Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AAA059AFF1311EF88518582762E951A.roa
File: 7AAA059AFF1311EF88518582762E951A.roa (raw, json)
Hash identifier: WE7qQbS0dmN3/qjjTj5Emdxgix74XVk9Yih3AlpCL0w=
Subject key identifier: 4F:34:18:68:FD:1F:B7:A9:FE:64:A3:CA:E4:17:2D:57:0E:84:9D:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01738F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AAA059AFF1311EF88518582762E951A.roa
Signing time: Wed 12 Mar 2025 07:27:40 +0000
ROA not before: Wed 12 Mar 2025 07:27:29 +0000
ROA not after: Thu 12 Jun 2025 07:27:29 +0000
asID: 398993
IP address blocks: 154.199.208.0/20 maxlen: 24
154.199.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 14:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95119 (0x1738f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 07:27:29 2025 GMT
Not After : Jun 12 07:27:29 2025 GMT
Subject: CN=67d1376c-7281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5a:74:61:96:76:35:b0:4f:4a:e4:d8:72:34:
a8:77:5c:5b:2e:2a:ff:82:20:a6:41:d8:87:e1:39:
31:4b:88:59:8f:9e:02:20:4d:9d:1b:c4:32:cf:8f:
6e:04:e1:96:8e:43:90:a2:92:6c:92:6a:75:9d:ba:
47:9c:c4:b8:43:e5:fc:aa:9d:cd:a8:72:a8:21:41:
b9:46:4c:c8:b7:1e:bd:ee:09:b2:36:c5:d7:37:25:
76:fb:d6:2b:36:f3:b0:2c:70:a7:1a:53:28:42:ab:
8e:15:8d:e3:a4:32:89:20:e8:0d:0d:9f:68:df:93:
7b:d9:81:41:47:d8:e2:37:1a:e2:18:38:e4:e2:fd:
25:95:85:9e:83:70:ee:60:9c:53:91:b3:31:7f:74:
b0:09:f3:40:99:b7:cc:2d:42:7a:97:19:ca:01:91:
a6:85:64:29:ee:68:fa:61:4a:4d:65:ec:96:5a:d3:
3d:4d:d1:d1:4c:4a:32:df:dd:ec:66:41:b8:b5:53:
ba:38:a1:dc:f4:74:3e:c4:0a:7a:ec:66:f9:01:82:
a0:d1:5c:a7:c4:69:ee:3e:12:e2:20:3d:02:8c:b8:
20:8d:ea:b6:28:0e:7f:86:d9:85:e5:de:23:91:d3:
49:5b:cf:86:a4:53:2d:37:5a:5b:d0:84:14:ab:15:
e7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:34:18:68:FD:1F:B7:A9:FE:64:A3:CA:E4:17:2D:57:0E:84:9D:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AAA059AFF1311EF88518582762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.208.0-154.199.255.255
Signature Algorithm: sha256WithRSAEncryption
2a:dc:45:fa:3e:b0:4c:5d:4b:5d:62:49:c4:cf:f6:2d:2d:c6:
38:fa:53:fc:11:a8:1c:43:22:65:b7:d2:55:c7:7d:d1:2b:b8:
6f:37:22:66:28:ab:3b:f4:eb:4d:da:e0:46:cb:cb:4a:cc:62:
d7:db:e8:68:ab:37:67:a0:46:9d:41:6c:89:b9:28:c0:8d:bb:
67:1f:81:de:56:24:df:89:90:e1:16:72:06:f1:59:97:77:3f:
f9:f3:f0:3f:f6:13:d2:8e:ba:19:05:00:2f:83:07:45:71:c1:
bc:06:0e:33:83:f3:94:0c:e2:75:0c:f5:c5:fa:f3:5e:de:9f:
b9:76:3f:ee:81:0f:e5:f6:d6:66:b2:58:d5:76:77:3e:2e:32:
02:cc:02:a1:e1:94:b5:be:b5:14:01:ef:b6:1c:7c:97:e1:a4:
53:6a:da:b7:91:eb:00:21:05:13:95:2a:0f:00:9f:a7:7d:25:
da:1e:1d:3b:32:19:f1:e1:c9:56:dd:d2:12:3e:60:c4:13:57:
55:18:28:82:d2:e6:fd:9a:2f:69:dc:e4:8a:b3:2f:4d:d7:e4:
fc:38:9a:0e:cb:86:fe:b7:2e:ec:fc:e3:d7:ad:04:64:17:e6:
83:3d:44:64:63:85:cf:c9:34:22:ac:c2:fa:ca:53:cd:d6:d5:
55:45:c1:41
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIDAXOPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMDcyNzI5WhcNMjUwNjEyMDcyNzI5WjAYMRYw
FAYDVQQDEw02N2QxMzc2Yy03MjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2lp0YZZ2NbBPSuTYcjSod1xbLir/giCmQdiH4TkxS4hZj54CIE2dG8Qy
z49uBOGWjkOQopJskmp1nbpHnMS4Q+X8qp3NqHKoIUG5RkzItx697gmyNsXXNyV2
+9YrNvOwLHCnGlMoQquOFY3jpDKJIOgNDZ9o35N72YFBR9jiNxriGDjk4v0llYWe
g3DuYJxTkbMxf3SwCfNAmbfMLUJ6lxnKAZGmhWQp7mj6YUpNZeyWWtM9TdHRTEoy
393sZkG4tVO6OKHc9HQ+xAp67Gb5AYKg0VynxGnuPhLiID0CjLggjeq2KA5/htmF
5d4jkdNJW8+GpFMtN1pb0IQUqxXnKwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFE80
GGj9H7ep/mSjyuQXLVcOhJ1oMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QUFBMDU5QUZGMTMxMUVGODg1MTg1ODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBASax9ADAwOawDANBgkq
hkiG9w0BAQsFAAOCAQEAKtxF+j6wTF1LXWJJxM/2LS3GOPpT/BGoHEMiZbfSVcd9
0Su4bzciZiirO/TrTdrgRsvLSsxi19voaKs3Z6BGnUFsibkowI27Zx+B3lYk34mQ
4RZyBvFZl3c/+fPwP/YT0o66GQUAL4MHRXHBvAYOM4PzlAzidQz1xfrzXt6fuXY/
7oEP5fbWZrJY1XZ3Pi4yAswCoeGUtb61FAHvthx8l+GkU2rat5HrACEFE5UqDwCf
p30l2h4dOzIZ8eHJVt3SEj5gxBNXVRgogtLm/ZovadzkirMvTdfk/DiaDsuG/rcu
7Pzj160EZBfmgz1EZGOFz8k0IqzC+spTzdbVVUXBQQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:50:39 2025 by rpki-client