Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6FAD74F6E31611EF8BCFB47C762E951A.roa
File: 6FAD74F6E31611EF8BCFB47C762E951A.roa (raw, json)
Hash identifier: gY7VrcCyXYzwTmuAucClS1j2At823nTNeaS9ILdvIQU=
Subject key identifier: C3:78:B3:DF:83:0C:85:99:D4:2A:B1:CE:8F:E4:25:68:BD:40:9F:F6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015129
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6FAD74F6E31611EF8BCFB47C762E951A.roa
Signing time: Tue 04 Feb 2025 16:38:17 +0000
ROA not before: Tue 04 Feb 2025 16:38:14 +0000
ROA not after: Wed 30 Apr 2025 16:38:14 +0000
asID: 18229
IP address blocks: 154.210.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86313 (0x15129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 16:38:14 2025 GMT
Not After : Apr 30 16:38:14 2025 GMT
Subject: CN=67a24279-ccdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:90:36:4c:5b:b5:5b:db:b8:30:7a:31:36:b2:
d9:05:13:fe:d2:59:12:58:93:bf:9e:d2:4f:5a:81:
cb:a2:8d:95:ce:4d:e3:82:0e:78:45:8d:47:a1:9a:
a8:05:27:78:3b:c0:30:20:8e:04:9c:25:4d:28:1c:
76:2b:94:76:1b:a2:5a:55:25:c0:a2:05:1a:cf:f0:
ac:ef:df:c5:b6:fc:7b:2a:6a:43:44:be:14:6f:36:
9e:61:fb:d9:b8:c7:c2:48:84:ad:10:ae:eb:48:4c:
fb:4e:f8:25:08:6c:7c:f1:5d:2a:3b:f3:f8:a7:ea:
a1:2a:7b:df:8c:c7:cf:6a:f8:7d:82:09:02:61:a7:
da:74:b7:ff:f5:73:9f:2d:ad:d4:51:94:d2:db:ee:
5a:01:f9:e8:73:42:65:bd:e2:3e:cf:aa:8b:90:9e:
af:50:77:3c:2b:7d:4d:24:92:29:7e:c9:72:93:ba:
2b:ca:f0:16:e8:c0:55:42:7f:50:59:0d:58:fd:1b:
ce:d3:60:b5:0f:7a:06:c6:1e:a1:b2:d5:82:7e:1e:
38:1e:60:2b:fd:c5:d7:f8:ff:d1:8e:4a:7b:c7:9e:
f5:81:ff:64:de:17:92:fd:86:67:62:30:18:71:f1:
16:d6:fc:da:56:4e:ad:d6:31:7e:8e:53:46:eb:fa:
57:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:78:B3:DF:83:0C:85:99:D4:2A:B1:CE:8F:E4:25:68:BD:40:9F:F6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6FAD74F6E31611EF8BCFB47C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.139.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:9d:1e:48:c6:e3:d5:cb:e6:32:63:5e:c4:f5:2c:55:64:1d:
21:b0:b8:cc:03:a8:82:a1:4f:b6:73:3f:2b:82:4f:12:ea:5a:
0e:36:40:95:a1:5e:e4:b9:60:6c:cb:d2:ac:fd:33:34:42:19:
63:0e:50:2b:ea:59:89:df:55:36:8e:74:5a:af:00:b3:01:d7:
4e:c1:1d:c3:c5:c4:bd:ed:27:37:4f:04:90:13:02:d6:15:7f:
b6:a8:27:ac:d0:51:66:e2:28:37:be:6c:0a:17:a2:4b:79:49:
d1:e2:50:99:8d:10:10:05:28:b4:fe:ea:6b:3f:fd:a6:4f:54:
cf:09:ba:ea:12:ec:88:3f:07:eb:86:1e:07:b5:33:25:f4:ab:
e3:9e:08:37:27:65:9c:78:c8:8e:ea:f2:cb:2c:25:c2:c3:13:
f5:bc:fa:fc:40:f0:40:63:0c:ca:df:87:dd:16:78:c9:3a:0f:
e3:77:db:73:b4:20:69:b6:43:5b:b2:0d:44:7d:b8:af:8c:6e:
b7:22:b1:e4:ea:ac:10:71:e4:82:bb:e8:bd:c5:40:d6:cf:92:
2d:cc:6d:42:da:e7:27:23:bf:58:18:ca:37:df:a1:0e:17:aa:
00:b7:a2:cf:e5:43:99:52:97:f9:81:c5:33:4a:d1:d9:cf:e8:
87:80:c2:46
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVEpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MTYzODE0WhcNMjUwNDMwMTYzODE0WjAYMRYw
FAYDVQQDEw02N2EyNDI3OS1jY2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs5A2TFu1W9u4MHoxNrLZBRP+0lkSWJO/ntJPWoHLoo2Vzk3jgg54RY1H
oZqoBSd4O8AwII4EnCVNKBx2K5R2G6JaVSXAogUaz/Cs79/Ftvx7KmpDRL4Ubzae
YfvZuMfCSIStEK7rSEz7TvglCGx88V0qO/P4p+qhKnvfjMfPavh9ggkCYafadLf/
9XOfLa3UUZTS2+5aAfnoc0JlveI+z6qLkJ6vUHc8K31NJJIpfslyk7oryvAW6MBV
Qn9QWQ1Y/RvO02C1D3oGxh6hstWCfh44HmAr/cXX+P/Rjkp7x571gf9k3heS/YZn
YjAYcfEW1vzaVk6t1jF+jlNG6/pXaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMN4
s9+DDIWZ1Cqxzo/kJWi9QJ/2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RkFENzRGNkUzMTYxMUVGOEJDRkI0N0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKLMA0GCSqGSIb3DQEB
CwUAA4IBAQDQnR5IxuPVy+YyY17E9SxVZB0hsLjMA6iCoU+2cz8rgk8S6loONkCV
oV7kuWBsy9Ks/TM0QhljDlAr6lmJ31U2jnRarwCzAddOwR3DxcS97Sc3TwSQEwLW
FX+2qCes0FFm4ig3vmwKF6JLeUnR4lCZjRAQBSi0/uprP/2mT1TPCbrqEuyIPwfr
hh4HtTMl9Kvjngg3J2WceMiO6vLLLCXCwxP1vPr8QPBAYwzK34fdFnjJOg/jd9tz
tCBptkNbsg1EfbivjG63IrHk6qwQceSCu+i9xUDWz5ItzG1C2ucnI79YGMo336EO
F6oAt6LP5UOZUpf5gcUzStHZz+iHgMJG
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:58 2025 by rpki-client