Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BE6FD94018011F09E322099762E951A.roa
File: 3BE6FD94018011F09E322099762E951A.roa (raw, json)
Hash identifier: 1Nsx0a4eOOao6z8D9nh2oFtELtBo90D4mlBurWg0A7I=
Subject key identifier: 95:F0:34:46:1A:33:05:AF:19:EB:66:13:CB:B8:81:35:CA:C7:F0:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01745F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BE6FD94018011F09E322099762E951A.roa
Signing time: Sat 15 Mar 2025 09:31:12 +0000
ROA not before: Sat 15 Mar 2025 09:31:07 +0000
ROA not after: Tue 02 Sep 2025 09:31:07 +0000
asID: 204770
IP address blocks: 154.88.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95327 (0x1745f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 15 09:31:07 2025 GMT
Not After : Sep 2 09:31:07 2025 GMT
Subject: CN=67d548e0-220b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:15:61:8e:11:3c:98:01:ff:22:cb:f9:e3:be:
b0:1f:7a:93:7e:c9:92:25:01:a3:c3:6a:29:1c:dc:
d6:f1:48:03:25:2e:4b:16:15:3f:0e:31:60:48:d1:
0f:13:bc:13:00:3e:1a:85:bb:80:82:a7:6b:e1:eb:
3f:85:e9:88:ab:21:88:aa:e6:0b:e5:52:60:29:72:
85:de:8a:72:c7:25:b4:08:ce:db:c7:8c:81:e8:d9:
7a:b9:de:84:86:88:74:27:b5:31:00:64:f6:e1:e3:
7a:36:2a:7b:d1:be:a5:6b:00:44:91:1b:30:30:16:
00:d3:0f:c5:ea:4e:87:5f:ef:0d:ad:66:59:09:2b:
a5:af:2c:b8:9a:89:ff:5a:75:27:a8:0e:19:95:93:
b1:0e:89:6d:06:34:a9:9b:8e:44:cd:e6:08:3a:db:
5b:44:ed:d7:5f:d0:b2:78:bb:c7:3c:e6:9d:94:a1:
60:57:64:a4:66:e4:24:b4:f8:f2:44:00:d8:dd:73:
d7:60:07:e1:bb:29:59:be:5c:d5:ac:2b:dc:c5:7a:
00:9a:80:b3:c2:06:9e:6a:2b:4b:fa:3a:4f:3b:6c:
ae:bb:05:50:fa:28:19:31:43:3f:60:9d:a5:50:5d:
41:5c:df:02:e6:9d:90:01:8d:06:5f:b2:7f:08:02:
98:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F0:34:46:1A:33:05:AF:19:EB:66:13:CB:B8:81:35:CA:C7:F0:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BE6FD94018011F09E322099762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.3.0/24
Signature Algorithm: sha256WithRSAEncryption
77:4a:3d:7a:48:30:75:fc:fd:5d:af:1d:e7:33:cf:b9:18:64:
68:a5:7a:7a:40:f6:82:d0:f7:49:f9:37:0f:76:6b:ad:e2:7c:
19:86:bf:b7:6b:da:d8:26:f2:3f:24:a6:7f:67:5d:b8:34:33:
6f:8c:7f:4f:d5:84:b3:5b:31:b1:f7:1c:2b:b2:01:bc:df:a9:
15:23:c8:71:4c:d7:1a:cc:27:07:9b:43:0d:cc:da:6f:63:4b:
60:5c:83:14:d7:90:64:c2:8a:c2:3f:0a:81:bd:b9:ac:19:67:
f2:d2:84:33:9f:f8:0c:bd:c3:8c:5d:f0:b3:2e:58:78:ab:7f:
b9:ab:51:39:24:55:cb:4d:cb:a6:99:4f:c8:22:c8:b5:2f:13:
cf:f0:f0:c1:13:97:00:ab:e8:5f:41:5d:3b:31:0d:84:cc:92:
66:a9:ff:42:8e:02:97:fe:d7:4c:6d:50:ef:d1:94:a9:bd:da:
61:a5:e9:9b:51:d0:7d:39:78:78:46:df:90:d5:41:26:c1:d3:
e7:d5:31:8a:7d:8a:8b:29:8c:6e:d5:99:1a:08:ad:45:1f:27:
da:42:5d:8e:31:40:85:1e:f1:1f:45:f9:47:76:c6:9e:1f:bb:
33:af:11:76:ef:63:89:57:70:55:41:43:e6:a3:f8:40:f4:64:
3a:d7:64:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXRfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE1MDkzMTA3WhcNMjUwOTAyMDkzMTA3WjAYMRYw
FAYDVQQDEw02N2Q1NDhlMC0yMjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtxVhjhE8mAH/Isv5476wH3qTfsmSJQGjw2opHNzW8UgDJS5LFhU/DjFg
SNEPE7wTAD4ahbuAgqdr4es/hemIqyGIquYL5VJgKXKF3opyxyW0CM7bx4yB6Nl6
ud6Ehoh0J7UxAGT24eN6Nip70b6lawBEkRswMBYA0w/F6k6HX+8NrWZZCSulryy4
mon/WnUnqA4ZlZOxDoltBjSpm45EzeYIOttbRO3XX9CyeLvHPOadlKFgV2SkZuQk
tPjyRADY3XPXYAfhuylZvlzVrCvcxXoAmoCzwgaeaitL+jpPO2yuuwVQ+igZMUM/
YJ2lUF1BXN8C5p2QAY0GX7J/CAKYoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJXw
NEYaMwWvGetmE8u4gTXKx/BXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQkU2RkQ5NDAxODAxMUYwOUUzMjIwOTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlgDMA0GCSqGSIb3DQEB
CwUAA4IBAQB3Sj16SDB1/P1drx3nM8+5GGRopXp6QPaC0PdJ+TcPdmut4nwZhr+3
a9rYJvI/JKZ/Z124NDNvjH9P1YSzWzGx9xwrsgG836kVI8hxTNcazCcHm0MNzNpv
Y0tgXIMU15BkworCPwqBvbmsGWfy0oQzn/gMvcOMXfCzLlh4q3+5q1E5JFXLTcum
mU/IIsi1LxPP8PDBE5cAq+hfQV07MQ2EzJJmqf9CjgKX/tdMbVDv0ZSpvdphpemb
UdB9OXh4Rt+Q1UEmwdPn1TGKfYqLKYxu1ZkaCK1FHyfaQl2OMUCFHvEfRflHdsae
H7szrxF272OJV3BVQUPmo/hA9GQ612Tn
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:06:29 2025 by rpki-client