Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48EDC1FEF4A011EFA374CA5D762E951A.roa
File: 48EDC1FEF4A011EFA374CA5D762E951A.roa (raw, json)
Hash identifier: 7tlY/OJIWdZG74DhSvuwIFRjYCQG3ZWS6gtZuIgSynA=
Subject key identifier: 03:62:4C:86:86:26:DD:48:BE:DE:C6:8F:A3:AB:7D:7B:30:F5:63:77
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0165FD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48EDC1FEF4A011EFA374CA5D762E951A.roa
Signing time: Thu 27 Feb 2025 00:17:53 +0000
ROA not before: Thu 27 Feb 2025 00:00:49 +0000
ROA not after: Sat 19 Feb 2028 00:00:49 +0000
asID: 17561
IP address blocks: 154.94.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91645 (0x165fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 00:00:49 2025 GMT
Not After : Feb 19 00:00:49 2028 GMT
Subject: CN=67bfaf31-af65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8d:62:2e:ea:91:3e:39:16:ff:30:40:42:f4:
50:a3:6c:ac:42:0e:4e:7b:49:4c:e1:bf:7b:c5:b7:
0d:c0:f8:fe:67:4a:70:e2:8c:9c:20:86:51:c5:54:
f2:de:8b:f1:01:d9:60:a6:4d:3a:2b:bb:ed:ae:40:
79:93:ae:e3:06:16:89:ab:2a:17:72:a9:85:7d:1c:
63:42:b5:e8:5b:fc:96:05:9c:67:0b:71:8d:53:81:
81:2e:94:63:54:e5:a3:26:2e:ff:2e:f6:23:dd:5e:
9b:be:ec:6f:52:96:c0:30:5b:5e:c3:86:16:3c:13:
31:e9:f7:a6:39:a1:68:2d:99:8a:fe:92:ec:3e:1f:
d6:dc:84:fe:83:e9:35:46:75:c0:1c:f5:9b:53:ea:
e3:57:93:38:d2:dc:07:39:f4:d4:a0:72:a9:e4:a1:
fe:ac:e6:b8:57:37:9a:da:1d:e3:e8:87:51:8a:ff:
a6:ba:c6:17:86:c5:99:5b:4b:c2:bd:5d:2f:c0:a6:
85:40:4a:51:8c:5e:dc:e7:fb:9c:e8:04:f6:78:bb:
d2:7f:63:76:79:ef:c2:9e:c6:29:91:38:ba:c6:a7:
62:23:03:01:db:94:f6:85:04:91:f9:d8:b9:5c:d1:
48:e5:d5:a5:c7:35:94:4b:6d:a9:0b:e5:16:ea:30:
88:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:62:4C:86:86:26:DD:48:BE:DE:C6:8F:A3:AB:7D:7B:30:F5:63:77
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48EDC1FEF4A011EFA374CA5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.240.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:9b:b1:1f:b8:00:3a:68:ab:04:bb:09:3e:29:26:d3:7e:cc:
ff:9d:e1:fc:53:81:d7:42:02:c0:5a:c7:5b:5e:d1:91:88:a9:
fb:91:aa:39:f0:77:5a:58:6d:b3:72:20:4b:ba:8c:ea:9c:d5:
70:46:86:31:04:e0:c6:53:a8:62:d4:3e:ba:00:48:e9:71:00:
f3:59:a4:6e:16:f6:60:a4:90:96:fd:d7:a9:43:eb:16:de:3a:
03:ff:5f:ff:f7:5f:89:c8:2e:38:cc:9d:a5:e8:e1:0a:53:a9:
d6:1b:08:25:d4:dd:79:b5:4e:1b:a4:20:25:36:b5:b7:e8:9f:
fd:ee:8d:0f:6c:16:cb:e1:3e:ae:53:af:da:8a:9e:6d:74:7c:
cb:c7:8d:0d:78:ec:06:38:9e:75:4f:67:bc:4c:71:95:18:65:
19:2d:87:fd:dd:17:4b:53:22:53:0b:70:2b:41:2b:90:87:4a:
ce:62:cb:04:64:25:3f:34:0a:bd:17:f6:2b:fa:af:26:cc:f0:
13:a7:aa:b3:8a:e3:5e:95:c7:f8:b3:8e:61:f7:9b:5b:7c:02:
8e:b5:ec:0a:c6:59:ae:18:cd:c6:fd:4a:c3:1d:0d:80:51:fa:
99:79:f5:a3:4c:cb:19:fb:81:f8:d6:d9:ab:fb:78:b1:59:52:
9f:a9:1f:f3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWX9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDAwMDQ5WhcNMjgwMjE5MDAwMDQ5WjAYMRYw
FAYDVQQDEw02N2JmYWYzMS1hZjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuo1iLuqRPjkW/zBAQvRQo2ysQg5Oe0lM4b97xbcNwPj+Z0pw4oycIIZR
xVTy3ovxAdlgpk06K7vtrkB5k67jBhaJqyoXcqmFfRxjQrXoW/yWBZxnC3GNU4GB
LpRjVOWjJi7/LvYj3V6bvuxvUpbAMFtew4YWPBMx6femOaFoLZmK/pLsPh/W3IT+
g+k1RnXAHPWbU+rjV5M40twHOfTUoHKp5KH+rOa4Vzea2h3j6IdRiv+musYXhsWZ
W0vCvV0vwKaFQEpRjF7c5/uc6AT2eLvSf2N2ee/CnsYpkTi6xqdiIwMB25T2hQSR
+di5XNFI5dWlxzWUS22pC+UW6jCIVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFANi
TIaGJt1Ivt7Gj6OrfXsw9WN3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OEVEQzFGRUY0QTAxMUVGQTM3NENBNUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml7wMA0GCSqGSIb3DQEB
CwUAA4IBAQBem7EfuAA6aKsEuwk+KSbTfsz/neH8U4HXQgLAWsdbXtGRiKn7kao5
8HdaWG2zciBLuozqnNVwRoYxBODGU6hi1D66AEjpcQDzWaRuFvZgpJCW/depQ+sW
3joD/1//91+JyC44zJ2l6OEKU6nWGwgl1N15tU4bpCAlNrW36J/97o0PbBbL4T6u
U6/aip5tdHzLx40NeOwGOJ51T2e8THGVGGUZLYf93RdLUyJTC3ArQSuQh0rOYssE
ZCU/NAq9F/Yr+q8mzPATp6qziuNelcf4s45h95tbfAKOtewKxlmuGM3G/UrDHQ2A
UfqZefWjTMsZ+4H41tmr+3ixWVKfqR/z
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:20:50 2025 by rpki-client