayYEZhLZ5c0yK1qzz0Cjqgoad8Q=
Subject key identifier: 69:DB:6F:93:09:A2:21:40:35:17:3B:E9:0F:35:AE:82:63:F3:79:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0175DD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B64D020092E11F0BE210656762E951A.roa
Signing time: Tue 25 Mar 2025 04:04:22 +0000
ROA not before: Tue 25 Mar 2025 04:04:18 +0000
ROA not after: Mon 14 Apr 2025 04:04:18 +0000
asID: 139880
IP address blocks: 154.209.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95709 (0x175dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 04:04:18 2025 GMT
Not After : Apr 14 04:04:18 2025 GMT
Subject: CN=67e22b46-935f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0a:bc:82:c0:7f:b3:ef:1c:e9:9d:fa:29:d7:
65:63:42:10:fd:a1:75:14:e8:17:9c:23:5e:66:2d:
54:f2:f5:82:1c:13:38:3e:d9:cc:e4:6b:85:2c:24:
7e:50:f4:c1:8a:d9:18:19:d9:38:7e:e2:4b:91:92:
8c:f6:39:c3:8c:5e:06:9e:6b:78:12:ea:77:fe:f1:
05:79:13:33:e4:3d:e7:0e:02:23:90:ba:d6:f6:8f:
57:09:8a:8d:54:34:d4:04:e9:84:f3:57:8e:9d:4d:
bd:ab:cc:4a:7b:10:b2:5b:15:d6:7b:63:09:14:bf:
a8:96:9c:83:09:b1:f6:40:30:da:b9:ba:fb:87:e8:
55:51:d8:4f:08:d0:87:76:aa:20:a8:79:16:ad:49:
b4:e2:0b:14:e5:0f:89:7f:d2:4d:a6:41:29:94:6e:
3e:d9:2e:3f:d7:5f:e0:c5:86:21:3a:9e:3a:cb:39:
4b:57:fd:8b:98:3d:76:62:de:4d:06:32:bb:87:2b:
d0:3e:7a:9f:65:5a:b6:ca:4e:88:eb:56:1d:af:88:
cd:fd:8e:40:70:2f:b0:22:81:98:2e:2b:03:56:3c:
92:be:1e:b8:c9:3c:d2:e2:67:f2:39:7e:5c:56:39:
b4:ec:28:82:f0:b6:c0:92:e5:9c:11:4d:8e:36:df:
f0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:DB:6F:93:09:A2:21:40:35:17:3B:E9:0F:35:AE:82:63:F3:79:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B64D020092E11F0BE210656762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.160.0/19
Signature Algorithm: sha256WithRSAEncryption
b6:35:95:ea:35:47:47:9e:e2:dc:db:a0:fe:e6:69:e1:99:af:
4f:14:34:6d:34:f1:8c:81:61:15:be:ef:16:e8:6e:71:68:da:
af:ac:bf:f0:7c:6c:bd:8c:d8:2e:f0:af:39:15:f2:56:a8:a4:
f5:45:ef:60:ca:87:2b:6f:d2:d8:33:c9:a5:66:ed:1a:19:26:
af:79:b2:ce:60:4f:28:7a:54:be:15:ca:d9:87:5d:4e:79:67:
8f:64:ae:da:98:ce:e3:4c:3b:d4:07:86:3a:29:bb:af:da:98:
84:85:e5:9a:c2:13:cc:fa:d7:52:a3:3a:24:a2:50:ac:d7:fd:
8b:6d:0b:9c:d4:2b:97:09:1b:24:41:90:a1:c2:94:94:c9:db:
12:be:82:b0:e8:48:cf:3c:fd:08:7c:df:db:5b:2b:52:35:24:
f8:4d:4f:f2:df:78:c4:f4:ad:06:c1:a3:e7:2c:ef:8d:99:ca:
b4:99:f0:6c:b6:18:c7:79:bc:8a:00:b0:5b:c3:a9:67:26:db:
14:ba:94:60:5f:b4:bf:2e:22:d5:35:9e:8b:12:cf:d6:b2:d8:
4b:a3:01:23:33:3d:c0:8e:4e:46:7f:8f:13:95:6a:dd:eb:2c:
a9:31:40:19:ff:aa:5a:cc:26:46:69:11:a9:00:0b:09:98:6b:
44:c9:90:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXXdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MDQwNDE4WhcNMjUwNDE0MDQwNDE4WjAYMRYw
FAYDVQQDEw02N2UyMmI0Ni05MzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqgq8gsB/s+8c6Z36KddlY0IQ/aF1FOgXnCNeZi1U8vWCHBM4PtnM5GuF
LCR+UPTBitkYGdk4fuJLkZKM9jnDjF4Gnmt4Eup3/vEFeRMz5D3nDgIjkLrW9o9X
CYqNVDTUBOmE81eOnU29q8xKexCyWxXWe2MJFL+olpyDCbH2QDDaubr7h+hVUdhP
CNCHdqogqHkWrUm04gsU5Q+Jf9JNpkEplG4+2S4/11/gxYYhOp46yzlLV/2LmD12
Yt5NBjK7hyvQPnqfZVq2yk6I61Ydr4jN/Y5AcC+wIoGYLisDVjySvh64yTzS4mfy
OX5cVjm07CiC8LbAkuWcEU2ONt/wxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGnb
b5MJoiFANRc76Q81roJj83n4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQjY0RDAyMDA5MkUxMUYwQkUyMTA2NTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtGgMA0GCSqGSIb3DQEB
CwUAA4IBAQC2NZXqNUdHnuLc26D+5mnhma9PFDRtNPGMgWEVvu8W6G5xaNqvrL/w
fGy9jNgu8K85FfJWqKT1Re9gyocrb9LYM8mlZu0aGSavebLOYE8oelS+FcrZh11O
eWePZK7amM7jTDvUB4Y6Kbuv2piEheWawhPM+tdSozokolCs1/2LbQuc1CuXCRsk
QZChwpSUydsSvoKw6EjPPP0IfN/bWytSNST4TU/y33jE9K0GwaPnLO+Nmcq0mfBs
thjHebyKALBbw6lnJtsUupRgX7S/LiLVNZ6LEs/WsthLowEjMz3Ajk5Gf48TlWrd
6yypMUAZ/6pazCZGaRGpAAsJmGtEyZD1
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:08:06 2025 by rpki-client