Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/467667D8F3E611EFBFEACB50762E951A.roa
File: 467667D8F3E611EFBFEACB50762E951A.roa (raw, json)
Hash identifier: Rf8akoMMl8ABRJ0g52GL47LUa/AwzaTG+o36qKP2JrU=
Subject key identifier: 5A:97:DE:F1:35:59:6C:27:56:9C:82:AC:31:58:53:FD:1B:50:11:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016078
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/467667D8F3E611EFBFEACB50762E951A.roa
Signing time: Wed 26 Feb 2025 02:06:22 +0000
ROA not before: Wed 26 Feb 2025 02:06:18 +0000
ROA not after: Thu 19 Feb 2026 02:06:18 +0000
asID: 984
IP address blocks: 154.203.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90232 (0x16078)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 02:06:18 2025 GMT
Not After : Feb 19 02:06:18 2026 GMT
Subject: CN=67be771e-a3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3f:07:ed:9f:b0:6f:f5:b5:41:a0:1c:6f:73:
68:46:aa:92:40:07:5d:18:b9:56:33:5c:bb:14:82:
7b:29:22:75:47:95:4e:1f:c6:3f:6e:a0:a0:11:b4:
95:bf:4f:9f:d1:90:c1:1b:4e:87:29:19:80:ee:e2:
ab:ee:fb:0e:d9:84:3c:44:bd:a3:dc:45:ce:18:a0:
80:34:06:05:24:fb:37:06:a4:14:75:59:1f:94:90:
dd:99:e8:9b:d1:58:ec:5c:2c:11:3e:ee:6c:ae:e6:
94:9f:72:a1:78:b4:d2:b7:50:1b:2d:fb:78:eb:42:
83:0e:e0:2c:e7:42:44:d9:1c:72:fe:b6:05:3d:6a:
75:b2:ae:6f:d4:f1:c2:4e:bf:57:5e:af:40:ad:ed:
5b:79:e6:bf:1c:c7:db:c0:81:99:75:b9:2b:12:06:
f8:b8:4b:75:95:39:76:ff:b2:d7:d9:52:8a:14:d7:
81:a5:ae:ac:5b:e0:e7:f1:d4:0b:42:40:99:ae:0b:
c3:b5:46:d6:8e:23:ee:d4:b0:d4:87:3b:2a:a8:60:
40:49:c5:e9:d4:ff:c8:fa:28:6f:c2:61:7c:6c:63:
1b:6f:c1:79:e3:4b:ef:4c:cf:b9:3e:bd:2b:3d:bf:
8e:40:cd:52:8b:ec:b3:86:f7:46:0c:d8:20:60:e1:
ff:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:97:DE:F1:35:59:6C:27:56:9C:82:AC:31:58:53:FD:1B:50:11:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/467667D8F3E611EFBFEACB50762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.7.0/24
Signature Algorithm: sha256WithRSAEncryption
70:64:9a:2d:ed:18:a4:48:f0:dd:02:fb:3a:9c:f8:53:cf:7b:
0e:1c:d4:53:79:34:db:b9:94:9c:ce:42:fd:fd:15:99:43:21:
04:38:3e:72:16:3e:d9:b2:07:86:78:5e:f7:8b:9c:b1:8f:b6:
8f:5b:c0:58:d3:14:aa:16:8c:06:ba:cf:88:68:76:e6:2a:b1:
f9:1d:dc:f8:e0:c9:0f:3f:e4:e9:52:99:00:4c:55:3c:f8:d0:
9c:24:6d:05:1b:a1:f8:60:c9:12:d4:97:ee:0c:34:fd:02:35:
66:58:46:cf:2e:72:41:10:c4:68:76:ee:a4:15:de:24:05:32:
2c:da:01:d6:3c:86:29:39:9a:9f:64:95:ae:68:f7:29:04:ac:
42:a9:ab:4c:f7:d4:16:a1:01:c4:ab:84:29:21:cb:88:c7:72:
c5:1c:9c:2b:7b:2a:24:78:a8:90:b2:63:7c:83:46:fb:41:40:
d6:aa:cb:13:1f:fb:28:04:b1:d1:e7:4c:61:fb:7d:23:89:7d:
16:6e:a9:d9:39:df:34:29:f2:5b:cb:53:0f:7f:6f:60:e4:a8:
db:70:45:c9:31:94:07:c9:d5:47:1f:5c:7f:71:03:04:38:20:
1b:43:a3:97:3a:a5:43:a2:e2:29:67:1b:17:75:76:0f:b1:63:
b9:01:0c:10
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWB4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDIwNjE4WhcNMjYwMjE5MDIwNjE4WjAYMRYw
FAYDVQQDEw02N2JlNzcxZS1hM2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyD8H7Z+wb/W1QaAcb3NoRqqSQAddGLlWM1y7FIJ7KSJ1R5VOH8Y/bqCg
EbSVv0+f0ZDBG06HKRmA7uKr7vsO2YQ8RL2j3EXOGKCANAYFJPs3BqQUdVkflJDd
meib0VjsXCwRPu5sruaUn3KheLTSt1AbLft460KDDuAs50JE2Rxy/rYFPWp1sq5v
1PHCTr9XXq9Are1beea/HMfbwIGZdbkrEgb4uEt1lTl2/7LX2VKKFNeBpa6sW+Dn
8dQLQkCZrgvDtUbWjiPu1LDUhzsqqGBAScXp1P/I+ihvwmF8bGMbb8F540vvTM+5
Pr0rPb+OQM1Si+yzhvdGDNggYOH/6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFqX
3vE1WWwnVpyCrDFYU/0bUBFPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Njc2NjdEOEYzRTYxMUVGQkZFQUNCNTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmssHMA0GCSqGSIb3DQEB
CwUAA4IBAQBwZJot7RikSPDdAvs6nPhTz3sOHNRTeTTbuZSczkL9/RWZQyEEOD5y
Fj7ZsgeGeF73i5yxj7aPW8BY0xSqFowGus+IaHbmKrH5Hdz44MkPP+TpUpkATFU8
+NCcJG0FG6H4YMkS1JfuDDT9AjVmWEbPLnJBEMRodu6kFd4kBTIs2gHWPIYpOZqf
ZJWuaPcpBKxCqatM99QWoQHEq4QpIcuIx3LFHJwreyokeKiQsmN8g0b7QUDWqssT
H/soBLHR50xh+30jiX0WbqnZOd80KfJby1MPf29g5KjbcEXJMZQHydVHH1x/cQME
OCAbQ6OXOqVDouIpZxsXdXYPsWO5AQwQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:06:48 2025 by rpki-client