Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C976EFCF42511EF8DA6038B762E951A.roa
File: 4C976EFCF42511EF8DA6038B762E951A.roa (raw, json)
Hash identifier: QKwRrPzCb0ggzihyN/zJQJla0uMeOC4sMcyeCu2H+EI=
Subject key identifier: 67:45:22:EA:43:3D:A1:08:81:66:A9:75:F2:ED:36:3B:F6:A0:21:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0161E7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C976EFCF42511EF8DA6038B762E951A.roa
Signing time: Wed 26 Feb 2025 09:37:31 +0000
ROA not before: Wed 26 Feb 2025 09:37:27 +0000
ROA not after: Thu 19 Feb 2026 09:37:27 +0000
asID: 328608
IP address blocks: 154.200.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90599 (0x161e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:37:27 2025 GMT
Not After : Feb 19 09:37:27 2026 GMT
Subject: CN=67bee0db-8a2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:49:f9:c7:28:28:1a:81:cb:b0:f3:d8:1c:ae:
93:1c:2d:dc:29:6b:12:b7:6e:41:35:67:ad:65:1e:
60:a8:fb:08:0d:0f:e3:76:c4:53:a0:27:b8:87:f8:
70:9f:52:58:37:ae:57:a6:f3:43:74:98:22:0a:6d:
4d:80:d7:c7:8d:f7:5a:dd:8f:ea:8d:1c:02:03:0f:
56:41:d8:c5:83:dd:87:99:68:b5:03:be:9c:e9:ca:
45:e7:83:59:69:ad:0b:1d:7e:2e:ac:0d:c1:26:11:
33:e4:c9:41:8c:0f:71:d5:85:bc:57:1c:b8:17:4f:
aa:a8:83:5d:29:5e:29:ab:b1:bb:cb:82:fb:be:67:
dc:4c:9f:15:e3:6e:56:52:a9:8d:ea:cc:f1:33:bf:
c8:f7:f3:74:46:57:04:da:23:0b:93:f2:07:ae:12:
1c:06:91:3c:bf:9b:f9:6c:f7:f0:02:aa:67:db:2d:
e1:86:85:51:72:dd:8a:d0:b5:4b:05:b5:74:b9:d8:
d3:4c:8f:84:e4:a8:8e:e9:67:61:e4:bf:82:39:ca:
9a:9f:bf:47:b9:21:61:c6:00:3b:96:f7:95:41:1e:
37:60:c8:35:ff:7c:84:80:b9:e3:4e:98:3c:f8:c1:
52:ff:0c:d7:2c:89:e8:96:10:72:f1:5e:7c:af:ff:
c1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:45:22:EA:43:3D:A1:08:81:66:A9:75:F2:ED:36:3B:F6:A0:21:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C976EFCF42511EF8DA6038B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.235.0/24
Signature Algorithm: sha256WithRSAEncryption
45:33:d4:22:b8:63:c6:ce:8b:b6:59:ad:ab:5c:e1:1b:d9:59:
13:b3:1e:fa:d2:e1:75:6e:9f:8e:d2:aa:e7:f2:2e:cc:be:32:
a2:15:49:f9:c4:be:df:79:da:93:a9:67:18:e5:7b:6d:f8:33:
18:9a:da:76:b0:5b:8a:f6:37:ec:38:ed:8f:4f:37:0e:fc:ae:
ba:79:24:39:ba:f4:7b:49:a3:34:7d:6c:f5:46:46:88:79:51:
c9:f7:bb:78:05:5a:e4:22:77:11:54:17:d6:82:18:47:d4:6c:
90:cf:87:55:6a:e0:11:f8:a1:7d:c5:39:ff:3f:d5:ca:f5:85:
96:24:5f:c2:95:33:9b:df:2b:df:e5:9c:f1:f2:57:7d:a1:61:
ce:f5:fa:c6:05:5b:be:e1:36:89:7b:a2:fc:d0:24:16:60:92:
f7:db:09:68:77:91:7b:e8:79:bb:c1:b9:26:5b:be:d4:17:e4:
ae:32:03:9f:ce:a2:e4:7a:77:33:fe:bb:e8:a5:a6:8a:76:8c:
fc:60:48:65:57:e7:ab:10:40:0e:64:d8:5d:04:f0:cc:2a:a2:
fc:96:a4:a1:85:c6:c9:01:c0:5c:60:95:54:24:18:e7:23:7d:
fc:54:2a:76:89:99:af:47:8c:5e:40:09:d6:06:54:1f:bc:41:
5c:5a:13:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWHnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDkzNzI3WhcNMjYwMjE5MDkzNzI3WjAYMRYw
FAYDVQQDEw02N2JlZTBkYi04YTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2En5xygoGoHLsPPYHK6THC3cKWsSt25BNWetZR5gqPsIDQ/jdsRToCe4
h/hwn1JYN65XpvNDdJgiCm1NgNfHjfda3Y/qjRwCAw9WQdjFg92HmWi1A76c6cpF
54NZaa0LHX4urA3BJhEz5MlBjA9x1YW8Vxy4F0+qqINdKV4pq7G7y4L7vmfcTJ8V
425WUqmN6szxM7/I9/N0RlcE2iMLk/IHrhIcBpE8v5v5bPfwAqpn2y3hhoVRct2K
0LVLBbV0udjTTI+E5KiO6Wdh5L+COcqan79HuSFhxgA7lveVQR43YMg1/3yEgLnj
Tpg8+MFS/wzXLInolhBy8V58r//BiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGdF
IupDPaEIgWapdfLtNjv2oCE+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Qzk3NkVGQ0Y0MjUxMUVGOERBNjAzOEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjrMA0GCSqGSIb3DQEB
CwUAA4IBAQBFM9QiuGPGzou2Wa2rXOEb2VkTsx760uF1bp+O0qrn8i7MvjKiFUn5
xL7fedqTqWcY5Xtt+DMYmtp2sFuK9jfsOO2PTzcO/K66eSQ5uvR7SaM0fWz1RkaI
eVHJ97t4BVrkIncRVBfWghhH1GyQz4dVauAR+KF9xTn/P9XK9YWWJF/ClTOb3yvf
5Zzx8ld9oWHO9frGBVu+4TaJe6L80CQWYJL32wlod5F76Hm7wbkmW77UF+SuMgOf
zqLkencz/rvopaaKdoz8YEhlV+erEEAOZNhdBPDMKqL8lqShhcbJAcBcYJVUJBjn
I338VCp2iZmvR4xeQAnWBlQfvEFcWhPi
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:44 2025 by rpki-client