Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C266500F42A11EFA583BDAC762E951A.roa
File: 3C266500F42A11EFA583BDAC762E951A.roa (raw, json)
Hash identifier: +1E0OybWPQe5/+Fl4u+MbfmIljpm3FSlhXQ7QiWG6gs=
Subject key identifier: CF:15:9A:B3:40:FF:F5:5A:EE:4E:BB:83:6E:15:CA:F9:B9:4D:87:2A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016227
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C266500F42A11EFA583BDAC762E951A.roa
Signing time: Wed 26 Feb 2025 10:12:51 +0000
ROA not before: Wed 26 Feb 2025 10:12:47 +0000
ROA not after: Sun 20 Feb 2028 10:12:47 +0000
asID: 17561
IP address blocks: 154.81.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90663 (0x16227)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 10:12:47 2025 GMT
Not After : Feb 20 10:12:47 2028 GMT
Subject: CN=67bee923-466e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:de:22:d2:8d:59:fd:56:fa:a5:4c:a0:8d:f8:
b4:0d:29:fd:8b:75:30:01:df:be:b1:0e:6e:be:5f:
b4:64:9d:f2:d4:c5:d7:47:e9:12:00:3c:ab:d1:e0:
14:9b:9b:94:ae:df:64:5b:a1:7f:cf:15:34:87:31:
23:2b:60:5b:e6:93:c5:b4:24:18:d3:ec:40:4a:fd:
a7:1c:5f:68:b9:ae:e6:ca:f9:73:2c:35:82:2a:25:
f6:c2:df:01:24:32:48:8f:6e:92:ee:35:6d:21:87:
2a:85:f8:71:ff:46:5c:9e:b2:6d:81:a7:82:b9:a4:
d3:96:4d:3f:3b:8a:1e:4d:54:d0:97:2e:0a:f7:72:
50:cc:ea:42:16:b9:fe:d1:de:de:4b:e3:6e:47:d3:
03:0a:db:54:3b:c0:67:59:ee:14:ba:93:fe:51:df:
8f:44:84:82:ed:69:f5:10:cc:cf:bd:18:26:41:d4:
af:1c:eb:54:ed:28:95:23:ed:92:0a:ee:ea:ad:7f:
c7:53:d7:df:c8:a0:6c:8d:43:b4:c1:c6:99:aa:78:
9a:68:93:33:2e:0c:f1:9b:ae:18:ac:f3:9a:3d:72:
e5:a9:40:3d:44:7b:11:2b:7a:87:9f:92:c9:ff:c3:
dc:d7:f3:af:aa:85:83:00:dd:0d:ef:0c:b5:7b:f8:
ba:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:15:9A:B3:40:FF:F5:5A:EE:4E:BB:83:6E:15:CA:F9:B9:4D:87:2A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C266500F42A11EFA583BDAC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.223.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:04:da:4b:b9:73:81:fa:d6:b9:42:09:2a:74:2f:5d:fe:d8:
54:37:7e:46:84:b1:80:8c:ab:89:a3:72:a8:bd:91:2a:ba:9a:
ac:b2:f9:3f:a2:9b:59:2d:c9:82:b9:3e:fa:8e:61:bd:1f:10:
bc:52:76:09:86:03:26:88:33:56:a2:85:58:ab:91:80:1a:79:
c8:e0:0d:13:ef:ee:48:90:e4:ab:31:26:9a:a7:03:27:3e:88:
5e:66:93:c0:01:22:91:65:9b:6d:d4:c3:c2:54:04:1e:42:b5:
77:0e:eb:1b:00:98:63:38:d7:9f:a2:ba:48:bb:50:87:81:cf:
0f:1b:4b:e8:6f:1b:88:c1:58:27:0f:ed:67:de:bd:86:80:c0:
92:75:aa:6f:37:bf:7c:cf:99:b1:c0:cc:0d:b5:35:5a:ed:2c:
10:67:88:55:15:0b:6e:c3:29:c0:e8:53:aa:c4:cf:8a:66:8a:
bd:5d:79:7c:dd:62:36:4e:b5:a0:fa:70:90:0a:45:89:61:4c:
9d:b6:67:a5:36:c9:fd:64:61:d3:b1:f3:d3:56:f1:0b:50:5f:
0b:e9:c1:f3:96:93:f3:ea:2b:aa:c2:ae:1d:6d:e5:e5:61:b7:
f1:3f:33:65:f0:7e:21:49:05:a5:3c:57:be:42:35:1f:77:ef:
77:dd:67:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWInMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTAxMjQ3WhcNMjgwMjIwMTAxMjQ3WjAYMRYw
FAYDVQQDEw02N2JlZTkyMy00NjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAkt4i0o1Z/Vb6pUygjfi0DSn9i3UwAd++sQ5uvl+0ZJ3y1MXXR+kSADyr
0eAUm5uUrt9kW6F/zxU0hzEjK2Bb5pPFtCQY0+xASv2nHF9oua7myvlzLDWCKiX2
wt8BJDJIj26S7jVtIYcqhfhx/0ZcnrJtgaeCuaTTlk0/O4oeTVTQly4K93JQzOpC
Frn+0d7eS+NuR9MDCttUO8BnWe4UupP+Ud+PRISC7Wn1EMzPvRgmQdSvHOtU7SiV
I+2SCu7qrX/HU9ffyKBsjUO0wcaZqniaaJMzLgzxm64YrPOaPXLlqUA9RHsRK3qH
n5LJ/8Pc1/OvqoWDAN0N7wy1e/i6iwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM8V
mrNA//Va7k67g24Vyvm5TYcqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQzI2NjUwMEY0MkExMUVGQTU4M0JEQUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlHfMA0GCSqGSIb3DQEB
CwUAA4IBAQDSBNpLuXOB+ta5QgkqdC9d/thUN35GhLGAjKuJo3KovZEqupqssvk/
optZLcmCuT76jmG9HxC8UnYJhgMmiDNWooVYq5GAGnnI4A0T7+5IkOSrMSaapwMn
PoheZpPAASKRZZtt1MPCVAQeQrV3DusbAJhjONeforpIu1CHgc8PG0vobxuIwVgn
D+1n3r2GgMCSdapvN798z5mxwMwNtTVa7SwQZ4hVFQtuwynA6FOqxM+KZoq9XXl8
3WI2TrWg+nCQCkWJYUydtmelNsn9ZGHTsfPTVvELUF8L6cHzlpPz6iuqwq4dbeXl
YbfxPzNl8H4hSQWlPFe+QjUfd+933Wei
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:32:45 2025 by rpki-client