Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DFB6BB0F8FC11EF8A57E2A2762E951A.roa
File: 3DFB6BB0F8FC11EF8A57E2A2762E951A.roa (raw, json)
Hash identifier: OOQctHk4GTFJHaiUFjqeKw5Mca+EtOV9fpVtUOljrE8=
Subject key identifier: 70:E8:BC:7D:CD:B7:F6:DC:08:58:F8:97:76:2A:A6:79:94:E1:E8:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0171CC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DFB6BB0F8FC11EF8A57E2A2762E951A.roa
Signing time: Tue 04 Mar 2025 13:26:13 +0000
ROA not before: Tue 04 Mar 2025 13:26:09 +0000
ROA not after: Mon 07 Apr 2025 13:26:09 +0000
asID: 44733
IP address blocks: 154.81.189.0/24 maxlen: 24
154.83.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94668 (0x171cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 4 13:26:09 2025 GMT
Not After : Apr 7 13:26:09 2025 GMT
Subject: CN=67c6ff75-b154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6a:cf:4f:fa:f3:23:4a:7d:6d:28:38:51:3c:
7f:e5:c4:cb:c6:9e:ec:01:8d:4c:2e:d8:ec:bf:df:
76:a7:33:7c:3e:d4:59:78:c3:c9:e8:2e:05:a1:fd:
4d:ab:54:76:e8:86:19:c1:ee:fd:81:b8:57:e2:f1:
f8:f5:f2:28:97:1e:26:d0:db:b9:44:f4:98:37:a2:
25:91:ef:1d:bc:76:cc:82:0d:9b:b4:f6:51:dd:59:
da:f9:c0:79:a9:e8:b2:79:9c:0b:35:ce:cc:b0:e2:
ae:22:c4:45:4c:69:95:b8:a7:ca:d7:7c:5a:65:ba:
78:61:aa:87:c5:21:d2:63:b0:aa:2a:0a:a7:f5:5e:
a8:1e:ae:57:57:55:f6:80:fb:33:a5:ba:ae:fc:0c:
4e:5e:32:f1:26:ed:3e:42:0a:68:9e:52:24:48:7a:
62:46:a1:3b:e1:7f:a3:ad:6b:64:ca:6b:18:ab:f8:
14:14:02:16:73:26:33:b2:ad:30:ee:74:d5:ee:53:
56:63:97:e3:ae:98:fb:5b:4f:d2:e9:1d:5d:c7:68:
49:9e:eb:80:2b:77:07:78:49:12:23:d2:4b:f9:78:
c7:75:49:41:47:d6:f0:6a:17:a2:4d:f6:2e:43:99:
79:65:32:3f:d0:54:cf:fd:48:18:3c:9f:20:42:4b:
92:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E8:BC:7D:CD:B7:F6:DC:08:58:F8:97:76:2A:A6:79:94:E1:E8:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DFB6BB0F8FC11EF8A57E2A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.189.0/24
154.83.100.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:9e:e6:f7:5b:b1:85:98:57:1d:9d:6a:9a:7d:69:41:4f:56:
cc:7b:dc:fb:43:dd:1f:75:dc:4f:63:b1:9e:41:54:f2:eb:96:
52:3f:bb:39:cb:10:81:6e:c3:fd:c8:5b:4a:b9:45:f1:7d:43:
44:b6:77:e5:92:7d:c3:0f:06:3d:85:93:99:e6:17:dc:b4:07:
e8:c7:98:eb:02:a2:40:d9:a7:0c:05:de:41:4a:60:3c:15:78:
e1:0a:b4:1f:8b:3c:ce:41:13:3c:21:01:a4:17:69:9a:b6:1e:
ed:35:e0:7e:21:c2:82:0f:20:87:fa:57:e9:b2:90:89:1f:23:
dd:79:24:6e:9f:6c:7c:e9:a7:93:7a:d5:40:25:7d:5a:0e:7b:
25:35:33:c7:89:15:da:1f:1c:de:7e:50:be:6c:7e:9e:47:8d:
ce:5d:71:f2:d9:f6:83:68:97:4b:f0:13:2c:af:6d:5b:34:ec:
f9:37:62:0e:a3:eb:f1:96:b6:f4:0b:1a:2a:2b:49:78:d2:9b:
83:b0:df:2b:37:a6:f2:c2:b1:c8:14:e6:d1:9a:16:70:81:f0:
b9:c0:67:55:02:e7:c8:b6:b0:cb:9f:50:9a:8e:ef:f0:cd:3b:
34:2e:34:f8:67:ba:62:fd:8d:03:17:35:8e:6a:c6:7d:64:7e:
6d:19:31:e2
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXHMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA0MTMyNjA5WhcNMjUwNDA3MTMyNjA5WjAYMRYw
FAYDVQQDEw02N2M2ZmY3NS1iMTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuWrPT/rzI0p9bSg4UTx/5cTLxp7sAY1MLtjsv992pzN8PtRZeMPJ6C4F
of1Nq1R26IYZwe79gbhX4vH49fIolx4m0Nu5RPSYN6Ilke8dvHbMgg2btPZR3Vna
+cB5qeiyeZwLNc7MsOKuIsRFTGmVuKfK13xaZbp4YaqHxSHSY7CqKgqn9V6oHq5X
V1X2gPszpbqu/AxOXjLxJu0+QgponlIkSHpiRqE74X+jrWtkymsYq/gUFAIWcyYz
sq0w7nTV7lNWY5fjrpj7W0/S6R1dx2hJnuuAK3cHeEkSI9JL+XjHdUlBR9bwahei
TfYuQ5l5ZTI/0FTP/UgYPJ8gQkuShQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFHDo
vH3Nt/bcCFj4l3YqpnmU4egrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zREZCNkJCMEY4RkMxMUVGOEE1N0UyQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlG9AwQAmlNkMA0GCSqG
SIb3DQEBCwUAA4IBAQCtnub3W7GFmFcdnWqafWlBT1bMe9z7Q90fddxPY7GeQVTy
65ZSP7s5yxCBbsP9yFtKuUXxfUNEtnflkn3DDwY9hZOZ5hfctAfox5jrAqJA2acM
Bd5BSmA8FXjhCrQfizzOQRM8IQGkF2math7tNeB+IcKCDyCH+lfpspCJHyPdeSRu
n2x86aeTetVAJX1aDnslNTPHiRXaHxzeflC+bH6eR43OXXHy2faDaJdL8BMsr21b
NOz5N2IOo+vxlrb0CxoqK0l40puDsN8rN6bywrHIFObRmhZwgfC5wGdVAufItrDL
n1Caju/wzTs0LjT4Z7pi/Y0DFzWOasZ9ZH5tGTHi
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:55 2025 by rpki-client