Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/414BD458C8AA11EF9E853595762E951A.roa
File: 414BD458C8AA11EF9E853595762E951A.roa (raw, json)
Hash identifier: fmhIpE3GSgPkBnBn7AkjzMyTDHQqt6io82NRoktMbtw=
Subject key identifier: EC:9F:03:D2:B8:DD:23:01:A8:E0:E2:D2:5E:A3:43:62:11:D7:F1:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01316E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/414BD458C8AA11EF9E853595762E951A.roa
Signing time: Thu 02 Jan 2025 01:38:24 +0000
ROA not before: Thu 02 Jan 2025 01:38:20 +0000
ROA not after: Fri 12 Dec 2025 01:38:20 +0000
asID: 984
IP address blocks: 154.220.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78190 (0x1316e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 01:38:20 2025 GMT
Not After : Dec 12 01:38:20 2025 GMT
Subject: CN=6775ee10-381a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:21:c1:2e:16:73:8f:e7:d1:69:cc:4c:20:98:
3a:3b:f4:db:99:a9:f9:b0:67:4b:ba:84:8c:ff:45:
06:df:ee:98:b9:db:23:e1:ee:71:04:31:e8:d3:e5:
42:2d:56:82:ba:6a:ad:ac:65:b8:23:ad:98:ed:b7:
12:04:d1:e0:80:79:1f:4b:eb:48:13:98:cd:18:cd:
86:34:72:c1:b8:a1:86:2a:e5:bb:f6:98:b4:af:e1:
67:4a:7f:53:a6:39:7b:af:d8:6e:39:a0:4c:e4:60:
91:29:52:d9:b6:62:52:30:c2:f5:c9:f7:b3:64:df:
02:a7:a7:5e:97:47:48:f2:a0:ca:f2:e6:81:c4:ff:
37:8f:b1:f9:30:7a:c8:9f:c3:fd:fc:b4:20:4f:03:
ca:fe:59:c8:80:b5:22:1e:57:e5:79:c7:58:24:82:
c3:40:50:70:16:c6:af:9e:96:99:e1:56:b2:10:ca:
b5:2b:82:97:be:d9:34:b8:a1:da:1e:8c:40:c5:03:
2d:16:fa:cc:d4:31:10:fc:9c:36:ba:04:89:e1:aa:
bc:12:a3:c4:e5:1f:5e:ea:84:32:35:53:15:f6:f1:
be:c9:11:b0:a7:c5:0a:27:af:78:82:fb:d0:f9:ae:
04:9e:05:fb:8d:c5:ee:91:78:5b:a0:d0:d4:8d:fb:
90:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9F:03:D2:B8:DD:23:01:A8:E0:E2:D2:5E:A3:43:62:11:D7:F1:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/414BD458C8AA11EF9E853595762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.146.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:d1:12:6e:3b:81:8f:e5:4f:d3:28:40:9b:b7:0f:a1:96:3d:
fa:63:9d:62:06:46:e9:fa:af:aa:6d:1c:af:ca:04:39:a2:88:
7f:9b:d5:be:96:86:2d:b5:7f:25:ee:33:a0:0a:76:64:28:6a:
36:09:6e:0e:73:6a:79:92:ed:e4:38:5d:c4:ff:52:db:e6:a7:
14:5d:3c:23:39:13:da:19:5e:55:bf:3e:b7:26:14:fe:a0:5f:
19:e2:2e:f1:9b:7e:73:49:11:28:a1:4a:0f:b2:1d:a8:f7:c2:
02:ed:74:a9:0b:c1:a6:48:ef:bc:5e:51:77:f1:bb:2a:df:fd:
12:dc:ab:f0:a8:bb:97:40:89:fb:25:dd:91:a1:ff:14:fd:6c:
42:c3:84:8c:1e:70:65:f2:35:2d:d6:e0:8d:2e:52:46:59:a3:
c4:66:6b:be:d1:bf:9d:9c:d0:c7:98:fc:85:85:56:cb:a2:89:
08:8c:ca:b0:0b:25:1f:e1:b4:6c:60:eb:83:39:ee:f0:75:80:
a0:57:76:32:f8:e3:7c:f5:07:e0:38:81:e7:79:12:25:b5:29:
43:0b:41:97:8f:aa:5f:97:61:1a:41:7b:96:e5:c5:35:1b:0e:
1d:1a:04:f1:6e:7d:78:f5:5a:17:0f:ab:c8:f2:f4:fe:7a:7a:
5a:e7:ef:03
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATFuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDEzODIwWhcNMjUxMjEyMDEzODIwWjAYMRYw
FAYDVQQDEw02Nzc1ZWUxMC0zODFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzCHBLhZzj+fRacxMIJg6O/Tbman5sGdLuoSM/0UG3+6Yudsj4e5xBDHo
0+VCLVaCumqtrGW4I62Y7bcSBNHggHkfS+tIE5jNGM2GNHLBuKGGKuW79pi0r+Fn
Sn9Tpjl7r9huOaBM5GCRKVLZtmJSMML1yfezZN8Cp6del0dI8qDK8uaBxP83j7H5
MHrIn8P9/LQgTwPK/lnIgLUiHlflecdYJILDQFBwFsavnpaZ4VayEMq1K4KXvtk0
uKHaHoxAxQMtFvrM1DEQ/Jw2ugSJ4aq8EqPE5R9e6oQyNVMV9vG+yRGwp8UKJ694
gvvQ+a4EngX7jcXukXhboNDUjfuQwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOyf
A9K43SMBqODi0l6jQ2IR1/H4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTRCRDQ1OEM4QUExMUVGOUU4NTM1OTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtySMA0GCSqGSIb3DQEB
CwUAA4IBAQC70RJuO4GP5U/TKECbtw+hlj36Y51iBkbp+q+qbRyvygQ5ooh/m9W+
loYttX8l7jOgCnZkKGo2CW4Oc2p5ku3kOF3E/1Lb5qcUXTwjORPaGV5Vvz63JhT+
oF8Z4i7xm35zSREooUoPsh2o98IC7XSpC8GmSO+8XlF38bsq3/0S3KvwqLuXQIn7
Jd2Rof8U/WxCw4SMHnBl8jUt1uCNLlJGWaPEZmu+0b+dnNDHmPyFhVbLookIjMqw
CyUf4bRsYOuDOe7wdYCgV3Yy+ON89QfgOIHneRIltSlDC0GXj6pfl2EaQXuW5cU1
Gw4dGgTxbn149VoXD6vI8vT+enpa5+8D
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:52 2025 by rpki-client