Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/757F959CF8EE11EFB8D5BE4A762E951A.roa
File: 757F959CF8EE11EFB8D5BE4A762E951A.roa (raw, json)
Hash identifier: qlx+ogGJCsRn+CTaCMtDtWDtvgXBqvyInFIacgHWOhc=
Subject key identifier: 57:DD:BC:20:C4:80:F7:A5:2E:F1:95:A9:02:84:56:77:B3:E1:69:A1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0171C4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/757F959CF8EE11EFB8D5BE4A762E951A.roa
Signing time: Tue 04 Mar 2025 11:47:33 +0000
ROA not before: Tue 04 Mar 2025 11:47:27 +0000
ROA not after: Mon 07 Apr 2025 11:47:27 +0000
asID: 30781
IP address blocks: 154.217.176.0/23 maxlen: 24
154.217.184.0/21 maxlen: 24
154.217.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94660 (0x171c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 4 11:47:27 2025 GMT
Not After : Apr 7 11:47:27 2025 GMT
Subject: CN=67c6e855-7a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:12:63:4f:c4:73:49:92:f9:d7:be:54:50:6b:
8c:bd:78:8a:84:f0:e0:72:67:cb:00:f5:9e:c2:52:
ec:69:2b:74:31:fe:34:68:22:1e:0e:b1:03:f8:dc:
2d:80:f8:fa:e8:aa:ad:9c:c4:c1:b6:73:6b:c3:c6:
15:cf:a3:9b:52:62:60:c2:39:9d:70:45:99:08:70:
85:7c:c4:54:cd:90:40:da:16:cc:43:22:89:1c:73:
c8:50:56:0c:19:77:c5:c1:40:6b:83:c3:a4:83:a1:
6c:74:e1:8a:f3:67:8a:72:5a:54:43:4b:b9:00:c9:
96:98:6d:30:ee:a8:98:2d:61:59:c0:42:05:cd:33:
3b:fc:bc:38:4a:31:43:70:a9:06:a5:07:4c:f7:69:
83:6c:35:26:78:f0:4c:42:c1:fa:41:a0:40:60:22:
51:cd:05:22:d8:b8:2f:21:09:e0:7a:10:08:17:be:
e3:bb:58:59:a1:2b:e8:1c:fb:22:46:bd:15:83:e7:
fe:06:05:bd:f0:56:55:5a:6a:b8:0c:db:63:5b:55:
d2:30:b3:3f:8e:68:50:88:74:01:8a:8a:97:ea:e4:
8c:15:00:67:fc:78:d4:32:3a:a2:a1:45:5d:39:18:
a2:52:27:13:75:30:49:1e:8e:af:e0:7f:37:b4:13:
de:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:DD:BC:20:C4:80:F7:A5:2E:F1:95:A9:02:84:56:77:B3:E1:69:A1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/757F959CF8EE11EFB8D5BE4A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.176.0/23
154.217.184.0-154.217.223.255
Signature Algorithm: sha256WithRSAEncryption
82:fd:41:fd:ee:3b:93:c0:5c:4b:bc:b8:fc:ae:61:cb:48:79:
76:22:b2:b9:25:aa:ce:e4:a8:24:10:c4:fb:7d:fd:3d:98:ba:
4d:50:6f:3a:c1:21:14:7a:7c:c2:3b:69:94:4e:5d:9d:1a:26:
e6:ac:c1:e4:7a:2a:13:53:16:9b:68:91:79:50:fb:7c:00:aa:
a5:74:71:da:9e:9b:41:0c:3a:dc:b7:0f:5c:24:e5:be:1b:ad:
39:b5:6f:29:22:8c:b3:e1:2a:60:da:07:96:aa:88:b6:0e:75:
36:01:e4:77:d4:d6:99:38:8f:f8:73:d6:d8:a1:e4:70:d7:72:
1c:e7:51:b5:14:19:ff:0b:48:a3:1f:de:e6:c9:7a:04:83:ab:
f4:f0:e3:d4:9f:2a:db:ae:ed:6a:a5:4d:62:fd:6b:6d:22:74:
18:dd:7c:18:c9:45:a9:0d:65:5a:0f:f4:a4:94:af:e4:45:5d:
f7:8a:ce:5b:f5:d1:a4:95:4f:89:60:71:83:5a:2f:1a:d5:33:
63:63:94:e8:0b:cc:fc:d4:3d:0f:7e:cd:f5:d6:27:d0:bf:e1:
f5:99:fc:23:b8:71:14:10:f4:6d:23:6d:e7:47:ca:36:ad:c3:
cd:9f:e1:5a:47:1d:0b:60:48:fd:a8:7e:0e:9f:73:f2:d5:92:
fa:aa:60:ed
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXHEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA0MTE0NzI3WhcNMjUwNDA3MTE0NzI3WjAYMRYw
FAYDVQQDEw02N2M2ZTg1NS03YTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApBJjT8RzSZL5175UUGuMvXiKhPDgcmfLAPWewlLsaSt0Mf40aCIeDrED
+NwtgPj66KqtnMTBtnNrw8YVz6ObUmJgwjmdcEWZCHCFfMRUzZBA2hbMQyKJHHPI
UFYMGXfFwUBrg8Okg6FsdOGK82eKclpUQ0u5AMmWmG0w7qiYLWFZwEIFzTM7/Lw4
SjFDcKkGpQdM92mDbDUmePBMQsH6QaBAYCJRzQUi2LgvIQngehAIF77ju1hZoSvo
HPsiRr0Vg+f+BgW98FZVWmq4DNtjW1XSMLM/jmhQiHQBioqX6uSMFQBn/HjUMjqi
oUVdORiiUicTdTBJHo6v4H83tBPetQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFFfd
vCDEgPelLvGVqQKEVnez4WmhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NTdGOTU5Q0Y4RUUxMUVGQjhENUJFNEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBmtmwMAwDBAOa2bgDBAWa
2cAwDQYJKoZIhvcNAQELBQADggEBAIL9Qf3uO5PAXEu8uPyuYctIeXYisrklqs7k
qCQQxPt9/T2Yuk1QbzrBIRR6fMI7aZROXZ0aJuasweR6KhNTFptokXlQ+3wAqqV0
cdqem0EMOty3D1wk5b4brTm1bykijLPhKmDaB5aqiLYOdTYB5HfU1pk4j/hz1tih
5HDXchznUbUUGf8LSKMf3ubJegSDq/Tw49SfKtuu7WqlTWL9a20idBjdfBjJRakN
ZVoP9KSUr+RFXfeKzlv10aSVT4lgcYNaLxrVM2NjlOgLzPzUPQ9+zfXWJ9C/4fWZ
/CO4cRQQ9G0jbedHyjatw82f4VpHHQtgSP2ofg6fc/LVkvqqYO0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:44 2025 by rpki-client