Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D606D8058811F0BB9E7388762E951A.roa
File: 43D606D8058811F0BB9E7388762E951A.roa (raw, json)
Hash identifier: FVHbSVO7eWXobUznaaQpogSLcMdig3YmrEN+RIdZRZc=
Subject key identifier: 9D:BC:67:82:38:38:8F:85:0D:37:7F:BA:D2:20:C7:D2:52:0D:C1:C3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017552
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D606D8058811F0BB9E7388762E951A.roa
Signing time: Thu 20 Mar 2025 12:38:46 +0000
ROA not before: Thu 20 Mar 2025 12:38:42 +0000
ROA not after: Fri 25 Apr 2025 12:38:42 +0000
asID: 395839
IP address blocks: 154.194.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95570 (0x17552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 20 12:38:42 2025 GMT
Not After : Apr 25 12:38:42 2025 GMT
Subject: CN=67dc0c56-2a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a5:72:64:cc:d9:13:d6:df:bc:76:91:ba:ae:
af:50:9b:49:70:26:50:5a:7a:9d:79:9a:3c:50:f9:
02:e8:8a:47:6f:ab:15:1e:1d:02:54:d3:e4:94:d0:
7f:93:c1:dd:37:c2:80:92:30:ff:9a:ed:95:b4:cf:
5f:9e:a5:18:a8:04:2a:34:dd:d1:87:e6:ad:38:7e:
81:e0:35:a7:e3:c6:06:2b:94:25:5c:e1:52:1f:f9:
94:01:a6:08:92:59:48:b0:69:8c:70:3b:d5:3b:32:
5a:35:f7:1c:bc:3e:c4:c6:18:38:f9:ef:3c:16:b4:
9d:e8:10:14:98:30:79:c2:74:11:72:b1:8d:28:09:
14:3a:87:e9:36:64:0c:77:36:60:d6:d8:b0:64:4f:
00:f9:54:0a:79:08:dd:89:f2:81:fe:eb:0b:88:ce:
cd:62:97:75:1d:df:c5:56:d9:c9:90:6d:e7:1b:b5:
07:20:f4:9e:3a:ba:c3:ad:25:d5:4e:52:11:46:ad:
77:a6:2d:34:17:60:a0:5f:ca:bb:c4:d4:3a:c9:9e:
a2:63:90:4e:ce:0a:73:16:3d:c0:20:92:5b:4f:d1:
dd:19:f1:f6:1f:0f:65:20:8c:2e:77:e0:4a:7a:ef:
9b:35:c6:83:66:30:59:52:6e:8c:2f:39:d3:2f:4c:
ec:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BC:67:82:38:38:8F:85:0D:37:7F:BA:D2:20:C7:D2:52:0D:C1:C3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D606D8058811F0BB9E7388762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.6.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:db:af:95:3f:6a:55:90:63:a2:16:9f:e3:f4:68:80:5d:78:
69:78:38:3f:b1:28:ed:e8:58:9a:7a:48:6f:49:48:70:8b:48:
ac:b0:3d:2a:d3:ff:a8:e3:a8:8b:16:3c:5c:2d:03:12:1d:01:
1b:41:13:5c:f5:ae:f0:84:0a:a9:a3:b8:6e:e3:b8:f0:c4:71:
a2:fc:53:bc:9c:00:ed:51:b2:44:4a:f4:ea:1a:07:03:0e:fd:
fd:f4:e9:83:2d:4b:8b:26:71:c0:95:67:ce:ee:86:ad:41:dd:
34:13:65:f7:81:e2:ec:1d:76:21:13:7b:40:fe:a5:01:7c:95:
af:91:c4:a2:b3:e7:b4:bc:25:bb:d2:9e:38:26:d9:99:a7:c1:
c7:ed:24:6d:37:28:09:a8:3a:90:eb:52:31:46:eb:b7:0f:7c:
df:3f:5f:d6:f6:c1:2c:9b:20:09:a1:66:66:38:73:11:6d:61:
36:86:91:c5:40:b9:e0:99:1a:e0:4c:97:64:0d:21:8f:09:86:
c5:4c:ba:ac:bf:d5:71:49:bc:eb:54:d7:b4:cc:74:74:93:48:
ab:a9:c5:c7:3a:b2:ef:e4:be:7f:b3:fe:49:8e:0e:96:67:a2:
eb:2c:14:f7:db:3b:c0:49:19:70:83:b0:b3:e6:ab:f2:0b:ca:
d0:eb:11:16
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXVSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIwMTIzODQyWhcNMjUwNDI1MTIzODQyWjAYMRYw
FAYDVQQDEw02N2RjMGM1Ni0yYTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtqVyZMzZE9bfvHaRuq6vUJtJcCZQWnqdeZo8UPkC6IpHb6sVHh0CVNPk
lNB/k8HdN8KAkjD/mu2VtM9fnqUYqAQqNN3Rh+atOH6B4DWn48YGK5QlXOFSH/mU
AaYIkllIsGmMcDvVOzJaNfccvD7Exhg4+e88FrSd6BAUmDB5wnQRcrGNKAkUOofp
NmQMdzZg1tiwZE8A+VQKeQjdifKB/usLiM7NYpd1Hd/FVtnJkG3nG7UHIPSeOrrD
rSXVTlIRRq13pi00F2CgX8q7xNQ6yZ6iY5BOzgpzFj3AIJJbT9HdGfH2Hw9lIIwu
d+BKeu+bNcaDZjBZUm6MLznTL0zsowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ28
Z4I4OI+FDTd/utIgx9JSDcHDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0Q2MDZEODA1ODgxMUYwQkI5RTczODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIGMA0GCSqGSIb3DQEB
CwUAA4IBAQDD26+VP2pVkGOiFp/j9GiAXXhpeDg/sSjt6FiaekhvSUhwi0issD0q
0/+o46iLFjxcLQMSHQEbQRNc9a7whAqpo7hu47jwxHGi/FO8nADtUbJESvTqGgcD
Dv399OmDLUuLJnHAlWfO7oatQd00E2X3geLsHXYhE3tA/qUBfJWvkcSis+e0vCW7
0p44JtmZp8HH7SRtNygJqDqQ61IxRuu3D3zfP1/W9sEsmyAJoWZmOHMRbWE2hpHF
QLngmRrgTJdkDSGPCYbFTLqsv9VxSbzrVNe0zHR0k0irqcXHOrLv5L5/s/5Jjg6W
Z6LrLBT32zvASRlwg7Cz5qvyC8rQ6xEW
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:01 2025 by rpki-client