Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/445E2914F45811EF95C99571762E951A.roa
File: 445E2914F45811EF95C99571762E951A.roa (raw, json)
Hash identifier: tQj1498KN/uJMz0IS2VkUOPkAyi/6M8PmhZSVEjlL58=
Subject key identifier: 2E:8D:24:A3:E6:33:4C:06:28:F0:FD:BB:52:4D:3F:4E:EC:58:42:9D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0164E8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/445E2914F45811EF95C99571762E951A.roa
Signing time: Wed 26 Feb 2025 15:42:22 +0000
ROA not before: Wed 26 Feb 2025 15:42:15 +0000
ROA not after: Sat 19 Feb 2028 15:42:15 +0000
asID: 17561
IP address blocks: 154.82.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91368 (0x164e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 15:42:15 2025 GMT
Not After : Feb 19 15:42:15 2028 GMT
Subject: CN=67bf365d-4ff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:71:f6:90:17:e0:9e:c0:d2:a3:8d:80:7a:8b:
07:f8:be:61:89:e8:25:f9:df:2c:62:5a:71:dd:92:
aa:2f:e9:94:ce:4a:1b:33:69:76:72:94:c3:a4:9c:
53:0d:66:6a:eb:3d:9c:86:04:c9:f1:f4:6b:e9:74:
60:26:be:95:de:e4:4f:f2:03:a2:04:c1:19:d2:f3:
b1:82:64:8c:e8:d1:c2:c6:8f:24:45:83:51:c9:99:
2d:84:c0:3d:5a:ca:78:51:04:00:f4:4b:1a:ac:d8:
e6:cf:5f:4d:b5:df:40:f8:91:88:25:3c:a1:dc:f8:
9a:b6:59:ba:f4:b6:65:03:59:8a:ea:68:c2:8b:f9:
a8:19:89:61:64:66:83:24:ad:35:36:ee:ad:88:81:
3f:5f:12:e6:2f:cf:67:56:7b:48:1d:9d:1e:0a:45:
ec:60:bb:e8:2d:99:ac:4e:d7:fd:05:1a:1c:ab:a2:
b7:ff:22:5c:5f:33:66:45:5f:c6:49:a0:eb:42:17:
5f:a9:b3:68:94:ea:2b:d5:b0:30:e6:ff:d0:76:c9:
21:18:e3:1a:21:e3:5a:d0:5f:d0:28:e2:d1:e7:eb:
29:ab:e4:10:81:5a:50:58:ed:8b:2e:de:4a:37:59:
ef:f8:7e:d4:28:c4:a3:96:d5:98:ea:ce:98:58:33:
e8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:8D:24:A3:E6:33:4C:06:28:F0:FD:BB:52:4D:3F:4E:EC:58:42:9D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/445E2914F45811EF95C99571762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.240.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:53:11:cb:0b:a2:a8:f9:95:63:03:2f:5e:8c:4d:d2:c1:35:
91:df:92:45:65:8a:16:b1:eb:73:25:17:06:15:28:dc:3e:dd:
a1:63:54:2a:cc:e2:56:2f:ad:71:42:93:af:23:38:b9:96:60:
a3:b6:2c:df:8a:4b:91:69:34:eb:0d:0b:6b:f4:8b:82:20:eb:
41:b5:0e:59:75:24:03:16:8b:95:a6:9b:49:07:64:79:3d:03:
82:15:5e:e2:9c:98:c0:be:2d:8b:ad:10:7d:0b:b5:25:83:74:
e8:5e:c3:47:f6:a3:2f:15:80:76:54:18:e6:94:f7:9a:93:75:
3f:df:0d:3b:1b:c0:35:7e:ef:ae:cb:b5:3c:1b:66:89:1c:f9:
46:b6:52:de:66:fc:6c:b1:c8:21:4a:13:d2:f5:b0:09:08:81:
89:3f:50:b9:17:16:22:19:3f:48:af:b7:68:73:b1:d2:a2:04:
d6:f8:5f:4e:7b:5c:09:15:3a:98:e9:e4:66:b7:94:e9:c7:90:
6b:34:32:66:46:e8:4a:4b:0c:38:51:2b:fd:75:15:e2:cf:37:
c8:d4:58:16:c1:d9:64:ad:a5:c2:6c:99:f4:fe:9e:58:6d:07:
b3:4a:26:53:40:ae:d7:d3:03:47:f8:ca:f5:dd:18:9e:49:56:
a7:7d:6a:13
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWToMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTU0MjE1WhcNMjgwMjE5MTU0MjE1WjAYMRYw
FAYDVQQDEw02N2JmMzY1ZC00ZmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA03H2kBfgnsDSo42AeosH+L5hiegl+d8sYlpx3ZKqL+mUzkobM2l2cpTD
pJxTDWZq6z2chgTJ8fRr6XRgJr6V3uRP8gOiBMEZ0vOxgmSM6NHCxo8kRYNRyZkt
hMA9Wsp4UQQA9EsarNjmz19Ntd9A+JGIJTyh3Piatlm69LZlA1mK6mjCi/moGYlh
ZGaDJK01Nu6tiIE/XxLmL89nVntIHZ0eCkXsYLvoLZmsTtf9BRocq6K3/yJcXzNm
RV/GSaDrQhdfqbNolOor1bAw5v/QdskhGOMaIeNa0F/QKOLR5+spq+QQgVpQWO2L
Lt5KN1nv+H7UKMSjltWY6s6YWDPosQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC6N
JKPmM0wGKPD9u1JNP07sWEKdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NDVFMjkxNEY0NTgxMUVGOTVDOTk1NzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLwMA0GCSqGSIb3DQEB
CwUAA4IBAQB6UxHLC6Ko+ZVjAy9ejE3SwTWR35JFZYoWsetzJRcGFSjcPt2hY1Qq
zOJWL61xQpOvIzi5lmCjtizfikuRaTTrDQtr9IuCIOtBtQ5ZdSQDFouVpptJB2R5
PQOCFV7inJjAvi2LrRB9C7Ulg3ToXsNH9qMvFYB2VBjmlPeak3U/3w07G8A1fu+u
y7U8G2aJHPlGtlLeZvxsscghShPS9bAJCIGJP1C5FxYiGT9Ir7doc7HSogTW+F9O
e1wJFTqY6eRmt5Tpx5BrNDJmRuhKSww4USv9dRXizzfI1FgWwdlkraXCbJn0/p5Y
bQezSiZTQK7X0wNH+Mr13RieSVanfWoT
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:43 2025 by rpki-client