Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74525CEEF6BF11EFBF432071762E951A.roa
File: 74525CEEF6BF11EFBF432071762E951A.roa (raw, json)
Hash identifier: 9SNQ6wJdYBSyL6EzfkMOczFDm0DieSX6j/J0X1zM4Z0=
Subject key identifier: 8A:4E:11:1A:C7:C9:E0:C3:8A:D5:A9:BA:5E:08:B6:5E:9A:22:17:AC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016F11
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74525CEEF6BF11EFBF432071762E951A.roa
Signing time: Sat 01 Mar 2025 17:06:02 +0000
ROA not before: Sat 01 Mar 2025 17:05:59 +0000
ROA not after: Sat 05 Apr 2025 17:05:59 +0000
asID: 203020
IP address blocks: 154.209.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 17:05:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93969 (0x16f11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 17:05:59 2025 GMT
Not After : Apr 5 17:05:59 2025 GMT
Subject: CN=67c33e7a-0afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6e:36:f0:a3:ad:15:8b:98:54:a7:2d:e9:43:
79:42:5b:c2:57:52:59:9c:9f:39:75:46:db:ee:b2:
f6:91:93:25:b5:1d:54:10:ec:73:16:5d:d3:98:cb:
5d:b1:c0:3f:42:61:2a:35:3e:15:a8:81:58:a9:b6:
b5:f0:63:2c:0e:da:18:79:0e:51:6b:ea:be:e1:ab:
e3:6b:85:b9:ba:fc:13:98:86:a6:f4:a9:df:6e:fa:
a9:bb:27:85:54:c4:3a:37:f2:27:f6:23:68:ac:e3:
b3:53:24:23:dc:10:e5:7b:5b:6a:2a:4e:18:d3:1f:
db:2a:92:b1:19:09:39:de:8f:27:95:0b:ae:a6:8e:
da:47:71:c7:78:eb:ab:29:68:bd:76:1f:fe:cb:fc:
34:40:62:f8:67:74:28:7d:8b:d5:72:36:0a:87:48:
18:05:bb:b1:66:f2:83:16:4d:ee:c5:83:d1:13:c4:
ee:17:0f:2a:c2:b9:ed:84:7b:e4:a7:00:77:c8:12:
5c:c3:35:a8:20:a5:0e:d7:5e:2c:e7:4f:ac:80:ef:
f1:e1:a4:0b:97:93:bd:d6:cb:2c:ad:d4:f7:35:03:
61:c9:89:f9:f2:ff:50:4a:3f:b7:66:64:d9:e5:72:
86:e5:48:84:61:14:e7:c4:86:9b:49:f8:51:68:06:
85:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4E:11:1A:C7:C9:E0:C3:8A:D5:A9:BA:5E:08:B6:5E:9A:22:17:AC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74525CEEF6BF11EFBF432071762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.16.0/23
Signature Algorithm: sha256WithRSAEncryption
20:ed:aa:a1:2f:b4:02:e4:e7:ee:24:9e:c6:8d:72:6d:ef:a3:
6c:40:83:47:b7:01:ea:cc:5c:0f:75:d4:5e:a4:69:97:23:b7:
c3:3b:cf:ff:9c:1f:38:49:38:95:d5:53:f1:52:04:e4:ba:68:
c2:87:1b:7a:63:28:60:8e:6b:ab:8d:ee:2f:28:af:ea:1c:45:
9b:a4:8a:61:9c:f2:87:7f:16:41:f9:3b:cf:d1:36:b7:cd:66:
c5:07:ce:e1:1e:b9:fc:f7:47:f0:55:c3:fb:2a:93:00:26:aa:
a3:8d:6c:2e:50:ee:17:e3:8a:46:56:f4:50:74:03:c5:24:01:
22:af:a6:7e:bc:c1:1a:c2:8d:be:81:8a:70:54:21:1c:2c:fa:
94:a3:d0:40:ca:79:d4:a4:19:1d:7c:bf:74:13:de:23:ad:8c:
fb:64:17:b4:7b:d9:79:9b:1c:8f:3a:55:0f:78:44:ba:2d:55:
e2:97:ed:65:bd:6e:30:6c:95:6a:81:32:c9:94:19:b3:b6:b2:
0f:b5:95:2e:8e:49:17:ba:e7:24:48:4f:30:5e:1a:71:92:f2:
b6:d9:c1:a2:1b:de:3a:e8:6d:85:49:9e:4e:74:3c:09:f6:17:
08:a2:9c:03:04:3a:7a:f8:5c:fc:21:4b:06:f8:cc:66:11:6e:
d5:09:48:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW8RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTcwNTU5WhcNMjUwNDA1MTcwNTU5WjAYMRYw
FAYDVQQDEw02N2MzM2U3YS0wYWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtG428KOtFYuYVKct6UN5QlvCV1JZnJ85dUbb7rL2kZMltR1UEOxzFl3T
mMtdscA/QmEqNT4VqIFYqba18GMsDtoYeQ5Ra+q+4avja4W5uvwTmIam9Knfbvqp
uyeFVMQ6N/In9iNorOOzUyQj3BDle1tqKk4Y0x/bKpKxGQk53o8nlQuupo7aR3HH
eOurKWi9dh/+y/w0QGL4Z3QofYvVcjYKh0gYBbuxZvKDFk3uxYPRE8TuFw8qwrnt
hHvkpwB3yBJcwzWoIKUO114s50+sgO/x4aQLl5O91sssrdT3NQNhyYn58v9QSj+3
ZmTZ5XKG5UiEYRTnxIabSfhRaAaFjwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIpO
ERrHyeDDitWpul4Itl6aIhesMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NDUyNUNFRUY2QkYxMUVGQkY0MzIwNzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtEQMA0GCSqGSIb3DQEB
CwUAA4IBAQAg7aqhL7QC5OfuJJ7GjXJt76NsQINHtwHqzFwPddRepGmXI7fDO8//
nB84STiV1VPxUgTkumjChxt6Yyhgjmurje4vKK/qHEWbpIphnPKHfxZB+TvP0Ta3
zWbFB87hHrn890fwVcP7KpMAJqqjjWwuUO4X44pGVvRQdAPFJAEir6Z+vMEawo2+
gYpwVCEcLPqUo9BAynnUpBkdfL90E94jrYz7ZBe0e9l5mxyPOlUPeES6LVXil+1l
vW4wbJVqgTLJlBmztrIPtZUujkkXuuckSE8wXhpxkvK22cGiG9466G2FSZ5OdDwJ
9hcIopwDBDp6+Fz8IUsG+MxmEW7VCUjA
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:49 2025 by rpki-client