Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CFD3102E2CC11EF8232FA92762E951A.roa
File: 4CFD3102E2CC11EF8232FA92762E951A.roa (raw, json)
Hash identifier: VHlZpg8EJmnsYwI1I1tjPHOXprspNND3+cVp4uoXaGI=
Subject key identifier: 45:4E:FF:D1:0D:22:53:A6:D6:C0:8A:C2:15:E3:15:4F:6A:8F:15:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015086
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CFD3102E2CC11EF8232FA92762E951A.roa
Signing time: Tue 04 Feb 2025 07:47:37 +0000
ROA not before: Tue 04 Feb 2025 07:47:33 +0000
ROA not after: Wed 30 Apr 2025 07:47:33 +0000
asID: 18229
IP address blocks: 154.210.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86150 (0x15086)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 07:47:33 2025 GMT
Not After : Apr 30 07:47:33 2025 GMT
Subject: CN=67a1c618-b8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3e:ab:aa:32:00:94:30:cb:be:9a:f2:87:e1:
24:74:64:b3:04:a8:be:59:13:fc:d5:b6:b0:22:70:
59:18:9a:7b:c0:ca:6d:fa:11:65:2a:bb:b7:7f:d2:
89:02:28:8b:1a:ec:e3:ba:d7:17:1f:f3:82:da:3f:
43:9a:d6:c0:bf:3c:46:4b:9f:99:62:6d:34:ae:a8:
65:cb:3f:21:c4:6f:03:08:ef:7d:23:22:53:2d:d4:
7d:d7:5b:dd:80:d4:81:62:56:10:bb:3f:bd:b9:cc:
08:97:0d:43:e9:fb:63:9e:bf:90:62:98:3c:68:7b:
6d:cc:4a:32:92:5b:ca:75:da:45:7b:83:98:84:fd:
00:88:34:ee:0a:a2:ad:94:d7:79:5e:50:5d:63:f2:
b7:af:ca:01:c8:30:c5:89:23:48:2f:13:44:20:87:
40:b1:3e:cd:ea:ba:da:62:e1:72:41:0c:ba:a1:95:
a2:80:b4:ec:ad:3a:16:eb:de:57:e9:4c:67:52:62:
43:46:40:e6:df:7a:1a:3d:56:e0:23:9a:7b:8a:e1:
ac:c3:ad:09:c5:68:a4:5e:42:ca:b0:de:d5:3f:0c:
c2:a9:b6:a2:7d:5e:c2:7b:9c:3a:5c:a7:a8:59:01:
70:a7:42:89:98:58:c2:de:6c:d1:63:40:8f:71:d3:
be:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4E:FF:D1:0D:22:53:A6:D6:C0:8A:C2:15:E3:15:4F:6A:8F:15:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CFD3102E2CC11EF8232FA92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.195.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a7:c8:34:6f:24:ab:46:80:e7:ac:86:93:de:59:4a:90:05:
17:25:25:9e:24:0e:4b:77:f6:6f:57:de:d1:67:47:c4:f6:38:
19:a2:94:50:7e:35:a6:a1:d8:c0:0a:f8:50:41:32:0e:c3:2c:
bc:44:0b:73:8c:34:97:43:54:ee:77:c2:25:d1:8c:ce:c1:84:
21:26:24:b8:6a:fd:c8:f1:36:1a:d9:29:bc:e2:31:df:aa:c2:
c4:ad:37:27:22:e4:de:f9:13:46:b6:9a:07:e0:18:c4:ca:47:
69:85:c8:fc:1e:64:7a:67:81:11:30:8f:a5:b8:06:05:ce:b5:
27:c5:9c:b6:e2:8c:61:f1:8c:8d:0c:ce:60:6b:9f:89:53:d0:
dd:b5:ac:80:9d:76:66:64:4a:75:99:8d:db:72:6d:97:c5:58:
64:c7:64:bb:a5:ec:7a:c1:54:13:c6:13:ac:ac:65:c1:dc:e0:
2e:69:35:49:2f:bf:ef:5c:b8:2f:ea:96:21:d9:e0:17:6b:86:
26:cc:89:ff:8b:2d:cb:f2:30:df:07:61:19:48:96:b2:fc:77:
90:63:74:fd:1a:e4:d9:7d:df:8a:9d:06:11:0f:f6:d3:5f:5f:
30:a9:b1:58:24:7d:2e:1f:e4:f0:b8:87:3e:a9:cd:d0:b2:ac:
6a:fc:96:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVCGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDc0NzMzWhcNMjUwNDMwMDc0NzMzWjAYMRYw
FAYDVQQDEw02N2ExYzYxOC1iOGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1T6rqjIAlDDLvpryh+EkdGSzBKi+WRP81bawInBZGJp7wMpt+hFlKru3
f9KJAiiLGuzjutcXH/OC2j9DmtbAvzxGS5+ZYm00rqhlyz8hxG8DCO99IyJTLdR9
11vdgNSBYlYQuz+9ucwIlw1D6ftjnr+QYpg8aHttzEoyklvKddpFe4OYhP0AiDTu
CqKtlNd5XlBdY/K3r8oByDDFiSNILxNEIIdAsT7N6rraYuFyQQy6oZWigLTsrToW
695X6UxnUmJDRkDm33oaPVbgI5p7iuGsw60JxWikXkLKsN7VPwzCqbaifV7Ce5w6
XKeoWQFwp0KJmFjC3mzRY0CPcdO+ewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEVO
/9ENIlOm1sCKwhXjFU9qjxWCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Q0ZEMzEwMkUyQ0MxMUVGODIzMkZBOTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLDMA0GCSqGSIb3DQEB
CwUAA4IBAQAKp8g0bySrRoDnrIaT3llKkAUXJSWeJA5Ld/ZvV97RZ0fE9jgZopRQ
fjWmodjACvhQQTIOwyy8RAtzjDSXQ1Tud8Il0YzOwYQhJiS4av3I8TYa2Sm84jHf
qsLErTcnIuTe+RNGtpoH4BjEykdphcj8HmR6Z4ERMI+luAYFzrUnxZy24oxh8YyN
DM5ga5+JU9DdtayAnXZmZEp1mY3bcm2XxVhkx2S7pex6wVQTxhOsrGXB3OAuaTVJ
L7/vXLgv6pYh2eAXa4YmzIn/iy3L8jDfB2EZSJay/HeQY3T9GuTZfd+KnQYRD/bT
X18wqbFYJH0uH+TwuIc+qc3Qsqxq/JbL
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:51:37 2025 by rpki-client