Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40BE1BE80E1B11F0B95C1F73762E951A.roa
File: 40BE1BE80E1B11F0B95C1F73762E951A.roa (raw, json)
Hash identifier: AlKZk98LoNSsbth8SWQIaeITR7Rten6hvz4qf+pCB5U=
Subject key identifier: 82:09:AA:E2:F8:49:41:42:2F:01:CE:BF:89:25:6D:0D:A8:A4:C2:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017722
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40BE1BE80E1B11F0B95C1F73762E951A.roa
Signing time: Mon 31 Mar 2025 10:31:06 +0000
ROA not before: Mon 31 Mar 2025 10:31:02 +0000
ROA not after: Mon 14 Apr 2025 10:31:02 +0000
asID: 150750
IP address blocks: 154.208.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96034 (0x17722)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 31 10:31:02 2025 GMT
Not After : Apr 14 10:31:02 2025 GMT
Subject: CN=67ea6eea-3284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d5:6b:4e:33:be:ac:55:55:36:e5:30:84:3b:
50:e5:50:22:53:dc:65:a5:68:f2:0a:60:9d:0f:87:
3f:be:32:f7:ed:b6:57:b6:5a:1a:a4:fe:7c:69:e3:
3c:bb:97:7e:d5:1a:f5:42:3d:89:98:b6:f2:bc:62:
07:87:c7:e8:21:e6:65:6c:63:67:b9:f2:50:bb:0f:
72:63:56:01:99:52:ed:37:1d:85:da:d7:1a:29:13:
a3:0a:b2:42:77:fe:10:fb:f3:69:56:db:a1:05:00:
d7:58:bd:a0:43:26:ec:58:bd:a9:1e:11:eb:4a:0c:
3e:05:96:a0:12:3a:a7:24:67:28:b1:ec:4c:8a:ed:
88:44:de:a7:fe:99:40:76:df:5a:d2:7c:10:ea:7a:
f3:a8:82:fb:56:dc:72:c5:05:cf:57:2b:5e:04:11:
f0:75:8c:8a:5d:cb:40:5d:ae:52:1a:68:6d:63:22:
b9:1d:6c:e5:26:ec:7f:38:55:ea:c4:9f:3a:35:0b:
c3:60:26:7a:36:f9:72:34:ea:8e:40:5e:0e:e6:e2:
55:88:fd:0d:80:92:d5:2d:ef:52:65:a5:cc:7f:10:
1a:b4:0d:26:56:54:04:31:f2:dc:99:ed:e9:10:2e:
5b:b3:ab:55:ac:58:f2:dc:ac:78:12:39:cf:f3:18:
9a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:09:AA:E2:F8:49:41:42:2F:01:CE:BF:89:25:6D:0D:A8:A4:C2:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40BE1BE80E1B11F0B95C1F73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.32.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:3d:35:a9:0d:67:3f:88:a9:fc:17:b9:79:ca:3b:8d:42:67:
43:72:b2:9b:e7:2d:3f:8d:63:0b:1a:95:09:ef:c0:ad:06:4f:
7c:cb:66:94:00:43:3d:07:87:5b:e2:69:07:3c:26:07:09:2e:
b2:cf:a5:f6:6d:94:23:a6:c4:b9:eb:84:02:62:39:2c:30:4a:
4c:e4:bc:93:ac:09:35:76:68:98:5f:24:1e:a0:d4:34:5b:1d:
e6:a7:1a:8f:af:1c:e0:5d:e4:dd:10:8a:e2:f1:2c:44:b0:16:
ec:d2:dd:fe:e8:63:7f:f4:3e:18:2a:e4:bf:ec:0e:ef:a4:b6:
33:6b:44:cd:03:3b:9f:59:0d:4c:ec:84:39:43:b5:88:59:0d:
18:51:7b:78:a9:0b:30:bb:e7:cb:65:72:66:ac:44:28:68:5d:
84:79:39:a0:0d:49:fe:92:38:fc:b7:d4:63:0f:55:29:fc:f5:
fc:59:d6:57:fd:e7:93:b5:7d:ed:b9:4d:32:83:69:3e:84:5e:
51:e9:4f:b7:2e:5d:c4:53:e4:62:78:30:a3:45:b3:b5:bf:1b:
41:c3:6d:69:b0:80:1d:24:cb:fc:32:be:06:88:7e:95:7d:b2:
73:d9:b6:87:69:98:dc:e3:6e:65:38:1f:cb:41:80:8a:4c:27:
22:fb:ec:ff
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXciMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzMxMTAzMTAyWhcNMjUwNDE0MTAzMTAyWjAYMRYw
FAYDVQQDEw02N2VhNmVlYS0zMjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAotVrTjO+rFVVNuUwhDtQ5VAiU9xlpWjyCmCdD4c/vjL37bZXtloapP58
aeM8u5d+1Rr1Qj2JmLbyvGIHh8foIeZlbGNnufJQuw9yY1YBmVLtNx2F2tcaKROj
CrJCd/4Q+/NpVtuhBQDXWL2gQybsWL2pHhHrSgw+BZagEjqnJGcosexMiu2IRN6n
/plAdt9a0nwQ6nrzqIL7VtxyxQXPVyteBBHwdYyKXctAXa5SGmhtYyK5HWzlJux/
OFXqxJ86NQvDYCZ6NvlyNOqOQF4O5uJViP0NgJLVLe9SZaXMfxAatA0mVlQEMfLc
me3pEC5bs6tVrFjy3Kx4EjnP8xiaxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIIJ
quL4SUFCLwHOv4klbQ2opMJgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MEJFMUJFODBFMUIxMUYwQjk1QzFGNzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtAgMA0GCSqGSIb3DQEB
CwUAA4IBAQAaPTWpDWc/iKn8F7l5yjuNQmdDcrKb5y0/jWMLGpUJ78CtBk98y2aU
AEM9B4db4mkHPCYHCS6yz6X2bZQjpsS564QCYjksMEpM5LyTrAk1dmiYXyQeoNQ0
Wx3mpxqPrxzgXeTdEIri8SxEsBbs0t3+6GN/9D4YKuS/7A7vpLYza0TNAzufWQ1M
7IQ5Q7WIWQ0YUXt4qQswu+fLZXJmrEQoaF2EeTmgDUn+kjj8t9RjD1Up/PX8WdZX
/eeTtX3tuU0yg2k+hF5R6U+3Ll3EU+RieDCjRbO1vxtBw21psIAdJMv8Mr4GiH6V
fbJz2baHaZjc425lOB/LQYCKTCci++z/
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:58:55 2025 by rpki-client