Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E7F4BEAFF3E11EFBCC51C92762E951A.roa
File: 3E7F4BEAFF3E11EFBCC51C92762E951A.roa (raw, json)
Hash identifier: nZMlm3pe1yk8ZPnbg/K578BApJvATEY1O3ZR0lbEQWw=
Subject key identifier: 55:92:3B:BD:02:14:B3:13:72:53:F2:69:BC:1D:A8:F9:DC:9D:50:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017404
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E7F4BEAFF3E11EFBCC51C92762E951A.roa
Signing time: Wed 12 Mar 2025 12:33:47 +0000
ROA not before: Wed 12 Mar 2025 12:33:44 +0000
ROA not after: Mon 05 May 2025 12:33:44 +0000
asID: 399195
IP address blocks: 154.90.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95236 (0x17404)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 12:33:44 2025 GMT
Not After : May 5 12:33:44 2025 GMT
Subject: CN=67d17f2b-b632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7b:54:0a:1c:8f:16:3d:1f:a2:c3:a3:24:6a:
3c:f3:10:24:3d:0d:86:c7:34:bc:75:59:50:ec:a8:
2e:98:09:55:68:ad:f8:79:0b:0b:7b:5c:fd:4e:94:
51:88:3a:60:6c:9c:ba:6a:f6:cc:7d:ba:0f:2b:8b:
22:0d:6f:90:b7:ad:ad:cc:e8:f4:ec:7e:36:b0:7b:
32:88:73:5f:24:a4:f6:e0:7d:8e:cb:6f:b1:46:49:
6d:dc:c2:81:52:50:94:d7:be:7b:b9:6f:a8:d3:e3:
31:a1:19:25:de:17:d8:91:bb:42:5b:67:f8:da:1d:
b3:93:4e:cd:99:c4:9b:32:37:e6:41:b2:c3:58:d4:
6a:a6:33:14:9d:01:a3:8c:b5:bb:69:1e:59:62:08:
fd:c0:49:a4:8d:81:01:13:14:8f:2a:6c:72:f3:f3:
2d:25:fb:a2:0d:62:2a:5d:2e:ea:29:f4:be:92:72:
23:25:f7:b5:b1:d5:c9:b2:3c:7a:cf:71:5e:b3:83:
49:ba:6d:e2:f3:49:c5:b5:30:2c:d1:c7:14:90:e5:
63:cd:c0:6f:5b:04:b8:ce:2b:e5:a8:6c:44:ef:a2:
a3:35:9c:fa:74:bd:a2:a6:c2:00:7d:28:37:cc:e9:
19:c7:8e:8a:ca:2e:a1:ff:1d:30:af:f4:cb:78:57:
88:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:92:3B:BD:02:14:B3:13:72:53:F2:69:BC:1D:A8:F9:DC:9D:50:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E7F4BEAFF3E11EFBCC51C92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
Signature Algorithm: sha256WithRSAEncryption
36:4a:7c:59:7d:11:a1:0c:4d:92:af:f7:b0:f1:c6:e3:ae:a8:
bf:2d:86:80:f4:e4:52:d4:1e:cc:8e:3c:94:fb:51:ff:47:03:
e3:c8:90:a0:69:22:ae:b7:5c:b3:af:6d:0c:27:7a:76:ed:9c:
4e:d8:fd:53:2c:b8:46:13:30:36:44:64:ca:f3:9d:f5:2f:96:
52:cf:29:d4:36:3c:fd:8a:3e:e9:34:d9:af:f4:81:5f:1c:44:
55:e0:4f:f0:76:a5:a5:91:aa:d6:05:41:d9:ec:70:ea:0f:ef:
7d:d6:21:d7:97:cf:9e:03:04:b1:f9:4c:a1:44:7c:4d:16:02:
15:5c:b4:76:e1:6b:88:6a:b3:3d:5e:c9:f3:b1:00:42:73:dd:
85:43:86:bf:ff:af:b6:38:a5:8f:39:a3:d9:96:7b:17:ce:8e:
9a:26:b2:58:57:70:9f:51:29:13:31:00:c5:7d:9f:00:fd:ea:
19:21:be:dd:4d:53:1b:01:80:18:30:cb:7e:c8:ce:1d:df:7e:
5c:79:cd:c5:b5:d6:0f:e4:f2:35:25:a6:22:17:b2:d6:3b:c4:
08:07:b2:8c:66:1d:8d:30:fd:eb:d1:09:34:f8:32:f4:77:a1:
12:af:98:45:df:c6:ad:4f:09:d9:ba:39:dd:39:a1:71:22:3a:
2a:42:7b:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXQEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMTIzMzQ0WhcNMjUwNTA1MTIzMzQ0WjAYMRYw
FAYDVQQDEw02N2QxN2YyYi1iNjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlntUChyPFj0fosOjJGo88xAkPQ2GxzS8dVlQ7KgumAlVaK34eQsLe1z9
TpRRiDpgbJy6avbMfboPK4siDW+Qt62tzOj07H42sHsyiHNfJKT24H2Oy2+xRklt
3MKBUlCU1757uW+o0+MxoRkl3hfYkbtCW2f42h2zk07NmcSbMjfmQbLDWNRqpjMU
nQGjjLW7aR5ZYgj9wEmkjYEBExSPKmxy8/MtJfuiDWIqXS7qKfS+knIjJfe1sdXJ
sjx6z3Fes4NJum3i80nFtTAs0ccUkOVjzcBvWwS4zivlqGxE76KjNZz6dL2ipsIA
fSg3zOkZx46Kyi6h/x0wr/TLeFeIlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFWS
O70CFLMTclPyabwdqPncnVD4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTdGNEJFQUZGM0UxMUVGQkNDNTFDOTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQA2SnxZfRGhDE2Sr/ew8cbjrqi/LYaA9ORS1B7MjjyU+1H/RwPjyJCg
aSKut1yzr20MJ3p27ZxO2P1TLLhGEzA2RGTK8531L5ZSzynUNjz9ij7pNNmv9IFf
HERV4E/wdqWlkarWBUHZ7HDqD+991iHXl8+eAwSx+UyhRHxNFgIVXLR24WuIarM9
XsnzsQBCc92FQ4a//6+2OKWPOaPZlnsXzo6aJrJYV3CfUSkTMQDFfZ8A/eoZIb7d
TVMbAYAYMMt+yM4d335cec3FtdYP5PI1JaYiF7LWO8QIB7KMZh2NMP3r0Qk0+DL0
d6ESr5hF38atTwnZujndOaFxIjoqQnuM
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:20:57 2025 by rpki-client