Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E2C83320CD011F0AA41FF8D762E951A.roa
File: 5E2C83320CD011F0AA41FF8D762E951A.roa (raw, json)
Hash identifier: sUqMJJhHf5inNP0D8+IXJNwmrneOFCTsC8az6vVuPmA=
Subject key identifier: DA:A5:6B:DD:2D:DF:C1:AE:76:5D:55:25:28:68:98:5F:5C:10:54:14
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176E4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E2C83320CD011F0AA41FF8D762E951A.roa
Signing time: Sat 29 Mar 2025 19:02:32 +0000
ROA not before: Sat 29 Mar 2025 19:02:28 +0000
ROA not after: Mon 07 Apr 2025 19:02:28 +0000
asID: 22773
IP address blocks: 154.202.24.0/23 maxlen: 24
154.212.0.0/24 maxlen: 24
154.212.16.0/22 maxlen: 24
154.212.24.0/22 maxlen: 24
154.214.28.0/22 maxlen: 24
154.219.6.0/23 maxlen: 24
154.219.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 19:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95972 (0x176e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 19:02:28 2025 GMT
Not After : Apr 7 19:02:28 2025 GMT
Subject: CN=67e843c8-0ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:a5:41:b2:70:05:3a:ba:66:c2:bd:0b:6f:19:
49:f2:64:f3:9e:fc:ee:13:b7:19:f7:70:3a:76:24:
5c:f4:8e:04:a3:6b:88:8a:e8:9c:4c:e2:d2:2b:df:
49:e4:70:bd:7d:6b:dc:8b:44:d6:63:7a:8a:ac:15:
cf:02:9c:19:d3:ce:26:61:47:b8:4a:9d:b1:7a:ed:
73:e7:09:be:51:ae:23:c3:cd:83:15:b0:f2:0a:4b:
6a:d1:54:02:90:c5:b5:0b:cd:31:d6:41:78:0b:46:
36:e4:8d:36:95:c8:8a:1d:a3:83:45:7c:6b:96:d9:
31:b4:39:ad:62:a1:b6:c4:ff:28:d6:92:d8:7a:2a:
54:e6:af:95:6a:35:50:f0:3c:3d:86:45:6f:8c:06:
59:ce:06:bc:f6:b6:68:54:a6:24:42:1d:71:e0:4d:
bc:16:49:72:26:73:df:97:b3:d3:46:d3:84:9b:98:
c3:27:29:44:5b:04:aa:44:ab:bc:de:c7:61:f5:f9:
97:67:57:29:61:35:dd:14:a6:13:ad:33:06:bd:a0:
86:ac:e8:b9:b8:d7:11:c3:08:55:c4:60:c7:97:ec:
b0:e2:00:9a:18:8f:35:5d:68:4d:e5:1a:2f:a4:11:
e6:9f:8a:be:a4:55:ba:1c:fb:13:8b:92:32:c1:8d:
68:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A5:6B:DD:2D:DF:C1:AE:76:5D:55:25:28:68:98:5F:5C:10:54:14
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E2C83320CD011F0AA41FF8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.24.0/23
154.212.0.0/24
154.212.16.0/22
154.212.24.0/22
154.214.28.0/22
154.219.6.0-154.219.15.255
Signature Algorithm: sha256WithRSAEncryption
79:84:86:e3:39:d7:ed:52:cd:bf:bb:69:4d:bd:e0:e9:e4:8e:
e1:6b:10:6c:4a:89:86:6e:f7:f7:80:6b:4d:83:94:67:92:ea:
05:7c:3a:63:5e:5d:dc:18:26:1f:f9:87:2d:67:09:e3:7c:1c:
1b:c3:9f:6a:74:68:e6:9c:ad:0d:49:f7:81:ad:31:d5:3a:74:
8a:ec:ee:47:09:03:c9:16:f4:5a:27:ee:b7:bc:30:8d:c9:7f:
d9:96:f1:ac:a2:5e:a5:bd:1e:86:0c:1d:5b:3b:2d:b0:e3:da:
43:ef:72:49:9a:f0:f8:48:6a:f4:b0:eb:9e:55:c1:9f:73:80:
e8:b9:29:82:ba:bd:f4:ed:5c:90:e4:55:b2:21:c3:be:d5:50:
ce:a1:7c:94:75:1c:88:dc:49:ae:5f:9b:cc:9c:ea:1c:50:7c:
1b:9a:af:5a:fe:fe:18:28:ef:29:16:d5:95:67:11:82:7a:b4:
88:ee:a7:c6:a2:0b:8c:ad:a5:24:5a:6c:02:75:b5:59:82:ff:
1a:ff:0b:bc:2a:35:46:a1:e0:22:e2:fc:99:8b:43:0e:2f:27:
99:0a:04:99:1d:d2:5d:8d:29:55:0a:62:e0:5a:ae:55:34:95:
7e:c8:93:11:d5:06:12:fc:46:a8:17:0e:38:60:60:d2:d0:0c:
ba:2c:af:7d
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAXbkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTkwMjI4WhcNMjUwNDA3MTkwMjI4WjAYMRYw
FAYDVQQDEw02N2U4NDNjOC0wZGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+qVBsnAFOrpmwr0LbxlJ8mTznvzuE7cZ93A6diRc9I4Eo2uIiuicTOLS
K99J5HC9fWvci0TWY3qKrBXPApwZ084mYUe4Sp2xeu1z5wm+Ua4jw82DFbDyCktq
0VQCkMW1C80x1kF4C0Y25I02lciKHaODRXxrltkxtDmtYqG2xP8o1pLYeipU5q+V
ajVQ8Dw9hkVvjAZZzga89rZoVKYkQh1x4E28FklyJnPfl7PTRtOEm5jDJylEWwSq
RKu83sdh9fmXZ1cpYTXdFKYTrTMGvaCGrOi5uNcRwwhVxGDHl+yw4gCaGI81XWhN
5RovpBHmn4q+pFW6HPsTi5IywY1opwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFNql
a90t38Gudl1VJShomF9cEFQUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RTJDODMzMjBDRDAxMUYwQUE0MUZGOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBmsoYAwQAmtQAAwQCmtQQ
AwQCmtQYAwQCmtYcMAwDBAGa2wYDBASa2wAwDQYJKoZIhvcNAQELBQADggEBAHmE
huM51+1Szb+7aU294OnkjuFrEGxKiYZu9/eAa02DlGeS6gV8OmNeXdwYJh/5hy1n
CeN8HBvDn2p0aOacrQ1J94GtMdU6dIrs7kcJA8kW9Fon7re8MI3Jf9mW8ayiXqW9
HoYMHVs7LbDj2kPvckma8PhIavSw655VwZ9zgOi5KYK6vfTtXJDkVbIhw77VUM6h
fJR1HIjcSa5fm8yc6hxQfBuar1r+/hgo7ykW1ZVnEYJ6tIjup8aiC4ytpSRabAJ1
tVmC/xr/C7wqNUah4CLi/JmLQw4vJ5kKBJkd0l2NKVUKYuBarlU0lX7IkxHVBhL8
RqgXDjhgYNLQDLosr30=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:52:51 2025 by rpki-client