Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48E1F3E406FF11F0B240107C762E951A.roa
File: 48E1F3E406FF11F0B240107C762E951A.roa (raw, json)
Hash identifier: m5zMOLHvsVdgi5f1R4L5rG98DBmNqBFN3CP/DyxjtfM=
Subject key identifier: 19:2C:9B:A5:EA:44:B6:61:59:11:1D:1D:3B:3B:C6:7D:23:17:F0:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017568
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48E1F3E406FF11F0B240107C762E951A.roa
Signing time: Sat 22 Mar 2025 09:23:16 +0000
ROA not before: Sat 22 Mar 2025 09:23:11 +0000
ROA not after: Tue 29 Apr 2025 09:23:11 +0000
asID: 135983
IP address blocks: 154.200.32.0/24 maxlen: 24
154.200.33.0/24 maxlen: 24
154.200.35.0/24 maxlen: 24
154.200.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95592 (0x17568)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 22 09:23:11 2025 GMT
Not After : Apr 29 09:23:11 2025 GMT
Subject: CN=67de8184-b482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f9:6b:e7:32:61:e2:04:39:75:9b:84:50:5c:
49:65:47:08:6e:89:a2:42:7c:e3:f7:8c:2a:3d:f7:
e1:52:b4:42:07:8d:fa:23:19:be:4f:b0:7a:a5:74:
1d:a6:4c:22:c3:df:4f:13:8f:2d:d3:6e:b5:69:c9:
76:16:9e:49:04:4b:6b:40:69:6e:32:5e:fa:df:8b:
f9:61:26:41:58:0c:d2:13:98:e0:36:e4:d5:36:44:
1f:53:a0:b2:7f:a3:f6:44:ad:8b:bc:09:f3:8f:6d:
bf:0c:f5:32:2d:13:34:be:2b:6f:de:fb:73:98:74:
f4:1d:6d:12:19:17:c8:61:9a:8d:84:da:20:75:8f:
f2:52:03:c5:7d:bb:c0:a0:77:f6:82:93:24:4a:f4:
6f:c7:80:e6:2e:fc:fd:48:cf:e8:47:a3:31:7d:7c:
9f:29:40:76:d4:a8:f1:dd:a9:ab:4c:1f:4d:fd:ca:
a5:52:af:95:20:04:60:06:61:66:7d:51:cc:36:52:
c2:81:26:2f:1d:52:f9:bd:34:33:f8:ff:46:f1:b3:
e1:94:be:06:05:91:8d:64:2d:a3:08:a4:5a:34:e1:
43:89:b6:81:f4:b0:0f:76:35:ff:87:2c:ab:e2:cb:
27:47:d6:14:0c:9d:65:b9:77:cd:bb:41:e0:ae:56:
d2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2C:9B:A5:EA:44:B6:61:59:11:1D:1D:3B:3B:C6:7D:23:17:F0:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48E1F3E406FF11F0B240107C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.32.0/23
154.200.35.0-154.200.36.255
Signature Algorithm: sha256WithRSAEncryption
0b:93:4f:83:7b:93:f0:78:3b:32:88:88:53:23:ed:12:d5:83:
86:6b:3e:c1:87:d7:cf:33:5b:94:a1:5c:6d:df:03:a8:bf:ba:
90:a7:36:2e:a4:d2:41:a5:ac:b1:00:56:05:70:90:36:88:53:
05:b3:26:14:d6:68:9f:6a:05:0c:71:cb:df:69:a4:ad:2b:9e:
33:22:5b:f0:a0:41:07:84:bd:9d:f8:e2:63:41:ea:6f:32:58:
ea:47:3c:8c:5c:63:3f:5b:46:49:d7:82:be:2a:ce:07:e6:77:
d5:9f:6a:c1:1a:97:ea:76:47:a6:cc:d6:82:0c:a4:b2:ab:02:
cd:6c:6c:80:1b:75:13:f0:f9:8f:eb:95:93:4e:69:c1:f2:ec:
aa:d1:9a:03:12:60:4f:31:43:be:cc:61:ce:b4:ee:67:32:1d:
67:cd:b8:34:82:c6:c6:22:b9:9e:c2:55:8e:f4:77:bb:c8:c8:
b3:ca:c6:b7:12:72:b3:54:3e:67:94:f0:cd:78:61:a2:b7:3d:
5e:83:ba:6e:72:b5:aa:c7:86:14:f8:80:4b:9c:b3:5a:c3:d1:
59:df:a8:95:49:6e:53:32:11:c9:3b:d5:f5:52:09:fa:e7:eb:
e0:05:6f:7d:1d:a0:28:4b:dc:03:16:d6:c9:a6:b8:b0:51:9f:
3d:d9:7d:ce
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXVoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIyMDkyMzExWhcNMjUwNDI5MDkyMzExWjAYMRYw
FAYDVQQDEw02N2RlODE4NC1iNDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv/lr5zJh4gQ5dZuEUFxJZUcIbomiQnzj94wqPffhUrRCB436Ixm+T7B6
pXQdpkwiw99PE48t0261acl2Fp5JBEtrQGluMl7634v5YSZBWAzSE5jgNuTVNkQf
U6Cyf6P2RK2LvAnzj22/DPUyLRM0vitv3vtzmHT0HW0SGRfIYZqNhNogdY/yUgPF
fbvAoHf2gpMkSvRvx4DmLvz9SM/oR6MxfXyfKUB21Kjx3amrTB9N/cqlUq+VIARg
BmFmfVHMNlLCgSYvHVL5vTQz+P9G8bPhlL4GBZGNZC2jCKRaNOFDibaB9LAPdjX/
hyyr4ssnR9YUDJ1luXfNu0HgrlbSrwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBks
m6XqRLZhWREdHTs7xn0jF/DbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OEUxRjNFNDA2RkYxMUYwQjI0MDEwN0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBmsggMAwDBACayCMDBACa
yCQwDQYJKoZIhvcNAQELBQADggEBAAuTT4N7k/B4OzKIiFMj7RLVg4ZrPsGH188z
W5ShXG3fA6i/upCnNi6k0kGlrLEAVgVwkDaIUwWzJhTWaJ9qBQxxy99ppK0rnjMi
W/CgQQeEvZ344mNB6m8yWOpHPIxcYz9bRknXgr4qzgfmd9WfasEal+p2R6bM1oIM
pLKrAs1sbIAbdRPw+Y/rlZNOacHy7KrRmgMSYE8xQ77MYc607mcyHWfNuDSCxsYi
uZ7CVY70d7vIyLPKxrcScrNUPmeU8M14YaK3PV6Dum5ytarHhhT4gEucs1rD0Vnf
qJVJblMyEck71fVSCfrn6+AFb30doChL3AMW1smmuLBRnz3Zfc4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:16 2025 by rpki-client