Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E4BB73CD2DC11EF84EDDE51762E951A.roa
File: 3E4BB73CD2DC11EF84EDDE51762E951A.roa (raw, json)
Hash identifier: MjUsFjHinUX/kiySxYnFFjfUY04vwnBe4Tau6/8PEH0=
Subject key identifier: F2:D7:90:E3:0E:C5:3B:DF:B0:96:40:24:75:AD:96:5A:31:18:8C:4C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B67
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E4BB73CD2DC11EF84EDDE51762E951A.roa
Signing time: Wed 15 Jan 2025 01:01:25 +0000
ROA not before: Wed 15 Jan 2025 01:01:21 +0000
ROA not after: Fri 12 Dec 2025 01:01:21 +0000
asID: 984
IP address blocks: 154.81.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80743 (0x13b67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 01:01:21 2025 GMT
Not After : Dec 12 01:01:21 2025 GMT
Subject: CN=678708e5-722a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:56:4b:67:ef:32:37:c7:1f:8c:c3:19:a6:cd:
55:5a:9c:b7:e8:38:e9:89:76:ad:e6:48:22:50:57:
b3:f8:f0:02:f3:3c:34:01:8c:27:27:47:2f:cf:7d:
d6:68:bc:79:47:9e:e5:57:97:58:e4:e6:b0:44:69:
bf:45:1a:7b:70:df:f1:9c:0d:33:31:2e:d8:25:36:
04:83:8e:2c:e2:b3:fa:7e:b6:1b:59:28:0b:8a:c5:
09:c1:9b:95:94:51:25:3c:53:2f:13:4a:80:aa:b4:
72:ad:e4:54:6d:84:01:32:f4:be:ac:bf:63:a2:59:
e0:5d:e6:34:c2:74:3d:84:c7:7c:8e:ea:a8:5d:3d:
d9:2a:2f:83:51:03:47:fc:6c:d9:98:29:fd:3f:91:
47:bb:bc:5d:f4:ba:ab:8f:ce:fe:cd:ec:43:c9:9d:
90:40:03:5e:37:f7:21:c4:b1:f1:2c:be:09:16:9d:
ad:50:7b:eb:40:9c:de:8f:45:f4:ab:02:47:5e:05:
3a:50:9f:7c:3b:3e:8e:70:e9:a7:90:96:c7:0b:2c:
41:85:1e:91:c1:ff:74:82:5d:f7:46:68:a8:38:83:
ec:26:76:fd:27:26:46:aa:8b:80:80:8e:6d:0d:d7:
e3:f0:e7:63:bf:85:9c:cd:ed:07:97:a8:34:1f:09:
bd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D7:90:E3:0E:C5:3B:DF:B0:96:40:24:75:AD:96:5A:31:18:8C:4C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E4BB73CD2DC11EF84EDDE51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.185.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:a9:ee:3e:76:3c:17:0e:73:55:c2:48:74:ae:48:6a:21:8b:
a2:d0:4a:4f:9d:a8:34:4e:69:6f:58:c1:8d:e3:c5:79:87:d5:
e9:72:9a:6b:9c:be:6e:7c:6c:86:1a:49:68:e1:97:6e:14:c8:
59:05:a9:ce:f8:07:07:22:d6:2c:b6:01:1e:11:59:fc:6c:e4:
54:46:80:d0:33:fc:3f:2e:c9:28:b9:f1:46:10:77:d2:65:8d:
b5:ae:bd:0d:00:2e:c9:70:e4:8c:4c:74:79:02:22:15:c8:a1:
e1:bc:01:ce:52:55:4d:a4:96:55:93:bf:3f:42:82:99:26:aa:
76:27:a2:b9:86:61:dc:00:99:b7:f0:5e:d5:f1:72:6f:25:3e:
aa:bb:31:36:b9:42:28:53:22:e2:15:13:48:98:15:93:e3:cd:
5b:fe:7c:b6:f8:bf:ac:83:07:c4:42:eb:16:29:57:9b:4c:57:
bf:8e:d6:95:d3:39:f7:22:78:7a:d7:7c:9a:15:ba:de:4d:ea:
a7:9a:bd:81:cd:30:fc:ac:35:08:5b:d9:7d:fb:bc:35:aa:c8:
f3:b1:e6:8a:7a:e7:59:97:52:c3:28:72:86:c3:90:3e:e3:f9:
94:ba:cb:ee:3b:21:6d:c4:6f:34:12:9d:19:8b:f7:74:7f:36:
9a:aa:e8:13
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATtnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDEwMTIxWhcNMjUxMjEyMDEwMTIxWjAYMRYw
FAYDVQQDEw02Nzg3MDhlNS03MjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo1ZLZ+8yN8cfjMMZps1VWpy36DjpiXat5kgiUFez+PAC8zw0AYwnJ0cv
z33WaLx5R57lV5dY5OawRGm/RRp7cN/xnA0zMS7YJTYEg44s4rP6frYbWSgLisUJ
wZuVlFElPFMvE0qAqrRyreRUbYQBMvS+rL9jolngXeY0wnQ9hMd8juqoXT3ZKi+D
UQNH/GzZmCn9P5FHu7xd9Lqrj87+zexDyZ2QQANeN/chxLHxLL4JFp2tUHvrQJze
j0X0qwJHXgU6UJ98Oz6OcOmnkJbHCyxBhR6Rwf90gl33RmioOIPsJnb9JyZGqouA
gI5tDdfj8Odjv4Wcze0Hl6g0Hwm9rQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPLX
kOMOxTvfsJZAJHWtlloxGIxMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTRCQjczQ0QyREMxMUVGODRFRERFNTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlG5MA0GCSqGSIb3DQEB
CwUAA4IBAQCaqe4+djwXDnNVwkh0rkhqIYui0EpPnag0TmlvWMGN48V5h9Xpcppr
nL5ufGyGGklo4ZduFMhZBanO+AcHItYstgEeEVn8bORURoDQM/w/LskoufFGEHfS
ZY21rr0NAC7JcOSMTHR5AiIVyKHhvAHOUlVNpJZVk78/QoKZJqp2J6K5hmHcAJm3
8F7V8XJvJT6quzE2uUIoUyLiFRNImBWT481b/ny2+L+sgwfEQusWKVebTFe/jtaV
0zn3Inh613yaFbreTeqnmr2BzTD8rDUIW9l9+7w1qsjzseaKeudZl1LDKHKGw5A+
4/mUusvuOyFtxG80Ep0Zi/d0fzaaqugT
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:17:11 2025 by rpki-client