Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AA7D3CEE2DA11EFB1A77C70762E951A.roa
File: 7AA7D3CEE2DA11EFB1A77C70762E951A.roa (raw, json)
Hash identifier: 5Vye+GUqWusvMvk5es+CxkdDRUEjUvtvifQJL3b5cc4=
Subject key identifier: 45:0C:7A:0C:87:E0:04:2A:2A:39:63:3D:23:B8:B2:BF:F8:7C:C4:04
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0150E1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AA7D3CEE2DA11EFB1A77C70762E951A.roa
Signing time: Tue 04 Feb 2025 09:29:06 +0000
ROA not before: Tue 04 Feb 2025 09:29:02 +0000
ROA not after: Wed 30 Apr 2025 09:29:02 +0000
asID: 18229
IP address blocks: 154.210.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86241 (0x150e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 09:29:02 2025 GMT
Not After : Apr 30 09:29:02 2025 GMT
Subject: CN=67a1dde2-f936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:80:61:74:96:3d:04:1b:3b:a2:bb:7b:11:14:
5b:b7:63:bf:c1:c5:86:a7:6b:f5:7b:4b:26:e2:0e:
26:a5:f5:59:6f:6d:13:d9:06:ca:d0:94:c6:f9:d7:
3e:ed:9c:d6:3a:c7:31:90:b1:2e:5d:ee:e0:a1:d1:
ba:c8:24:5b:4e:9d:16:56:41:3d:71:dd:0c:a4:d9:
b8:1c:3a:c9:db:72:2a:7e:43:c1:f6:61:31:5b:bc:
1c:33:7d:2a:14:51:2d:f0:53:06:70:a9:c9:14:52:
9a:18:ec:fe:ab:db:69:83:39:b9:9a:70:60:5d:d2:
d3:73:8f:48:a1:b4:6f:fd:4a:cb:90:c6:04:d7:81:
4a:57:58:f3:85:d1:b2:d3:b6:4c:fb:13:2b:74:3f:
90:33:45:01:f9:26:f4:4f:a7:98:88:93:df:d5:39:
a6:a4:93:db:56:6b:e2:08:3e:b7:6f:ac:f1:4e:7b:
c9:e0:c0:73:8e:a9:fe:33:09:04:bc:8f:90:c0:b4:
d7:e5:33:25:86:4d:b8:13:99:de:f5:cb:92:f7:8b:
85:39:6b:37:63:3e:ee:ee:cd:a4:5e:c5:89:1d:9e:
b4:ac:1b:ac:57:dc:e9:0f:cd:e8:41:44:1b:e0:e1:
3d:b2:36:56:ec:c9:85:4f:20:1d:27:98:68:4f:47:
19:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:0C:7A:0C:87:E0:04:2A:2A:39:63:3D:23:B8:B2:BF:F8:7C:C4:04
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AA7D3CEE2DA11EFB1A77C70762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.152.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:06:fa:cd:90:22:84:cc:06:6e:31:e0:fc:18:1a:e4:71:87:
19:e3:94:e9:87:b0:63:fa:6d:48:4b:1e:94:c4:31:e3:b9:0d:
22:1e:8b:27:92:0c:34:eb:38:c5:db:55:a5:9d:76:66:98:3b:
9f:84:31:6b:95:c7:ac:dd:61:9b:39:06:aa:63:b0:34:b1:c2:
5a:27:58:be:14:f3:c8:12:03:99:d1:9a:b2:64:15:c9:8f:3d:
ef:f4:4b:4f:5b:7a:a2:20:12:48:1f:3a:18:43:d9:81:5e:ed:
ff:6a:15:d8:5b:1e:9c:14:9a:32:ad:19:9f:3f:db:f7:29:bb:
fd:b5:9b:47:fc:be:6e:71:53:81:67:0e:6a:eb:54:9a:8b:94:
04:9d:b4:41:23:55:51:33:a6:35:b0:74:75:44:bf:88:6b:8a:
c1:97:93:76:5b:f0:9f:31:6d:1c:6d:6d:cd:b5:9c:30:e3:cf:
24:a8:1c:93:f2:ae:e3:7c:d8:65:19:bd:d1:02:be:9c:31:86:
31:3a:23:28:7e:f9:b2:2b:d1:88:d1:c6:dd:f8:cf:43:14:bd:
86:4a:38:f4:c2:87:52:02:d2:1b:32:f8:26:63:4f:9d:32:24:
26:e0:ea:6c:3a:5c:23:c1:79:c8:b5:53:27:39:97:7d:48:b3:
26:cc:f1:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVDhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDkyOTAyWhcNMjUwNDMwMDkyOTAyWjAYMRYw
FAYDVQQDEw02N2ExZGRlMi1mOTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoYBhdJY9BBs7ort7ERRbt2O/wcWGp2v1e0sm4g4mpfVZb20T2QbK0JTG
+dc+7ZzWOscxkLEuXe7godG6yCRbTp0WVkE9cd0MpNm4HDrJ23IqfkPB9mExW7wc
M30qFFEt8FMGcKnJFFKaGOz+q9tpgzm5mnBgXdLTc49IobRv/UrLkMYE14FKV1jz
hdGy07ZM+xMrdD+QM0UB+Sb0T6eYiJPf1TmmpJPbVmviCD63b6zxTnvJ4MBzjqn+
MwkEvI+QwLTX5TMlhk24E5ne9cuS94uFOWs3Yz7u7s2kXsWJHZ60rBusV9zpD83o
QUQb4OE9sjZW7MmFTyAdJ5hoT0cZuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEUM
egyH4AQqKjljPSO4sr/4fMQEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QUE3RDNDRUUyREExMUVGQjFBNzdDNzA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKYMA0GCSqGSIb3DQEB
CwUAA4IBAQB+BvrNkCKEzAZuMeD8GBrkcYcZ45Tph7Bj+m1ISx6UxDHjuQ0iHosn
kgw06zjF21WlnXZmmDufhDFrlces3WGbOQaqY7A0scJaJ1i+FPPIEgOZ0ZqyZBXJ
jz3v9EtPW3qiIBJIHzoYQ9mBXu3/ahXYWx6cFJoyrRmfP9v3Kbv9tZtH/L5ucVOB
Zw5q61Sai5QEnbRBI1VRM6Y1sHR1RL+Ia4rBl5N2W/CfMW0cbW3NtZww488kqByT
8q7jfNhlGb3RAr6cMYYxOiMofvmyK9GI0cbd+M9DFL2GSjj0wodSAtIbMvgmY0+d
MiQm4OpsOlwjwXnItVMnOZd9SLMmzPHT
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:08:51 2025 by rpki-client