Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40B10CFEF42211EF845F1073762E951A.roa
File: 40B10CFEF42211EF845F1073762E951A.roa (raw, json)
Hash identifier: drRzK3+wTSwB74mOnzgeBSPacrPgf+JB1QCZopPVFZM=
Subject key identifier: A8:33:CB:0A:0F:A5:6D:7C:BC:AD:2C:07:53:9D:2D:51:13:7E:30:74
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0161B0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40B10CFEF42211EF845F1073762E951A.roa
Signing time: Wed 26 Feb 2025 09:15:42 +0000
ROA not before: Wed 26 Feb 2025 09:15:39 +0000
ROA not after: Thu 19 Feb 2026 09:15:39 +0000
asID: 328608
IP address blocks: 154.200.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90544 (0x161b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:15:39 2025 GMT
Not After : Feb 19 09:15:39 2026 GMT
Subject: CN=67bedbbe-d98e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a3:98:c7:0f:ac:96:7b:28:9d:6c:b2:27:ba:
0d:a9:e3:4b:91:20:f7:c2:e0:ac:06:24:02:cb:10:
6b:de:61:21:5a:df:f6:35:d9:8f:ad:d0:1b:3b:25:
03:3d:b5:ec:72:d4:00:0e:0e:12:5f:ba:0e:58:d1:
1f:64:38:cb:01:6a:c2:cf:8f:b5:89:ab:c2:3c:bd:
eb:73:dc:79:65:59:8a:a1:ea:6e:aa:7d:db:85:67:
3d:6a:29:65:25:a1:6e:20:cf:4f:85:c4:94:74:5b:
d0:67:fc:7a:db:7e:73:1a:bd:8d:bc:14:3e:c5:1c:
6e:fd:3a:bd:4d:c1:fd:8e:ce:7e:15:44:a8:37:a7:
3c:df:74:c9:72:44:31:ad:28:8f:cf:1e:b2:0f:86:
c0:3f:23:d6:99:94:a8:54:71:47:1b:62:65:7a:b5:
f0:c2:2b:e8:73:ab:35:9a:5e:f7:cb:c7:c1:85:f5:
fa:bc:36:6a:9a:a7:9b:4c:88:3f:44:e6:5e:b7:5d:
88:a9:74:0f:81:9d:6d:57:c1:49:39:08:7c:b9:d2:
25:3b:73:a8:2e:8e:01:bf:eb:f9:38:e9:d9:52:25:
0f:b4:e7:bd:4f:00:56:49:6d:05:1a:5b:48:40:6d:
41:84:14:01:94:cd:a9:ca:8f:6d:a4:98:62:8f:e7:
38:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:33:CB:0A:0F:A5:6D:7C:BC:AD:2C:07:53:9D:2D:51:13:7E:30:74
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40B10CFEF42211EF845F1073762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.222.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:21:d7:b2:a9:e3:5c:62:f5:2a:61:7c:17:a8:74:f0:79:63:
72:1a:6c:99:94:01:bf:0f:69:61:d6:e1:66:23:97:e4:88:3d:
52:88:06:e1:13:0f:04:7e:d1:3a:b6:af:51:f9:d5:69:96:f0:
05:16:03:73:94:b7:a4:ad:81:5c:ed:4a:6e:1e:e3:d4:0d:2f:
d6:5a:c1:04:f7:03:c8:8c:d9:8a:17:ca:c8:24:17:35:4c:5a:
79:8a:30:0c:69:cb:07:24:4e:c2:b0:5b:38:90:b4:a0:ef:c4:
7b:14:1d:ff:19:67:be:7d:0e:17:70:83:63:bf:cc:e5:58:90:
f2:80:86:3c:a1:1a:63:51:3f:55:f3:ef:bb:7f:85:e8:52:b4:
4f:6d:76:6f:7d:5c:bd:0a:2a:47:3c:86:e8:c1:38:63:9d:b6:
0d:bc:8f:e3:e1:86:6f:0f:6f:cc:b9:0d:c1:2e:9e:fb:20:e2:
71:8d:02:3c:a3:33:ff:4a:75:9a:33:68:b0:ce:97:e3:f1:5a:
e2:94:b7:a6:d6:fb:57:59:24:99:63:45:d2:2d:01:7a:8c:45:
68:08:88:58:a0:a3:0e:c6:16:25:be:1a:df:a6:c8:c8:ea:83:
4f:58:e8:20:af:81:7e:d8:97:9e:db:c6:ae:d3:0d:67:2e:56:
76:b2:a9:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWGwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDkxNTM5WhcNMjYwMjE5MDkxNTM5WjAYMRYw
FAYDVQQDEw02N2JlZGJiZS1kOThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsqOYxw+slnsonWyyJ7oNqeNLkSD3wuCsBiQCyxBr3mEhWt/2NdmPrdAb
OyUDPbXsctQADg4SX7oOWNEfZDjLAWrCz4+1iavCPL3rc9x5ZVmKoepuqn3bhWc9
aillJaFuIM9PhcSUdFvQZ/x6235zGr2NvBQ+xRxu/Tq9TcH9js5+FUSoN6c833TJ
ckQxrSiPzx6yD4bAPyPWmZSoVHFHG2JlerXwwivoc6s1ml73y8fBhfX6vDZqmqeb
TIg/ROZet12IqXQPgZ1tV8FJOQh8udIlO3OoLo4Bv+v5OOnZUiUPtOe9TwBWSW0F
GltIQG1BhBQBlM2pyo9tpJhij+c4pwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKgz
ywoPpW18vK0sB1OdLVETfjB0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MEIxMENGRUY0MjIxMUVGODQ1RjEwNzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjeMA0GCSqGSIb3DQEB
CwUAA4IBAQDYIdeyqeNcYvUqYXwXqHTweWNyGmyZlAG/D2lh1uFmI5fkiD1SiAbh
Ew8EftE6tq9R+dVplvAFFgNzlLekrYFc7UpuHuPUDS/WWsEE9wPIjNmKF8rIJBc1
TFp5ijAMacsHJE7CsFs4kLSg78R7FB3/GWe+fQ4XcINjv8zlWJDygIY8oRpjUT9V
8++7f4XoUrRPbXZvfVy9CipHPIbowThjnbYNvI/j4YZvD2/MuQ3BLp77IOJxjQI8
ozP/SnWaM2iwzpfj8VrilLem1vtXWSSZY0XSLQF6jEVoCIhYoKMOxhYlvhrfpsjI
6oNPWOggr4F+2Jee28au0w1nLlZ2sqnu
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:53:00 2025 by rpki-client