Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F67717A0B2011F0ADB54FA2762E951A.roa
File: 3F67717A0B2011F0ADB54FA2762E951A.roa (raw, json)
Hash identifier: KW3a9uKsNnZ2DZl68QkVD08gILQYY1TnLaGPS1kGczE=
Subject key identifier: AE:30:BD:C8:DD:4B:3C:32:65:96:A8:B5:C7:0A:CA:27:10:A2:55:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01768D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F67717A0B2011F0ADB54FA2762E951A.roa
Signing time: Thu 27 Mar 2025 15:29:18 +0000
ROA not before: Thu 27 Mar 2025 15:29:14 +0000
ROA not after: Wed 16 Apr 2025 15:29:14 +0000
asID: 1938
IP address blocks: 154.89.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95885 (0x1768d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 27 15:29:14 2025 GMT
Not After : Apr 16 15:29:14 2025 GMT
Subject: CN=67e56ece-a6e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a6:4f:45:2c:b2:fb:85:9e:b5:e3:d2:f9:87:
6b:08:fb:72:eb:ea:f8:9f:21:3b:48:5a:05:52:77:
82:a4:9b:fc:ca:6e:ac:a8:1e:f6:5a:ba:6e:68:39:
70:45:41:85:5d:1e:d0:27:4b:df:71:63:78:55:0e:
be:a7:3d:65:d5:ee:5b:45:ba:2f:6e:79:78:6d:99:
4f:4d:f9:cd:9c:6f:b9:5a:d1:f0:c4:30:ee:ad:f8:
dd:b2:d6:1b:f0:81:dc:82:32:32:fb:1d:72:0e:22:
68:f4:b5:88:14:77:d8:8b:01:78:50:2b:06:9d:22:
1d:9c:44:32:13:f9:a0:3a:bd:77:3b:db:32:d4:21:
4c:4a:de:b1:86:51:ed:f3:65:46:fb:12:47:30:fb:
29:66:77:75:dd:f1:66:ff:bf:7a:ae:92:c9:47:d2:
59:c4:db:2e:a3:63:76:8c:26:9d:bc:a7:77:8c:7f:
98:40:29:c5:1e:75:15:2d:2c:8f:5b:8e:0b:f1:27:
3e:8a:22:55:51:13:fd:29:06:da:79:ce:4f:73:d7:
62:ea:54:af:e1:70:54:39:a4:ed:83:77:ae:87:cf:
1d:d7:73:6c:5b:a4:d1:31:2c:0f:6f:b4:a4:af:a1:
94:da:71:db:85:8b:9f:18:dd:7a:2e:ca:d7:e0:56:
28:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:30:BD:C8:DD:4B:3C:32:65:96:A8:B5:C7:0A:CA:27:10:A2:55:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F67717A0B2011F0ADB54FA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.64.0/18
Signature Algorithm: sha256WithRSAEncryption
c9:5b:84:d7:c2:e1:bc:68:3a:0c:48:58:b0:86:bd:b0:03:89:
e6:f2:52:bd:5f:a4:99:65:88:b4:5f:a8:a1:f8:ab:8c:62:35:
f7:7a:e8:b6:ac:52:11:3c:67:7d:7b:8e:ea:3c:cf:a8:8e:38:
d3:8b:09:06:ca:ee:f8:92:00:76:aa:66:55:4e:bf:65:10:1a:
06:a0:b0:e7:68:a9:ff:b9:95:0f:f4:a1:69:2d:31:86:04:0b:
fb:ac:08:d5:d1:d8:5c:fb:90:ce:66:fb:6d:ab:3c:7e:26:15:
31:68:0b:50:6f:a5:5b:40:43:a2:2c:48:eb:b9:20:3f:4d:98:
91:3e:95:1b:64:aa:77:e0:fd:06:9f:9e:81:79:02:0b:0a:27:
2d:6d:92:7e:f8:0c:4c:d1:ce:bd:52:1a:a5:01:37:bc:bb:51:
b4:39:68:e0:0f:01:11:57:ba:44:1e:35:55:49:3f:6c:10:ec:
c4:d5:81:a6:a8:f0:37:e4:d4:0a:a8:2f:62:ee:73:48:3d:9f:
bd:9a:e8:b0:9b:bf:06:6e:c5:6d:d2:91:ae:39:c0:bb:4a:a6:
bf:e3:73:cf:b2:b0:e5:0f:92:ff:b8:19:5f:57:5a:3c:1a:29:
da:4e:8c:18:cc:f6:da:ee:f7:19:64:3e:18:2b:d7:39:2e:0a:
e5:5b:eb:c8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXaNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI3MTUyOTE0WhcNMjUwNDE2MTUyOTE0WjAYMRYw
FAYDVQQDEw02N2U1NmVjZS1hNmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0KZPRSyy+4WetePS+YdrCPty6+r4nyE7SFoFUneCpJv8ym6sqB72Wrpu
aDlwRUGFXR7QJ0vfcWN4VQ6+pz1l1e5bRbovbnl4bZlPTfnNnG+5WtHwxDDurfjd
stYb8IHcgjIy+x1yDiJo9LWIFHfYiwF4UCsGnSIdnEQyE/mgOr13O9sy1CFMSt6x
hlHt82VG+xJHMPspZnd13fFm/796rpLJR9JZxNsuo2N2jCadvKd3jH+YQCnFHnUV
LSyPW44L8Sc+iiJVURP9KQbaec5Pc9di6lSv4XBUOaTtg3euh88d13NsW6TRMSwP
b7Skr6GU2nHbhYufGN16LsrX4FYoaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK4w
vcjdSzwyZZaotccKyicQolUbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRjY3NzE3QTBCMjAxMUYwQURCNTRGQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmllAMA0GCSqGSIb3DQEB
CwUAA4IBAQDJW4TXwuG8aDoMSFiwhr2wA4nm8lK9X6SZZYi0X6ih+KuMYjX3eui2
rFIRPGd9e47qPM+ojjjTiwkGyu74kgB2qmZVTr9lEBoGoLDnaKn/uZUP9KFpLTGG
BAv7rAjV0dhc+5DOZvttqzx+JhUxaAtQb6VbQEOiLEjruSA/TZiRPpUbZKp34P0G
n56BeQILCictbZJ++AxM0c69UhqlATe8u1G0OWjgDwERV7pEHjVVST9sEOzE1YGm
qPA35NQKqC9i7nNIPZ+9muiwm78GbsVt0pGuOcC7Sqa/43PPsrDlD5L/uBlfV1o8
GinaTowYzPba7vcZZD4YK9c5LgrlW+vI
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:43:27 2025 by rpki-client