Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/504996EC070311F098E6C094762E951A.roa
File: 504996EC070311F098E6C094762E951A.roa (raw, json)
Hash identifier: 7OiMrhIsjWyk3H4YEhcuKjvhkpcXYYD7wELpkCFQdLQ=
Subject key identifier: 1A:52:7F:2E:3D:80:94:EA:B8:4D:3C:08:D0:F5:FF:7A:A3:DA:3C:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01757A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/504996EC070311F098E6C094762E951A.roa
Signing time: Sat 22 Mar 2025 09:52:06 +0000
ROA not before: Sat 22 Mar 2025 09:52:03 +0000
ROA not after: Wed 30 Apr 2025 09:52:03 +0000
asID: 142032
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95610 (0x1757a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 22 09:52:03 2025 GMT
Not After : Apr 30 09:52:03 2025 GMT
Subject: CN=67de8846-e9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:51:98:2a:5d:02:09:49:71:be:36:c5:7e:20:
25:f7:92:d7:7a:09:bd:77:c1:55:5c:63:72:f0:6a:
f9:e5:94:fa:d7:f7:96:d9:ed:2e:1e:62:a0:ca:b4:
be:4c:38:e6:a5:be:48:02:ac:67:d7:fe:4f:41:fb:
5a:31:a1:6d:ac:d5:66:e1:87:0f:b4:20:b5:63:d7:
70:d1:3b:1a:19:7c:b8:c9:c2:97:cf:71:df:fc:86:
74:8d:ff:44:e9:35:45:31:b8:83:03:25:c2:6b:da:
97:b6:d2:44:01:cf:52:77:20:d6:ba:34:67:81:bc:
55:ec:98:d7:82:a2:dc:19:b3:a4:fd:22:8c:18:5c:
cc:54:a8:db:01:87:87:2e:44:e4:a8:68:6a:2e:69:
ce:9e:c9:24:15:bf:e1:74:aa:67:cf:99:0a:81:cb:
ea:73:46:87:1b:3e:7d:92:ec:6a:32:d3:cf:3f:7d:
7c:b1:9f:6d:75:03:2e:76:4d:2e:1c:95:25:07:0e:
c0:fe:f3:9c:d6:9b:b5:67:89:4d:34:3f:03:ba:07:
b6:c7:09:5a:f9:81:d5:3e:bc:2a:72:db:56:a1:d7:
53:2d:c4:93:f0:4c:5f:d7:d5:bf:a6:4a:bd:44:a3:
3d:91:fa:36:2e:a9:d1:1d:6f:7f:03:36:e8:ce:b3:
c6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:52:7F:2E:3D:80:94:EA:B8:4D:3C:08:D0:F5:FF:7A:A3:DA:3C:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/504996EC070311F098E6C094762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
af:49:8f:64:02:43:e6:2e:ad:c5:ca:78:d8:3b:a3:dc:8d:b1:
9a:37:d9:0c:fc:32:1d:55:25:8d:a2:fb:0d:f1:9f:31:77:79:
a9:39:80:f2:43:21:1a:34:3a:60:9d:49:ee:6a:1a:06:c7:b5:
a7:0e:df:80:d9:20:a8:47:84:9f:13:3b:bb:56:d7:e9:83:48:
c2:1a:21:5f:ce:a8:75:d8:15:4f:b0:9a:23:fc:72:e4:52:39:
85:1d:02:25:02:52:b2:47:62:da:e0:c7:d6:41:2e:08:64:cd:
78:d7:d0:d6:0b:4d:30:a5:78:d6:3c:30:64:04:93:c9:25:f8:
4e:6f:25:96:e0:13:d3:df:b4:9b:85:c6:c4:ba:7d:2f:85:29:
59:f6:d3:fc:3f:e1:b6:9b:5f:1e:65:cb:7a:90:61:f3:3e:93:
7b:04:e9:aa:75:7a:49:1b:c4:75:2b:4d:10:64:76:20:b3:ae:
ad:c7:f3:a0:69:4c:a9:c5:8b:8a:1f:2a:2c:f5:c5:80:f4:99:
09:77:fb:90:f7:75:72:ea:f0:9b:a4:57:0f:8c:d2:ec:45:25:
28:59:ce:d4:3c:14:73:0c:27:7f:d3:e4:06:37:16:2f:7a:84:
ee:c4:c6:e8:af:30:bc:1c:96:99:b6:69:8b:af:4d:96:04:cb:
f6:b5:c8:65
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXV6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIyMDk1MjAzWhcNMjUwNDMwMDk1MjAzWjAYMRYw
FAYDVQQDEw02N2RlODg0Ni1lOWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0FGYKl0CCUlxvjbFfiAl95LXegm9d8FVXGNy8Gr55ZT61/eW2e0uHmKg
yrS+TDjmpb5IAqxn1/5PQftaMaFtrNVm4YcPtCC1Y9dw0TsaGXy4ycKXz3Hf/IZ0
jf9E6TVFMbiDAyXCa9qXttJEAc9SdyDWujRngbxV7JjXgqLcGbOk/SKMGFzMVKjb
AYeHLkTkqGhqLmnOnskkFb/hdKpnz5kKgcvqc0aHGz59kuxqMtPPP318sZ9tdQMu
dk0uHJUlBw7A/vOc1pu1Z4lNND8Duge2xwla+YHVPrwqcttWoddTLcST8Exf19W/
pkq9RKM9kfo2LqnRHW9/AzbozrPGBwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBpS
fy49gJTquE08CND1/3qj2jy6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MDQ5OTZFQzA3MDMxMUYwOThFNkMwOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQCvSY9kAkPmLq3FynjYO6PcjbGaN9kM/DIdVSWNovsN8Z8xd3mpOYDy
QyEaNDpgnUnuahoGx7WnDt+A2SCoR4SfEzu7Vtfpg0jCGiFfzqh12BVPsJoj/HLk
UjmFHQIlAlKyR2La4MfWQS4IZM1419DWC00wpXjWPDBkBJPJJfhObyWW4BPT37Sb
hcbEun0vhSlZ9tP8P+G2m18eZct6kGHzPpN7BOmqdXpJG8R1K00QZHYgs66tx/Og
aUypxYuKHyos9cWA9JkJd/uQ93Vy6vCbpFcPjNLsRSUoWc7UPBRzDCd/0+QGNxYv
eoTuxMborzC8HJaZtmmLr02WBMv2tchl
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:02 2025 by rpki-client