Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F8BC9BCF3B511EFBA6EAC7F762E951A.roa
File: 3F8BC9BCF3B511EFBA6EAC7F762E951A.roa (raw, json)
Hash identifier: GJ9M+S7jNBDqcr9+xAxiGLRxwDyJmNUb+oLZ9MLjydg=
Subject key identifier: 95:48:46:84:8D:79:9D:0E:81:E9:DE:D3:A8:2F:26:C2:D1:4F:80:C4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015FC2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F8BC9BCF3B511EFBA6EAC7F762E951A.roa
Signing time: Tue 25 Feb 2025 20:15:25 +0000
ROA not before: Tue 25 Feb 2025 20:15:21 +0000
ROA not after: Wed 09 Apr 2025 20:15:21 +0000
asID: 138915
IP address blocks: 154.95.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90050 (0x15fc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 20:15:21 2025 GMT
Not After : Apr 9 20:15:21 2025 GMT
Subject: CN=67be24dd-593a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5b:f1:ae:01:5d:b0:79:fa:44:58:a6:3f:b7:
dd:b8:2c:42:aa:aa:f5:10:8a:67:92:d6:d6:34:7b:
3d:49:87:2b:bb:5b:6b:58:40:d5:f0:18:28:f5:c0:
82:a9:e0:0c:74:05:8b:79:34:da:bb:c6:bd:13:7f:
1c:fd:d2:6d:dd:0a:eb:79:3c:88:e6:d3:b5:11:94:
67:08:ad:e4:83:af:64:f4:86:49:3c:44:09:98:be:
14:68:56:ae:d0:13:0d:60:d7:02:15:be:f9:7f:4a:
f0:05:96:65:76:3c:31:83:de:b0:3a:95:90:31:df:
0a:bb:e6:77:4e:28:3f:f9:cc:82:33:dd:dd:44:c8:
15:a3:4b:10:84:79:ba:78:c0:86:ff:62:52:6b:76:
af:f0:96:99:ee:1b:c4:e2:76:a5:c8:90:a5:c0:ce:
51:8b:11:0a:00:d9:8e:3e:38:1b:fc:be:32:f8:bb:
45:94:02:02:b0:ac:3b:ea:ee:d4:06:8c:7e:9a:73:
cd:2b:8a:1a:a2:a6:85:84:9b:e1:19:da:4f:fc:06:
90:ad:e4:5e:9f:52:ed:3b:a9:93:84:e4:2f:01:32:
94:30:1f:11:a0:92:8b:46:89:87:a8:77:2b:44:bd:
4c:66:42:73:c8:a3:6c:5a:8c:5a:ec:20:61:a7:5d:
26:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:48:46:84:8D:79:9D:0E:81:E9:DE:D3:A8:2F:26:C2:D1:4F:80:C4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F8BC9BCF3B511EFBA6EAC7F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.89.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:c8:09:0e:73:39:d9:9e:0e:21:51:31:3a:94:e2:c9:77:f4:
e3:a1:23:16:4f:33:97:3c:14:e3:3d:2a:61:50:41:cb:49:0c:
cf:a0:f1:17:6a:35:f2:69:08:a6:b7:ab:e1:ce:ad:4b:48:eb:
70:7d:e4:ce:27:de:91:16:85:64:b4:e0:59:f0:e7:a4:c9:e6:
8b:5c:bc:7e:c6:61:5d:f1:7a:2c:15:d0:73:df:e3:6e:5e:d6:
d2:e4:c1:22:00:a2:53:63:f5:2a:91:cf:fb:f0:a6:af:fa:7c:
c2:f4:97:22:77:85:ef:83:84:8e:84:42:b6:a8:1b:a8:4c:17:
2b:b6:f4:af:a6:61:47:eb:c3:ff:c5:b1:1d:0e:ef:f8:08:b9:
03:0e:20:85:db:98:fa:1b:78:1e:ea:51:bc:5f:c3:c7:32:2a:
36:14:52:58:9b:04:71:3a:42:08:b8:ed:fa:96:25:1c:59:83:
2d:17:a1:e7:4a:50:8c:45:19:7e:d0:da:1b:6f:a4:6a:f4:20:
1b:6e:97:cf:9d:99:3d:5c:fe:42:dd:26:77:fe:91:bd:6f:3b:
e1:db:d9:f1:0b:75:86:3c:e1:e4:6e:a4:7c:bd:2d:a0:7d:fb:
e4:8b:c8:7e:15:cf:4e:b9:53:2e:c6:95:17:52:7a:f1:5d:44:
fd:fb:3d:fe
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV/CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MjAxNTIxWhcNMjUwNDA5MjAxNTIxWjAYMRYw
FAYDVQQDEw02N2JlMjRkZC01OTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz1vxrgFdsHn6RFimP7fduCxCqqr1EIpnktbWNHs9SYcru1trWEDV8Bgo
9cCCqeAMdAWLeTTau8a9E38c/dJt3QrreTyI5tO1EZRnCK3kg69k9IZJPEQJmL4U
aFau0BMNYNcCFb75f0rwBZZldjwxg96wOpWQMd8Ku+Z3Tig/+cyCM93dRMgVo0sQ
hHm6eMCG/2JSa3av8JaZ7hvE4nalyJClwM5RixEKANmOPjgb/L4y+LtFlAICsKw7
6u7UBox+mnPNK4oaoqaFhJvhGdpP/AaQreRen1LtO6mThOQvATKUMB8RoJKLRomH
qHcrRL1MZkJzyKNsWoxa7CBhp10mEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJVI
RoSNeZ0Ogene06gvJsLRT4DEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRjhCQzlCQ0YzQjUxMUVGQkE2RUFDN0Y3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml9ZMA0GCSqGSIb3DQEB
CwUAA4IBAQDOyAkOcznZng4hUTE6lOLJd/TjoSMWTzOXPBTjPSphUEHLSQzPoPEX
ajXyaQimt6vhzq1LSOtwfeTOJ96RFoVktOBZ8OekyeaLXLx+xmFd8XosFdBz3+Nu
XtbS5MEiAKJTY/Uqkc/78Kav+nzC9Jcid4Xvg4SOhEK2qBuoTBcrtvSvpmFH68P/
xbEdDu/4CLkDDiCF25j6G3ge6lG8X8PHMio2FFJYmwRxOkIIuO36liUcWYMtF6Hn
SlCMRRl+0Nobb6Rq9CAbbpfPnZk9XP5C3SZ3/pG9bzvh29nxC3WGPOHkbqR8vS2g
ffvki8h+Fc9OuVMuxpUXUnrxXUT9+z3+
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:20:20 2025 by rpki-client