Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85602394093011F09A69ED65762E951A.roa
File: 85602394093011F09A69ED65762E951A.roa (raw, json)
Hash identifier: aNGl/F8XSFuj7AS/7360fVTGP7/AC9PkEz+SxoJPzQg=
Subject key identifier: AB:CB:7A:69:83:14:54:1A:16:22:7F:0B:B0:26:1E:47:C2:5A:72:90
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0175E9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85602394093011F09A69ED65762E951A.roa
Signing time: Tue 25 Mar 2025 04:20:45 +0000
ROA not before: Tue 25 Mar 2025 04:20:41 +0000
ROA not after: Mon 14 Apr 2025 04:20:41 +0000
asID: 139880
IP address blocks: 154.214.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95721 (0x175e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 04:20:41 2025 GMT
Not After : Apr 14 04:20:41 2025 GMT
Subject: CN=67e22f1d-78b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b6:06:5a:3b:68:03:54:4e:78:48:4c:a5:3a:
d5:bd:4f:7b:10:1d:11:e2:c4:60:2c:42:3c:ef:0a:
53:d2:99:2a:06:c1:48:05:9e:ac:82:90:45:c8:99:
e6:40:8b:d9:e1:43:48:8e:43:b2:8a:cd:64:b9:1b:
15:00:ab:f8:15:c1:64:a0:1f:bf:85:41:0e:1c:77:
f8:8e:3c:b8:c0:21:56:8d:a3:3c:f9:00:a5:e7:b6:
9f:71:c8:37:6f:8b:af:72:5e:ca:d0:1d:fd:62:b0:
01:f1:b8:a0:fd:31:87:43:b7:31:47:5e:f8:71:8f:
1f:13:61:dd:6d:04:e2:75:bb:91:93:d9:4e:da:22:
52:c4:50:17:ed:e4:67:24:4f:77:59:97:c7:c1:66:
62:71:55:8b:14:bc:98:8f:a7:8b:e7:a1:ce:19:5f:
3e:a9:51:f0:50:0e:d2:41:d2:e3:05:76:89:a1:cd:
f3:8d:ea:2d:30:e1:c9:86:86:5a:6d:46:6c:82:a2:
09:f1:4d:e3:2a:e2:3e:fd:ce:1b:37:e1:15:1e:27:
30:2c:dd:ca:68:f0:d9:30:12:ae:d6:1f:6b:04:f6:
00:6c:c0:51:b6:01:b7:56:7a:6a:7d:81:dc:e7:27:
43:00:7c:7a:d9:70:dc:4a:cc:eb:42:b9:37:f4:2b:
31:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:CB:7A:69:83:14:54:1A:16:22:7F:0B:B0:26:1E:47:C2:5A:72:90
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85602394093011F09A69ED65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.64.0/18
Signature Algorithm: sha256WithRSAEncryption
24:11:03:0c:3f:9a:70:49:a4:a8:16:57:7f:4f:76:16:c5:89:
95:26:b9:9c:a3:7a:6f:40:29:a9:bb:5c:03:59:55:f8:3f:30:
71:49:d3:65:b0:ac:c2:be:b4:2d:40:a2:99:70:74:db:d0:90:
7c:ef:90:43:52:d0:34:be:d1:13:be:6e:ec:1d:b5:fd:9a:59:
ba:79:eb:57:3a:c6:a2:df:14:e0:6a:34:61:8a:85:de:2d:a1:
5c:34:bd:5c:19:c6:52:3d:d5:9e:23:3e:de:7d:47:c7:03:64:
4e:14:2a:f1:8e:82:d2:4b:55:ae:93:af:5e:17:04:3d:71:45:
b1:12:17:0d:a3:61:c8:0d:d2:03:3c:f1:40:d9:07:6e:16:1c:
62:6e:34:01:30:28:e8:da:52:5c:ba:5f:4c:8e:28:85:94:23:
3f:56:54:55:60:35:a5:14:57:f2:f5:3c:30:00:f3:8f:2a:95:
b2:c2:95:b8:e0:24:b5:3c:66:6a:f5:35:c5:1a:30:42:da:9b:
e3:79:62:ff:0f:c7:88:75:f3:60:2c:98:f7:b1:51:e6:2d:a8:
f3:c7:7f:54:d2:10:7b:5d:ad:c9:ce:4a:90:22:7e:be:2e:e0:
2b:8e:2a:1c:c5:40:f4:3f:24:83:0c:a9:84:34:04:96:cd:98:
db:ee:bf:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXXpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MDQyMDQxWhcNMjUwNDE0MDQyMDQxWjAYMRYw
FAYDVQQDEw02N2UyMmYxZC03OGI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1LYGWjtoA1ROeEhMpTrVvU97EB0R4sRgLEI87wpT0pkqBsFIBZ6sgpBF
yJnmQIvZ4UNIjkOyis1kuRsVAKv4FcFkoB+/hUEOHHf4jjy4wCFWjaM8+QCl57af
ccg3b4uvcl7K0B39YrAB8big/TGHQ7cxR174cY8fE2HdbQTidbuRk9lO2iJSxFAX
7eRnJE93WZfHwWZicVWLFLyYj6eL56HOGV8+qVHwUA7SQdLjBXaJoc3zjeotMOHJ
hoZabUZsgqIJ8U3jKuI+/c4bN+EVHicwLN3KaPDZMBKu1h9rBPYAbMBRtgG3Vnpq
fYHc5ydDAHx62XDcSszrQrk39CsxiwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKvL
emmDFFQaFiJ/C7AmHkfCWnKQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NTYwMjM5NDA5MzAxMUYwOUE2OUVENjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtZAMA0GCSqGSIb3DQEB
CwUAA4IBAQAkEQMMP5pwSaSoFld/T3YWxYmVJrmco3pvQCmpu1wDWVX4PzBxSdNl
sKzCvrQtQKKZcHTb0JB875BDUtA0vtETvm7sHbX9mlm6eetXOsai3xTgajRhioXe
LaFcNL1cGcZSPdWeIz7efUfHA2ROFCrxjoLSS1Wuk69eFwQ9cUWxEhcNo2HIDdID
PPFA2QduFhxibjQBMCjo2lJcul9MjiiFlCM/VlRVYDWlFFfy9TwwAPOPKpWywpW4
4CS1PGZq9TXFGjBC2pvjeWL/D8eIdfNgLJj3sVHmLajzx39U0hB7Xa3JzkqQIn6+
LuArjiocxUD0PySDDKmENASWzZjb7r8E
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:33:21 2025 by rpki-client