Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/512AD3E0ED1411EF8C35E399762E951A.roa
File: 512AD3E0ED1411EF8C35E399762E951A.roa (raw, json)
Hash identifier: qfGP/sn5BxjakcGQ0d48rEZC8ehKfpyTZ/qLFaIvQLk=
Subject key identifier: EB:16:8F:87:42:D5:82:2F:6C:84:57:3D:C3:D1:73:1C:75:3D:F3:7E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0157EE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/512AD3E0ED1411EF8C35E399762E951A.roa
Signing time: Mon 17 Feb 2025 09:48:19 +0000
ROA not before: Mon 17 Feb 2025 09:48:15 +0000
ROA not after: Sat 23 Aug 2025 09:48:15 +0000
asID: 152920
IP address blocks: 154.208.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88046 (0x157ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 17 09:48:15 2025 GMT
Not After : Aug 23 09:48:15 2025 GMT
Subject: CN=67b305e3-2033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a0:f8:d3:cb:88:e8:4d:e0:c9:32:4f:7f:3c:
0f:b1:a2:1a:3a:f0:1a:c7:33:cb:01:2f:98:35:ec:
cb:d6:83:e2:4b:cd:ed:59:7f:0f:c9:95:12:b5:a4:
84:73:a8:f6:67:e8:f3:bd:5a:e1:be:e7:b8:cb:57:
e5:0a:aa:04:7e:ac:5b:0d:d1:30:9e:51:7b:52:11:
e7:38:3f:62:27:d7:67:ff:d1:c6:0e:9b:b8:70:03:
cc:49:ed:24:c5:4c:95:7e:7b:7e:84:17:56:92:9b:
dc:0b:fa:18:34:1c:82:e7:2d:d8:23:d5:fa:1d:f3:
46:75:6a:26:0c:8e:a4:f8:96:7c:8d:0e:fb:c2:d0:
83:c8:5b:70:90:7e:ff:66:bd:71:38:00:fc:1e:01:
f7:db:63:7f:21:64:f3:03:b0:ed:c0:4a:d7:97:29:
3d:32:c2:a6:59:ee:d4:b0:24:9e:dc:14:d8:d6:74:
d2:73:bb:b0:6a:12:88:37:4a:02:17:f5:08:c0:01:
ca:ff:e4:78:d6:5a:9f:4c:1c:bf:7d:ec:f0:db:68:
19:2b:b1:1b:65:26:e0:e1:2f:a9:cc:73:83:8c:9d:
19:ca:1a:ee:61:d5:d9:0e:7c:21:ea:cb:84:83:25:
00:53:ef:a8:54:f1:c2:ca:4b:0f:2c:be:a3:35:f8:
98:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:16:8F:87:42:D5:82:2F:6C:84:57:3D:C3:D1:73:1C:75:3D:F3:7E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/512AD3E0ED1411EF8C35E399762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.144.0/20
Signature Algorithm: sha256WithRSAEncryption
42:fc:ff:00:07:f7:49:fc:02:60:af:b7:47:c7:fa:ca:84:15:
58:7b:f8:95:67:25:8d:51:17:a3:23:fd:6b:f3:b4:a8:2b:f0:
30:e6:07:91:b5:09:02:94:11:5a:78:92:59:30:fd:c8:a2:db:
42:4d:7a:8d:e8:cb:a4:70:30:4a:e4:38:c9:1e:c5:d5:f6:36:
71:f3:cd:1c:a4:38:3b:3e:bc:37:30:10:eb:61:03:e3:d8:3f:
d9:d8:61:b8:63:5c:3a:ed:ae:a3:e1:8e:60:34:3a:ca:f5:4e:
43:14:21:19:99:f6:f4:81:d2:bd:32:9b:a4:ff:97:7d:c6:ca:
17:40:50:9b:3f:1c:19:6d:e8:83:93:b8:42:3f:67:10:32:6f:
3d:e8:86:86:ab:9f:29:ad:74:23:ca:c1:81:f0:a3:76:a0:43:
3c:53:6a:6a:1e:68:d4:65:81:0d:4d:87:3f:cd:31:5d:3a:e6:
c7:bb:de:79:8a:29:0a:c1:5f:67:ba:5d:91:ed:e7:12:f6:46:
d9:75:d2:e5:61:7a:b5:17:6c:99:e6:08:21:1b:48:7e:b2:e2:
e0:88:1c:35:13:e4:13:d3:8c:72:dc:9f:88:b9:55:ed:2d:e6:
79:b7:8b:af:01:f4:05:01:5e:24:b7:3d:e4:7e:ee:11:ac:69:
93:28:31:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVfuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjE3MDk0ODE1WhcNMjUwODIzMDk0ODE1WjAYMRYw
FAYDVQQDEw02N2IzMDVlMy0yMDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv6D408uI6E3gyTJPfzwPsaIaOvAaxzPLAS+YNezL1oPiS83tWX8PyZUS
taSEc6j2Z+jzvVrhvue4y1flCqoEfqxbDdEwnlF7UhHnOD9iJ9dn/9HGDpu4cAPM
Se0kxUyVfnt+hBdWkpvcC/oYNByC5y3YI9X6HfNGdWomDI6k+JZ8jQ77wtCDyFtw
kH7/Zr1xOAD8HgH322N/IWTzA7DtwErXlyk9MsKmWe7UsCSe3BTY1nTSc7uwahKI
N0oCF/UIwAHK/+R41lqfTBy/fezw22gZK7EbZSbg4S+pzHODjJ0ZyhruYdXZDnwh
6suEgyUAU++oVPHCyksPLL6jNfiYQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOsW
j4dC1YIvbIRXPcPRcxx1PfN+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MTJBRDNFMEVEMTQxMUVGOEMzNUUzOTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtCQMA0GCSqGSIb3DQEB
CwUAA4IBAQBC/P8AB/dJ/AJgr7dHx/rKhBVYe/iVZyWNURejI/1r87SoK/Aw5geR
tQkClBFaeJJZMP3IottCTXqN6MukcDBK5DjJHsXV9jZx880cpDg7Prw3MBDrYQPj
2D/Z2GG4Y1w67a6j4Y5gNDrK9U5DFCEZmfb0gdK9Mpuk/5d9xsoXQFCbPxwZbeiD
k7hCP2cQMm896IaGq58prXQjysGB8KN2oEM8U2pqHmjUZYENTYc/zTFdOubHu955
iikKwV9nul2R7ecS9kbZddLlYXq1F2yZ5gghG0h+suLgiBw1E+QT04xy3J+IuVXt
LeZ5t4uvAfQFAV4ktz3kfu4RrGmTKDFM
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:51 2025 by rpki-client