Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9469C038F3FB11EF9A03E76E762E951A.roa
File: 9469C038F3FB11EF9A03E76E762E951A.roa (raw, json)
Hash identifier: d/4LkEwOe6nPXY/Fme+mNNcbMK/VYKjOo8I+Agsxy0U=
Subject key identifier: 87:3B:95:65:42:11:D2:43:DA:6A:00:3D:C0:58:D0:09:EF:8B:89:1A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0160DD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9469C038F3FB11EF9A03E76E762E951A.roa
Signing time: Wed 26 Feb 2025 04:38:52 +0000
ROA not before: Wed 26 Feb 2025 04:38:49 +0000
ROA not after: Thu 19 Feb 2026 04:38:49 +0000
asID: 984
IP address blocks: 154.203.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90333 (0x160dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 04:38:49 2025 GMT
Not After : Feb 19 04:38:49 2026 GMT
Subject: CN=67be9adc-f7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:68:3f:5d:2f:08:1a:5f:4b:07:19:fe:42:7c:
64:09:aa:70:3d:7d:94:e1:ec:df:24:7d:91:4c:e8:
1a:94:07:4a:28:96:65:4d:f4:48:d3:96:77:8c:34:
51:a9:ed:00:65:59:8f:fd:47:50:01:1b:f9:7b:19:
83:75:70:9c:66:78:d2:fd:63:db:70:a2:5e:a5:5a:
9d:96:21:f5:ce:5f:72:01:e4:a2:cf:2d:80:bf:23:
00:4a:5b:5a:11:e0:c0:53:3e:3c:ed:fe:b7:31:00:
10:3a:09:b4:dc:17:55:e8:cd:ba:33:df:97:4f:77:
ce:d8:2c:9c:50:c5:19:b8:be:9b:4e:ea:61:26:a2:
b3:ce:42:de:dd:ed:e9:78:40:e3:6c:9c:95:39:e0:
fe:81:db:97:6c:93:59:3d:e8:c3:90:b8:02:3a:ef:
22:a8:3f:eb:e9:5c:14:f5:17:e3:2e:b8:34:39:44:
4f:44:91:6d:0e:cc:c0:15:a7:f3:fa:57:d8:90:2b:
e9:cf:9e:1d:97:48:c9:77:6b:d8:2f:c8:6f:83:df:
24:e1:9d:f3:f6:73:0c:d9:c2:49:ad:7b:28:4d:48:
84:5b:33:b3:a1:f2:43:0c:8a:00:e9:83:d8:99:7a:
7f:e4:26:2d:76:2b:4b:f5:c6:aa:97:5e:95:0b:1b:
b9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3B:95:65:42:11:D2:43:DA:6A:00:3D:C0:58:D0:09:EF:8B:89:1A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9469C038F3FB11EF9A03E76E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.210.0/24
Signature Algorithm: sha256WithRSAEncryption
27:83:d3:ad:5d:dd:81:42:8a:42:44:c9:f1:62:5f:2b:04:b3:
be:72:6d:31:1d:d3:88:3a:e2:a3:d6:12:6f:48:8a:81:39:6a:
c0:ae:52:6e:18:73:21:bb:02:ed:f3:74:21:e3:eb:29:3f:32:
fa:c8:b6:e2:95:f7:ce:5d:d0:1e:aa:c0:4d:6d:60:a1:13:4a:
4c:ed:86:b8:2b:fd:bb:e0:0d:55:45:ba:35:3f:6c:65:32:f7:
06:4c:d8:64:a7:36:09:5d:5e:76:44:99:75:36:39:67:02:b3:
15:ff:54:2f:cb:69:13:e0:86:32:1e:89:27:d8:93:f4:ff:40:
a0:07:5f:5e:ad:93:d3:5f:d2:5b:fe:ce:8d:8f:e6:13:7a:3d:
db:ba:02:67:9f:f8:bc:27:1b:3c:5f:84:92:bb:f9:7d:36:0e:
e2:b5:24:71:73:2e:b9:a7:fe:d8:57:e8:a2:6e:35:e6:72:5d:
26:09:c8:fe:c5:fb:3a:73:29:14:81:4e:39:f5:cc:00:42:7b:
9d:c5:b2:51:25:fd:29:c1:a4:0a:9d:38:e9:2c:9f:83:94:d7:
9d:a8:bc:6c:ff:95:7e:5e:7f:69:65:5a:93:ff:52:b1:87:4b:
77:a2:ca:b9:e6:2d:fc:86:f9:af:6c:74:e0:a9:bb:94:5d:c9:
24:24:96:b8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWDdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDQzODQ5WhcNMjYwMjE5MDQzODQ5WjAYMRYw
FAYDVQQDEw02N2JlOWFkYy1mN2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Gg/XS8IGl9LBxn+QnxkCapwPX2U4ezfJH2RTOgalAdKKJZlTfRI05Z3
jDRRqe0AZVmP/UdQARv5exmDdXCcZnjS/WPbcKJepVqdliH1zl9yAeSizy2AvyMA
SltaEeDAUz487f63MQAQOgm03BdV6M26M9+XT3fO2CycUMUZuL6bTuphJqKzzkLe
3e3peEDjbJyVOeD+gduXbJNZPejDkLgCOu8iqD/r6VwU9RfjLrg0OURPRJFtDszA
Fafz+lfYkCvpz54dl0jJd2vYL8hvg98k4Z3z9nMM2cJJrXsoTUiEWzOzofJDDIoA
6YPYmXp/5CYtditL9caql16VCxu5nwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIc7
lWVCEdJD2moAPcBY0Anvi4kaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NDY5QzAzOEYzRkIxMUVGOUEwM0U3NkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsvSMA0GCSqGSIb3DQEB
CwUAA4IBAQAng9OtXd2BQopCRMnxYl8rBLO+cm0xHdOIOuKj1hJvSIqBOWrArlJu
GHMhuwLt83Qh4+spPzL6yLbilffOXdAeqsBNbWChE0pM7Ya4K/274A1VRbo1P2xl
MvcGTNhkpzYJXV52RJl1NjlnArMV/1Qvy2kT4IYyHokn2JP0/0CgB19erZPTX9Jb
/s6Nj+YTej3bugJnn/i8Jxs8X4SSu/l9Ng7itSRxcy65p/7YV+iibjXmcl0mCcj+
xfs6cykUgU459cwAQnudxbJRJf0pwaQKnTjpLJ+DlNedqLxs/5V+Xn9pZVqT/1Kx
h0t3osq55i38hvmvbHTgqbuUXckkJJa4
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:56:48 2025 by rpki-client