Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A9ED1A0097711F089AC608E762E951A.roa
File: 4A9ED1A0097711F089AC608E762E951A.roa (raw, json)
Hash identifier: bPI4Nb4PI2MqmNPWEGqLV1Vgqe4+6yKbI7zt441Awq8=
Subject key identifier: CD:3B:01:54:3E:BE:A4:29:C4:85:44:2E:AE:8E:B5:F5:CA:94:87:C8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01763E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A9ED1A0097711F089AC608E762E951A.roa
Signing time: Tue 25 Mar 2025 12:47:21 +0000
ROA not before: Tue 25 Mar 2025 12:47:17 +0000
ROA not after: Tue 03 Jun 2025 12:47:17 +0000
asID: 140666
IP address blocks: 154.94.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95806 (0x1763e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 12:47:17 2025 GMT
Not After : Jun 3 12:47:17 2025 GMT
Subject: CN=67e2a5d8-c503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:71:85:9d:8c:80:86:98:89:0f:73:c3:44:df:
bf:ef:9c:f3:53:84:c6:99:ca:94:4d:46:22:7a:f6:
a4:bd:51:5b:78:28:81:bd:a2:41:d2:a2:e1:e3:f2:
37:44:13:f1:be:f9:1f:88:fc:26:8c:0b:ef:bd:e8:
fa:d3:8e:cd:00:71:dc:b1:b7:94:2b:49:f5:a3:40:
52:45:fc:fd:c6:7c:89:4e:2f:86:96:fe:ca:d0:73:
8b:0d:33:8a:ef:7e:94:92:30:3f:f0:96:97:ec:91:
b4:5c:87:4a:81:d5:15:f3:a7:cf:03:c4:d0:30:b1:
98:d0:8d:76:01:ab:4a:f9:7e:62:27:4b:bb:8a:0d:
c2:7e:8a:fe:e3:44:7a:37:87:35:5f:3d:52:b0:4c:
91:23:24:04:f0:6d:27:7c:91:87:35:ef:df:df:07:
3b:ce:06:53:94:5e:1a:0f:76:29:41:9a:ed:af:d4:
93:08:55:fb:bc:cf:39:f5:49:c3:7a:80:94:01:ca:
5b:e4:f6:b5:92:a5:a1:57:3e:3d:0d:ce:8c:38:68:
6a:ee:28:a9:42:2b:9f:39:19:d4:5d:2b:f5:10:f0:
96:ff:7b:e2:67:68:b9:a1:6f:95:c9:ba:7d:24:5d:
27:fc:76:6b:51:54:1f:ae:db:1d:5d:13:e5:4a:51:
16:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3B:01:54:3E:BE:A4:29:C4:85:44:2E:AE:8E:B5:F5:CA:94:87:C8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A9ED1A0097711F089AC608E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.68.0/24
Signature Algorithm: sha256WithRSAEncryption
62:98:1c:8f:7b:c9:15:0d:c5:79:70:2f:83:38:9f:01:67:48:
1d:14:52:3e:c9:fc:33:7c:d0:c0:bc:90:11:e1:10:bb:c2:8c:
3d:29:dd:d5:0d:3b:8a:11:ee:de:bf:1f:44:40:ab:cf:c2:d2:
07:72:4d:b5:25:fd:dc:ad:14:ae:a7:71:24:c9:90:b7:20:8c:
d2:91:d4:2e:01:46:2c:3f:b3:0e:a1:35:4c:3c:d1:7b:c7:5e:
4a:ba:04:a7:7a:76:db:ea:41:4c:98:bb:5d:95:4f:a3:67:54:
9c:ae:6c:20:ce:02:9f:7e:82:af:50:63:07:b2:92:bc:0a:c6:
f0:56:78:36:04:6b:16:7f:f5:0a:f0:ae:3d:c0:ca:1d:63:2c:
4e:3d:40:24:60:e4:b8:bd:20:f0:2b:e9:02:a1:a5:c6:c6:c2:
a4:ec:34:f2:25:8c:dd:6a:fd:6b:e1:ba:1d:0d:26:a5:4a:b6:
b7:31:a6:20:a0:1c:c3:92:b5:fb:30:b7:96:85:71:db:7a:9a:
f5:c1:4f:7a:5d:ac:df:c2:85:d9:ea:5e:9c:f7:4b:32:b4:47:
8e:28:f1:b8:ef:9a:6b:9b:f9:82:e2:7b:05:13:03:a1:d8:0f:
9e:77:c6:b6:66:93:d3:b9:21:4a:1c:9a:54:c7:fd:52:d8:01:
d9:84:fc:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXY+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MTI0NzE3WhcNMjUwNjAzMTI0NzE3WjAYMRYw
FAYDVQQDEw02N2UyYTVkOC1jNTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAunGFnYyAhpiJD3PDRN+/75zzU4TGmcqUTUYievakvVFbeCiBvaJB0qLh
4/I3RBPxvvkfiPwmjAvvvej6047NAHHcsbeUK0n1o0BSRfz9xnyJTi+Glv7K0HOL
DTOK736UkjA/8JaX7JG0XIdKgdUV86fPA8TQMLGY0I12AatK+X5iJ0u7ig3Cfor+
40R6N4c1Xz1SsEyRIyQE8G0nfJGHNe/f3wc7zgZTlF4aD3YpQZrtr9STCFX7vM85
9UnDeoCUAcpb5Pa1kqWhVz49Dc6MOGhq7iipQiufORnUXSv1EPCW/3viZ2i5oW+V
ybp9JF0n/HZrUVQfrtsdXRPlSlEWtQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM07
AVQ+vqQpxIVELq6OtfXKlIfIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QTlFRDFBMDA5NzcxMUYwODlBQzYwOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5EMA0GCSqGSIb3DQEB
CwUAA4IBAQBimByPe8kVDcV5cC+DOJ8BZ0gdFFI+yfwzfNDAvJAR4RC7wow9Kd3V
DTuKEe7evx9EQKvPwtIHck21Jf3crRSup3EkyZC3IIzSkdQuAUYsP7MOoTVMPNF7
x15KugSnenbb6kFMmLtdlU+jZ1ScrmwgzgKffoKvUGMHspK8CsbwVng2BGsWf/UK
8K49wModYyxOPUAkYOS4vSDwK+kCoaXGxsKk7DTyJYzdav1r4bodDSalSra3MaYg
oBzDkrX7MLeWhXHbepr1wU96XazfwoXZ6l6c90sytEeOKPG475prm/mC4nsFEwOh
2A+ed8a2ZpPTuSFKHJpUx/1S2AHZhPyH
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:59 2025 by rpki-client