Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DAD5630F48011EF85E4B586762E951A.roa
File: 3DAD5630F48011EF85E4B586762E951A.roa (raw, json)
Hash identifier: qTWoIQqxRyDwJ+XG8ijJWy375cfM1x3/2iJaJhGnYFU=
Subject key identifier: D3:72:EB:59:11:28:38:A5:79:26:78:2F:DD:33:5A:E7:67:1F:4C:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0165ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DAD5630F48011EF85E4B586762E951A.roa
Signing time: Wed 26 Feb 2025 20:28:30 +0000
ROA not before: Wed 26 Feb 2025 20:28:26 +0000
ROA not after: Sat 19 Feb 2028 20:28:26 +0000
asID: 17561
IP address blocks: 154.221.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91629 (0x165ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 20:28:26 2025 GMT
Not After : Feb 19 20:28:26 2028 GMT
Subject: CN=67bf796e-403a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:04:17:43:66:36:8f:b4:6c:e2:61:a3:db:5f:
2f:59:59:1c:a3:27:aa:7b:2e:62:c2:59:f0:5f:ab:
08:46:77:bf:f8:95:3a:70:6a:e1:52:87:36:d0:1a:
06:fa:c0:89:96:a7:1e:b1:55:b0:36:79:c0:a0:ee:
e3:e9:49:ec:ac:fe:c4:e6:fa:73:4a:11:9c:fa:cd:
2e:6a:67:f8:e9:5e:d0:3a:07:1a:4a:fc:b7:61:d8:
50:91:12:44:c2:c8:68:f0:e8:cc:55:57:bb:79:25:
a6:1f:e0:1b:ee:5b:9f:96:fb:5f:42:52:d5:3d:4b:
6e:a4:53:4e:75:55:2f:54:d1:6b:2a:45:c3:9d:98:
62:6c:ee:de:3b:09:da:7d:0f:bc:ad:eb:7b:f2:06:
3c:87:9a:3f:5b:72:6d:25:9a:b4:bb:cb:36:9c:e8:
be:60:c6:e9:27:7a:c9:c7:3b:a9:9a:3b:b5:ca:f8:
12:8b:37:7a:94:3c:f4:89:dc:12:5f:97:44:1c:44:
75:ea:f2:fd:2d:43:5c:3c:6b:c3:87:dd:75:6a:4b:
a8:11:cf:1f:ce:80:85:3f:35:2f:04:f9:ba:4e:92:
29:fd:06:da:db:15:08:00:36:b7:e2:f0:18:b9:ae:
bb:8a:bd:10:5a:dc:9b:5a:41:37:da:2d:a6:9b:b3:
71:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:72:EB:59:11:28:38:A5:79:26:78:2F:DD:33:5A:E7:67:1F:4C:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DAD5630F48011EF85E4B586762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.41.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b2:09:3b:10:a1:93:59:77:99:46:05:ce:9d:65:29:5a:12:
90:9e:73:59:1e:9a:10:4d:c6:e6:4e:3f:d5:9d:91:fb:3d:43:
b1:0f:40:2c:e8:7f:e8:44:1e:1b:71:68:28:9a:b2:69:de:9c:
d2:9a:1a:29:11:48:71:e0:d0:c7:30:ad:a4:6c:6b:69:26:6d:
5c:4c:87:32:cc:09:66:48:53:4b:00:6c:87:5c:d3:6b:d4:25:
08:2b:87:e5:14:e9:74:a6:63:17:a8:98:72:b9:b6:b0:ab:de:
ce:1e:b8:8c:3f:91:b2:04:a2:b7:96:e1:ef:91:ad:d6:fa:72:
30:df:86:18:85:61:1f:4e:36:73:b0:40:84:08:28:2c:fe:69:
19:b3:7c:64:33:74:5d:18:4e:be:38:2b:f8:e9:27:9a:c9:7b:
32:d4:ba:fd:6e:6d:7c:90:da:e0:d2:e5:e7:17:7e:86:af:46:
69:f0:0b:62:64:ec:69:8d:af:65:db:ca:ae:53:6f:0e:38:07:
c9:02:1c:24:38:9e:51:d6:55:88:aa:0a:71:30:11:2e:df:c4:
69:be:75:60:bc:9a:fb:bd:7d:a5:a7:08:91:53:9b:c0:ef:4c:
ee:c3:5e:04:9b:d1:d0:72:04:af:a2:bd:5d:33:27:9a:02:d8:
e4:17:43:20
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWXtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MjAyODI2WhcNMjgwMjE5MjAyODI2WjAYMRYw
FAYDVQQDEw02N2JmNzk2ZS00MDNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQQXQ2Y2j7Rs4mGj218vWVkcoyeqey5iwlnwX6sIRne/+JU6cGrhUoc2
0BoG+sCJlqcesVWwNnnAoO7j6UnsrP7E5vpzShGc+s0uamf46V7QOgcaSvy3YdhQ
kRJEwsho8OjMVVe7eSWmH+Ab7luflvtfQlLVPUtupFNOdVUvVNFrKkXDnZhibO7e
OwnafQ+8ret78gY8h5o/W3JtJZq0u8s2nOi+YMbpJ3rJxzupmju1yvgSizd6lDz0
idwSX5dEHER16vL9LUNcPGvDh911akuoEc8fzoCFPzUvBPm6TpIp/Qba2xUIADa3
4vAYua67ir0QWtybWkE32i2mm7NxTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNNy
61kRKDileSZ4L90zWudnH0y8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zREFENTYzMEY0ODAxMUVGODVFNEI1ODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt0pMA0GCSqGSIb3DQEB
CwUAA4IBAQBwsgk7EKGTWXeZRgXOnWUpWhKQnnNZHpoQTcbmTj/VnZH7PUOxD0As
6H/oRB4bcWgomrJp3pzSmhopEUhx4NDHMK2kbGtpJm1cTIcyzAlmSFNLAGyHXNNr
1CUIK4flFOl0pmMXqJhyubawq97OHriMP5GyBKK3luHvka3W+nIw34YYhWEfTjZz
sECECCgs/mkZs3xkM3RdGE6+OCv46SeayXsy1Lr9bm18kNrg0uXnF36Gr0Zp8Ati
ZOxpja9l28quU28OOAfJAhwkOJ5R1lWIqgpxMBEu38RpvnVgvJr7vX2lpwiRU5vA
70zuw14Em9HQcgSvor1dMyeaAtjkF0Mg
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:46 2025 by rpki-client