Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4DDA8D34F43A11EFA9E2AC9D762E951A.roa
File: 4DDA8D34F43A11EFA9E2AC9D762E951A.roa (raw, json)
Hash identifier: zpO2Knpy3C63qYTM3mtWxZ+FI2rUTYmw6j4kgCbVOdQ=
Subject key identifier: 7F:B2:3D:4A:92:9A:70:42:1D:86:15:04:52:23:DE:93:E3:6C:6A:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0162F3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4DDA8D34F43A11EFA9E2AC9D762E951A.roa
Signing time: Wed 26 Feb 2025 12:07:52 +0000
ROA not before: Wed 26 Feb 2025 12:07:49 +0000
ROA not after: Fri 20 Feb 2026 12:07:49 +0000
asID: 984
IP address blocks: 154.199.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90867 (0x162f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:07:49 2025 GMT
Not After : Feb 20 12:07:49 2026 GMT
Subject: CN=67bf0418-b335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:61:3f:5c:3a:70:96:52:8d:a2:73:64:78:
b3:af:13:89:5e:80:90:6a:7e:91:ed:6e:26:a4:a9:
e2:42:04:86:31:50:7f:be:70:dc:52:fb:9c:e5:1e:
87:f2:9e:c6:8e:fe:45:a3:58:1d:94:bd:a8:ca:b2:
2f:57:92:81:8f:48:49:5d:0c:7b:e4:04:9d:8b:e6:
91:14:86:c8:b1:18:e9:66:48:9e:f4:5d:66:f5:14:
48:ac:06:18:e7:7f:c5:14:c2:e4:3b:67:c5:7f:64:
2e:b6:9b:9c:49:4b:47:e5:45:ba:9c:62:f2:0c:0f:
1e:97:5a:82:09:61:01:56:5d:30:10:a1:df:b4:cf:
aa:e4:f5:34:75:70:4d:ba:47:cb:36:2f:2e:75:1b:
47:2f:6d:6e:21:f0:15:50:4c:29:1b:de:e8:53:69:
2e:61:b6:08:1d:1a:dd:49:8d:63:a4:2f:68:48:53:
1f:d0:c3:2a:ed:37:c5:95:f1:d3:a5:5c:9c:a4:61:
9a:28:ee:c7:d0:98:33:83:a6:e7:02:77:ed:29:a9:
d1:d0:1e:46:ca:2e:fd:f2:d3:28:bd:cc:ed:94:7a:
61:40:38:83:7f:0e:02:b6:af:db:00:96:94:df:1d:
2d:75:69:fe:cd:8c:e1:01:91:df:25:07:e4:11:2a:
33:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B2:3D:4A:92:9A:70:42:1D:86:15:04:52:23:DE:93:E3:6C:6A:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4DDA8D34F43A11EFA9E2AC9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.149.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:ec:7d:b2:75:cf:c4:1a:9b:df:c4:e8:c1:02:e0:c4:40:90:
9d:1f:81:f7:96:7e:f1:f2:21:9b:60:0f:43:7d:af:74:99:95:
d2:c7:f6:5a:87:0c:31:d7:e8:81:41:fb:c6:57:84:48:4b:29:
ce:9f:60:b3:f1:1d:9f:9e:19:34:fc:d6:50:c3:05:0b:2b:cd:
94:9c:0e:05:f4:07:45:fe:a6:d6:50:a7:48:0e:42:67:71:3a:
b1:64:9a:54:fd:9d:d6:29:df:c4:e4:13:20:7f:c2:10:9e:ae:
29:4b:18:2f:09:86:1e:34:d8:fc:75:c5:3a:37:fc:f7:b6:ac:
e8:50:7b:4b:7a:cd:34:21:3a:b8:9d:36:b2:f5:48:94:cb:6e:
eb:8d:cb:6f:6e:30:1e:3a:f7:27:94:34:71:d8:2d:fd:a7:f3:
62:49:bf:b8:09:dd:25:96:32:f8:7e:c6:06:89:00:ca:ba:56:
1b:1e:30:65:39:11:2e:29:e2:26:6b:78:38:fb:d8:f2:b2:b4:
13:89:b6:27:26:82:14:62:e2:ee:81:ca:df:4b:51:d0:5b:93:
4b:00:f1:e5:d8:9e:0d:fc:bb:0b:e7:4b:b9:5a:fb:69:20:2d:
06:4c:23:3b:e9:e5:b2:9e:1d:e9:a1:e0:66:1d:39:3a:d2:0d:
19:1d:29:39
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWLzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTIwNzQ5WhcNMjYwMjIwMTIwNzQ5WjAYMRYw
FAYDVQQDEw02N2JmMDQxOC1iMzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQVhP1w6cJZSjaJzZHizrxOJXoCQan6R7W4mpKniQgSGMVB/vnDcUvuc
5R6H8p7Gjv5Fo1gdlL2oyrIvV5KBj0hJXQx75ASdi+aRFIbIsRjpZkie9F1m9RRI
rAYY53/FFMLkO2fFf2QutpucSUtH5UW6nGLyDA8el1qCCWEBVl0wEKHftM+q5PU0
dXBNukfLNi8udRtHL21uIfAVUEwpG97oU2kuYbYIHRrdSY1jpC9oSFMf0MMq7TfF
lfHTpVycpGGaKO7H0Jgzg6bnAnftKanR0B5Gyi798tMovcztlHphQDiDfw4Ctq/b
AJaU3x0tdWn+zYzhAZHfJQfkESozhQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH+y
PUqSmnBCHYYVBFIj3pPjbGpqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RERBOEQzNEY0M0ExMUVGQTlFMkFDOUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmseVMA0GCSqGSIb3DQEB
CwUAA4IBAQCj7H2ydc/EGpvfxOjBAuDEQJCdH4H3ln7x8iGbYA9Dfa90mZXSx/Za
hwwx1+iBQfvGV4RISynOn2Cz8R2fnhk0/NZQwwULK82UnA4F9AdF/qbWUKdIDkJn
cTqxZJpU/Z3WKd/E5BMgf8IQnq4pSxgvCYYeNNj8dcU6N/z3tqzoUHtLes00ITq4
nTay9UiUy27rjctvbjAeOvcnlDRx2C39p/NiSb+4Cd0lljL4fsYGiQDKulYbHjBl
OREuKeIma3g4+9jysrQTibYnJoIUYuLugcrfS1HQW5NLAPHl2J4N/LsL50u5Wvtp
IC0GTCM76eWynh3poeBmHTk60g0ZHSk5
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:49 2025 by rpki-client