Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7A0F1C54C91911EF824DFF5C762E951A.roa
File: 7A0F1C54C91911EF824DFF5C762E951A.roa (raw, json)
Hash identifier: TwLneuA6KPmrjura2ODVEGwMcHRO0PkgIDPdo6iVpxg=
Subject key identifier: D3:3D:69:73:A8:67:37:AA:C6:C0:F1:42:F2:3D:EA:44:A3:B7:05:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0132ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7A0F1C54C91911EF824DFF5C762E951A.roa
Signing time: Thu 02 Jan 2025 14:54:33 +0000
ROA not before: Thu 02 Jan 2025 14:54:29 +0000
ROA not after: Mon 13 Dec 2027 14:54:29 +0000
asID: 17561
IP address blocks: 154.222.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78573 (0x132ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 14:54:29 2025 GMT
Not After : Dec 13 14:54:29 2027 GMT
Subject: CN=6776a8a9-d5d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cb:c4:de:fa:12:46:94:6d:07:da:fb:5d:1c:
f2:18:7c:46:ab:07:e6:a3:f3:74:ae:5e:9a:b1:d4:
ac:9e:ae:3e:14:c4:78:7f:08:54:0f:d3:dc:8d:ce:
09:0a:69:cb:95:7d:c5:f8:7d:0d:13:de:bc:1d:96:
78:c1:52:d9:a0:83:eb:90:f7:fc:54:3d:b8:a3:dd:
20:dd:e9:72:19:cd:88:f1:37:69:f0:9f:99:42:49:
9d:50:ac:e2:2e:cd:0b:b4:eb:a9:2e:ac:d2:bc:3d:
36:9a:f9:e3:e4:7f:82:e1:a8:32:b6:7f:59:6f:df:
2f:56:3d:a9:d1:27:d2:ac:71:f5:7f:af:b5:00:b4:
05:e2:e3:07:29:ff:a2:b9:52:de:8b:fb:10:83:37:
38:81:2f:b4:64:a6:2c:ad:8b:0d:e1:25:ef:30:1e:
9c:16:09:6c:4a:20:ff:dd:e4:f7:4f:c6:70:fd:c3:
2f:68:00:d4:83:66:ac:04:0f:17:f6:48:5e:2d:fc:
d0:74:c3:54:f0:a2:66:47:e3:68:b5:30:88:49:37:
3c:96:5e:35:f5:56:64:a5:c8:f4:a2:23:ad:95:d1:
5a:76:a1:14:c8:51:9f:f5:14:50:d4:88:01:07:e6:
57:7d:07:b8:b9:b8:1a:8a:75:f1:59:85:c1:2f:73:
30:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3D:69:73:A8:67:37:AA:C6:C0:F1:42:F2:3D:EA:44:A3:B7:05:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7A0F1C54C91911EF824DFF5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.11.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:75:af:7a:e6:c8:a5:56:1f:5e:ce:fa:ac:54:46:39:55:87:
13:1c:36:cf:48:cd:b2:00:4c:02:3e:c9:53:ab:a0:78:a7:d1:
71:64:74:0d:ac:8b:c0:7b:01:ba:4c:9e:80:cd:ea:95:46:6f:
a4:b3:5e:ca:a9:f2:0a:e1:16:65:39:d2:2c:62:16:aa:de:35:
9a:24:f6:98:5b:f5:90:a3:bf:89:ce:3e:d9:7d:41:07:e9:67:
36:bd:96:a5:89:37:3c:af:0a:8b:60:71:8a:42:c8:d8:ed:18:
b6:3f:b5:79:09:ed:c3:26:70:29:39:c5:4d:f7:d5:6d:c1:89:
64:9a:6f:ef:c1:7d:43:37:e8:03:e6:b8:fe:73:ec:20:21:08:
0c:69:a5:f3:2a:f2:95:45:54:e4:10:3e:b9:78:9f:66:6d:6d:
45:fa:64:64:be:9a:3e:db:f8:65:8d:ff:79:63:dd:74:79:a9:
9a:e7:00:02:36:c4:99:52:04:50:d6:39:12:37:58:06:e1:a1:
55:cb:42:a8:ad:d0:e6:9b:16:1c:31:b0:a3:e0:2d:b3:71:6a:
ec:17:eb:9c:fa:0d:a2:aa:ad:68:d9:94:14:32:ce:d7:cc:97:
40:7b:8d:9a:9d:8b:a0:fc:58:47:1c:70:3b:00:ff:79:d5:8d:
05:3f:dd:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATLtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTQ1NDI5WhcNMjcxMjEzMTQ1NDI5WjAYMRYw
FAYDVQQDEw02Nzc2YThhOS1kNWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs8vE3voSRpRtB9r7XRzyGHxGqwfmo/N0rl6asdSsnq4+FMR4fwhUD9Pc
jc4JCmnLlX3F+H0NE968HZZ4wVLZoIPrkPf8VD24o90g3elyGc2I8Tdp8J+ZQkmd
UKziLs0LtOupLqzSvD02mvnj5H+C4agytn9Zb98vVj2p0SfSrHH1f6+1ALQF4uMH
Kf+iuVLei/sQgzc4gS+0ZKYsrYsN4SXvMB6cFglsSiD/3eT3T8Zw/cMvaADUg2as
BA8X9kheLfzQdMNU8KJmR+NotTCISTc8ll419VZkpcj0oiOtldFadqEUyFGf9RRQ
1IgBB+ZXfQe4ubgainXxWYXBL3MwtwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNM9
aXOoZzeqxsDxQvI96kSjtwW8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QTBGMUM1NEM5MTkxMUVGODI0REZGNUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4LMA0GCSqGSIb3DQEB
CwUAA4IBAQC4da965silVh9ezvqsVEY5VYcTHDbPSM2yAEwCPslTq6B4p9FxZHQN
rIvAewG6TJ6AzeqVRm+ks17KqfIK4RZlOdIsYhaq3jWaJPaYW/WQo7+Jzj7ZfUEH
6Wc2vZaliTc8rwqLYHGKQsjY7Ri2P7V5Ce3DJnApOcVN99VtwYlkmm/vwX1DN+gD
5rj+c+wgIQgMaaXzKvKVRVTkED65eJ9mbW1F+mRkvpo+2/hljf95Y910eama5wAC
NsSZUgRQ1jkSN1gG4aFVy0KordDmmxYcMbCj4C2zcWrsF+uc+g2iqq1o2ZQUMs7X
zJdAe42anYug/FhHHHA7AP951Y0FP93u
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:00 2025 by rpki-client