Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D0B7034F6B211EF8E458E98762E951A.roa
File: 3D0B7034F6B211EF8E458E98762E951A.roa (raw, json)
Hash identifier: aMAwF4GMkKhZdMAh4tMeeLAjuc59N3p7vcjmZMkKEyw=
Subject key identifier: DA:0B:96:D1:8D:94:2D:06:BE:AA:46:63:D3:3B:41:A7:A2:D4:A6:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EAE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D0B7034F6B211EF8E458E98762E951A.roa
Signing time: Sat 01 Mar 2025 15:31:26 +0000
ROA not before: Sat 01 Mar 2025 15:31:22 +0000
ROA not after: Sat 05 Apr 2025 15:31:22 +0000
asID: 203020
IP address blocks: 154.208.132.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 15:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93870 (0x16eae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 15:31:22 2025 GMT
Not After : Apr 5 15:31:22 2025 GMT
Subject: CN=67c3284e-2f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b4:7a:10:40:6b:3a:af:55:ed:59:68:c2:69:
95:2a:29:63:94:34:e6:80:fd:b6:0a:90:b7:f3:33:
c3:18:92:55:54:28:ff:61:bb:9e:9e:1a:45:57:04:
ee:f8:8d:7f:80:10:c1:cb:e9:af:91:bf:59:45:2d:
8e:70:af:ec:1b:c3:c0:b4:71:8f:00:89:d9:f3:4f:
9a:a4:25:8e:17:e5:79:80:25:cb:18:ef:b5:ce:55:
36:bd:2c:43:8e:ca:af:68:42:fd:f7:32:5d:71:4d:
e4:63:6e:b4:f9:1f:03:cd:65:18:d5:bc:f9:5e:f5:
8e:e8:93:ae:90:78:24:fb:95:cf:05:be:1b:e6:1c:
ea:d2:e2:22:81:dc:57:a5:cd:a2:3c:80:5a:89:ed:
10:a5:b1:f7:2a:48:9c:82:cb:88:5a:f7:cd:54:2b:
2d:a1:f0:5b:24:3e:bb:3d:5d:0b:d8:eb:38:1d:03:
55:06:74:ca:3d:64:62:f2:dc:b4:85:2d:de:68:dc:
a2:65:2e:ea:be:a6:f0:41:40:6e:78:53:8c:70:47:
13:ab:7d:01:26:82:d4:dc:64:93:65:65:e5:ca:5c:
87:85:84:35:cd:26:c1:d2:f8:27:c6:3e:78:6b:78:
53:e3:c5:fe:b2:79:3c:85:37:57:bc:8e:e3:8c:d1:
b7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0B:96:D1:8D:94:2D:06:BE:AA:46:63:D3:3B:41:A7:A2:D4:A6:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D0B7034F6B211EF8E458E98762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.132.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:14:74:1e:c8:a6:8f:50:ec:65:da:cf:4d:00:3e:62:5d:58:
8c:5f:6e:d6:ca:60:0d:15:fa:30:79:dc:4e:21:e0:ae:36:9d:
4e:e1:b8:b0:fa:10:f6:5c:d2:b9:32:f4:30:ed:e4:db:eb:42:
f6:0e:2a:b6:d4:b7:84:2b:97:64:09:33:90:5f:32:95:2f:0d:
11:b8:53:aa:84:ac:d4:5b:e5:9c:34:89:10:26:14:62:5c:12:
69:85:ec:46:54:0d:23:f7:77:be:b3:06:70:ab:8b:e4:98:d4:
a2:a2:50:80:9e:cc:5f:0c:ca:a6:e6:62:c9:f1:3a:df:f0:3f:
07:51:93:b9:b4:85:ca:51:4e:07:b0:a4:04:cb:af:a5:d2:9e:
55:9e:5a:37:4f:d0:e8:b6:a4:04:aa:fc:cb:d7:75:b0:70:1e:
92:9c:a4:f7:b9:64:51:e4:7c:3f:de:46:7c:20:97:23:06:6d:
52:86:86:aa:ef:a2:49:ff:b1:85:cd:63:7d:55:ac:f6:96:9b:
fc:92:c5:fc:32:b6:c4:9d:ea:b0:6a:5c:82:9a:54:35:d1:33:
6f:79:ff:d8:79:b7:16:64:b4:63:bd:4f:b4:59:a4:cd:55:2a:
62:26:2c:2c:98:01:d0:af:88:61:70:ee:82:c0:3e:e8:1b:a0:
31:44:38:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW6uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTUzMTIyWhcNMjUwNDA1MTUzMTIyWjAYMRYw
FAYDVQQDEw02N2MzMjg0ZS0yZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv7R6EEBrOq9V7VlowmmVKiljlDTmgP22CpC38zPDGJJVVCj/YbuenhpF
VwTu+I1/gBDBy+mvkb9ZRS2OcK/sG8PAtHGPAInZ80+apCWOF+V5gCXLGO+1zlU2
vSxDjsqvaEL99zJdcU3kY260+R8DzWUY1bz5XvWO6JOukHgk+5XPBb4b5hzq0uIi
gdxXpc2iPIBaie0QpbH3KkicgsuIWvfNVCstofBbJD67PV0L2Os4HQNVBnTKPWRi
8ty0hS3eaNyiZS7qvqbwQUBueFOMcEcTq30BJoLU3GSTZWXlylyHhYQ1zSbB0vgn
xj54a3hT48X+snk8hTdXvI7jjNG3MwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNoL
ltGNlC0GvqpGY9M7Qaei1KbSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRDBCNzAzNEY2QjIxMUVGOEU0NThFOTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtCEMA0GCSqGSIb3DQEB
CwUAA4IBAQCzFHQeyKaPUOxl2s9NAD5iXViMX27WymANFfowedxOIeCuNp1O4biw
+hD2XNK5MvQw7eTb60L2Diq21LeEK5dkCTOQXzKVLw0RuFOqhKzUW+WcNIkQJhRi
XBJphexGVA0j93e+swZwq4vkmNSiolCAnsxfDMqm5mLJ8Trf8D8HUZO5tIXKUU4H
sKQEy6+l0p5Vnlo3T9DotqQEqvzL13WwcB6SnKT3uWRR5Hw/3kZ8IJcjBm1Shoaq
76JJ/7GFzWN9Vaz2lpv8ksX8MrbEneqwalyCmlQ10TNvef/YebcWZLRjvU+0WaTN
VSpiJiwsmAHQr4hhcO6CwD7oG6AxRDg2
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:03 2025 by rpki-client