Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/50C7D1540D3111F0B7645B6B762E951A.roa
File: 50C7D1540D3111F0B7645B6B762E951A.roa (raw, json)
Hash identifier: ywaQcUH+NCEBusZQjCFwmvamnsArI5DCCDIOGh+hW0A=
Subject key identifier: 5C:3C:E2:99:5D:21:B6:A6:62:A6:D4:9B:40:DA:C7:0A:38:EC:9C:EB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017703
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/50C7D1540D3111F0B7645B6B762E951A.roa
Signing time: Sun 30 Mar 2025 06:36:31 +0000
ROA not before: Sun 30 Mar 2025 06:36:27 +0000
ROA not after: Mon 05 May 2025 06:36:27 +0000
asID: 151407
IP address blocks: 154.88.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96003 (0x17703)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 30 06:36:27 2025 GMT
Not After : May 5 06:36:27 2025 GMT
Subject: CN=67e8e66f-1176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fe:6e:f8:97:a8:c3:89:9e:12:48:7a:ba:73:
75:8b:c2:cb:10:da:7a:1a:f7:02:82:f6:64:29:6f:
b6:52:80:17:65:ee:74:9f:57:80:7d:4c:42:d5:08:
69:69:64:f9:ff:8b:f6:6f:89:95:cf:73:0c:56:b3:
a2:25:f6:76:46:4b:af:d1:9e:69:da:46:c6:b2:5b:
16:54:2c:a1:d1:63:ad:30:f5:49:c4:54:ed:a4:93:
22:ab:95:36:7c:cf:a6:83:75:da:40:9a:7e:ba:dd:
de:aa:3b:e6:ac:d7:1f:1b:f8:63:7b:43:99:c7:87:
bf:80:36:e6:73:9c:c2:7c:21:8d:c4:9f:d4:ea:5a:
6b:ee:82:5f:09:aa:a1:a1:cd:7c:e9:1f:6f:2c:5f:
28:5d:b6:66:b2:12:8e:89:91:75:48:68:bd:d9:e0:
2f:17:45:d7:13:a2:f4:45:23:4a:ee:9b:b3:e1:4b:
c0:4a:8a:91:af:48:ec:6d:5d:71:ca:77:42:1c:42:
0d:9c:f3:96:d9:48:fc:51:d9:b7:70:cc:4e:ad:cc:
72:1a:1b:b4:b2:f9:e6:25:df:96:5b:fd:4f:94:8f:
64:7b:89:25:2e:f2:0c:bd:74:b1:2c:1f:59:f0:36:
f7:0b:d6:66:c8:ad:cf:b6:91:9d:e7:f2:83:ad:93:
3b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3C:E2:99:5D:21:B6:A6:62:A6:D4:9B:40:DA:C7:0A:38:EC:9C:EB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/50C7D1540D3111F0B7645B6B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.64.0/23
Signature Algorithm: sha256WithRSAEncryption
16:ee:6f:bb:5a:28:f2:e0:8e:df:58:86:be:8f:ee:0b:23:64:
1d:5e:b6:23:19:d8:27:39:69:b9:e3:dc:85:ef:4b:e8:76:54:
33:e9:ac:a1:2c:92:0c:32:c7:a3:51:64:be:a7:1f:3b:fb:e3:
3f:28:da:29:a3:0e:bb:5d:f8:7f:da:b0:28:f3:51:1c:12:0c:
02:a1:8c:3c:32:f1:ce:44:86:44:19:59:1a:a9:49:90:9e:9f:
bd:b6:5c:f7:55:32:cd:61:d7:dd:18:fb:48:2f:a3:c6:c3:0e:
02:45:b4:b5:6c:02:d2:b1:4d:8d:26:36:52:0d:46:54:31:8e:
13:d3:47:db:09:00:ca:f7:b6:46:1a:f4:ad:2a:e4:70:ba:89:
30:31:59:76:d8:2d:4d:ce:4b:64:5d:02:51:a7:1b:63:5e:2c:
7a:9d:7a:2f:44:74:b1:28:93:34:06:56:77:f4:a7:5c:92:3a:
ee:54:6d:ec:c8:f4:32:00:5b:82:ee:e0:5d:51:b2:29:6a:dd:
12:b3:e9:c6:e6:50:86:e7:21:3f:1d:40:a2:1a:24:e3:99:07:
41:15:8c:ca:29:27:b8:73:56:24:fd:96:7f:c3:eb:1f:8c:ae:
02:ab:88:80:f1:80:4b:d7:85:48:75:09:3b:f2:a5:b7:ad:df:
9e:54:5d:81
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXcDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzMwMDYzNjI3WhcNMjUwNTA1MDYzNjI3WjAYMRYw
FAYDVQQDEw02N2U4ZTY2Zi0xMTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwv5u+Jeow4meEkh6unN1i8LLENp6GvcCgvZkKW+2UoAXZe50n1eAfUxC
1QhpaWT5/4v2b4mVz3MMVrOiJfZ2Rkuv0Z5p2kbGslsWVCyh0WOtMPVJxFTtpJMi
q5U2fM+mg3XaQJp+ut3eqjvmrNcfG/hje0OZx4e/gDbmc5zCfCGNxJ/U6lpr7oJf
Caqhoc186R9vLF8oXbZmshKOiZF1SGi92eAvF0XXE6L0RSNK7puz4UvASoqRr0js
bV1xyndCHEINnPOW2Uj8Udm3cMxOrcxyGhu0svnmJd+WW/1PlI9ke4klLvIMvXSx
LB9Z8Db3C9ZmyK3PtpGd5/KDrZM7RQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFw8
4pldIbamYqbUm0Daxwo47JzrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MEM3RDE1NDBEMzExMUYwQjc2NDVCNkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhAMA0GCSqGSIb3DQEB
CwUAA4IBAQAW7m+7Wijy4I7fWIa+j+4LI2QdXrYjGdgnOWm549yF70vodlQz6ayh
LJIMMsejUWS+px87++M/KNopow67Xfh/2rAo81EcEgwCoYw8MvHORIZEGVkaqUmQ
np+9tlz3VTLNYdfdGPtIL6PGww4CRbS1bALSsU2NJjZSDUZUMY4T00fbCQDK97ZG
GvStKuRwuokwMVl22C1NzktkXQJRpxtjXix6nXovRHSxKJM0BlZ39KdckjruVG3s
yPQyAFuC7uBdUbIpat0Ss+nG5lCG5yE/HUCiGiTjmQdBFYzKKSe4c1Yk/ZZ/w+sf
jK4Cq4iA8YBL14VIdQk78qW3rd+eVF2B
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:13:46 2025 by rpki-client