Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A00438CF3B511EFA04FAC83762E951A.roa
File: 9A00438CF3B511EFA04FAC83762E951A.roa (raw, json)
Hash identifier: bBby0gPnBdtIBRNIPIFOyb3nD9PXkjZQ3pgkvoAyMx8=
Subject key identifier: 7F:BD:8C:E0:3B:2C:A1:4C:52:04:1A:06:B8:BA:8E:99:2F:50:F6:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015FC6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A00438CF3B511EFA04FAC83762E951A.roa
Signing time: Tue 25 Feb 2025 20:17:57 +0000
ROA not before: Tue 25 Feb 2025 20:17:53 +0000
ROA not after: Wed 09 Apr 2025 20:17:53 +0000
asID: 138915
IP address blocks: 154.95.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90054 (0x15fc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 20:17:53 2025 GMT
Not After : Apr 9 20:17:53 2025 GMT
Subject: CN=67be2575-3ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:49:cc:7e:6d:07:e5:81:4d:a8:62:d6:21:7b:
a4:f0:0c:bc:9a:67:59:66:fe:63:3a:59:87:80:7b:
f9:96:fc:25:49:94:b7:e1:66:b9:a2:37:a7:ff:e0:
29:14:ce:42:c9:02:26:55:b6:90:da:65:aa:b0:a4:
e1:2a:12:0d:da:a5:5b:68:98:6c:11:a6:1b:1b:8b:
ae:a3:bb:11:9a:17:6e:e5:6c:82:62:7a:0d:1f:7b:
37:29:56:8a:05:92:df:78:a9:19:a2:65:1a:0f:43:
cf:e9:c1:d1:d5:ea:e2:fc:28:1d:dc:a6:0d:20:6a:
95:82:92:73:07:12:e1:67:b5:ea:fa:63:eb:aa:eb:
fb:f4:e7:bd:7f:f6:8d:e7:bd:a4:de:46:f8:cd:84:
dc:34:05:ba:21:0f:40:f5:bd:39:8c:41:98:1c:36:
b2:8d:b6:fe:0d:9e:4e:b9:7f:76:74:3d:f5:47:3c:
14:92:53:78:03:09:ca:20:00:2c:3c:3e:d3:98:e5:
78:2d:c8:c1:35:6f:17:45:eb:97:b9:4f:03:ed:7b:
18:88:32:b6:87:6d:c9:5b:b0:16:ab:a4:57:a0:b8:
f8:a9:60:e6:c5:91:f9:35:24:fb:cd:42:f5:b9:68:
14:e6:65:a8:57:60:8a:30:e6:64:0b:57:f8:9b:55:
95:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:BD:8C:E0:3B:2C:A1:4C:52:04:1A:06:B8:BA:8E:99:2F:50:F6:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A00438CF3B511EFA04FAC83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.88.0/24
Signature Algorithm: sha256WithRSAEncryption
50:41:3d:76:76:42:4e:6a:5b:3f:7a:ad:48:24:4b:3d:7d:31:
81:2e:6e:a2:bc:df:86:8e:f0:79:5a:cf:28:48:5a:85:e1:60:
bb:6a:b6:67:07:31:f2:29:ee:71:f9:3b:1d:06:69:35:18:8e:
97:1a:14:eb:0e:ec:4b:e4:3a:35:f5:fa:64:3d:07:78:8f:16:
1c:99:e4:6f:9c:37:15:49:dc:b2:ba:e9:51:4b:44:80:67:7d:
5d:69:93:81:2f:f1:d5:34:f2:16:4b:90:41:0a:ff:18:b2:54:
d6:c0:19:9a:54:62:c2:45:3e:87:76:05:56:08:76:12:c4:21:
02:50:1d:52:ec:ab:09:0e:68:01:7e:f3:e3:d8:c3:af:b3:c8:
1d:68:93:60:9a:62:2d:97:f8:a3:54:97:34:60:df:07:64:07:
d0:c5:4f:cf:ff:a3:5e:4e:f0:ee:69:d4:64:51:78:6a:43:17:
d3:6f:ba:1d:d7:cd:22:ec:dc:27:39:a3:b0:48:4a:28:43:11:
19:a5:e7:11:9a:f0:c4:de:65:7a:92:60:8c:6b:c0:f9:b2:2c:
6d:a6:9b:32:46:cd:d4:d2:24:f5:40:89:1e:ee:aa:da:30:17:
4d:5c:59:07:ca:98:b4:fe:ec:ec:95:ed:be:ab:2a:91:8c:da:
4a:f6:6d:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV/GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MjAxNzUzWhcNMjUwNDA5MjAxNzUzWjAYMRYw
FAYDVQQDEw02N2JlMjU3NS0zYWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA00nMfm0H5YFNqGLWIXuk8Ay8mmdZZv5jOlmHgHv5lvwlSZS34Wa5ojen
/+ApFM5CyQImVbaQ2mWqsKThKhIN2qVbaJhsEaYbG4uuo7sRmhdu5WyCYnoNH3s3
KVaKBZLfeKkZomUaD0PP6cHR1eri/Cgd3KYNIGqVgpJzBxLhZ7Xq+mPrquv79Oe9
f/aN572k3kb4zYTcNAW6IQ9A9b05jEGYHDayjbb+DZ5OuX92dD31RzwUklN4AwnK
IAAsPD7TmOV4LcjBNW8XReuXuU8D7XsYiDK2h23JW7AWq6RXoLj4qWDmxZH5NST7
zUL1uWgU5mWoV2CKMOZkC1f4m1WVkwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH+9
jOA7LKFMUgQaBri6jpkvUPaLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QTAwNDM4Q0YzQjUxMUVGQTA0RkFDODM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml9YMA0GCSqGSIb3DQEB
CwUAA4IBAQBQQT12dkJOals/eq1IJEs9fTGBLm6ivN+GjvB5Ws8oSFqF4WC7arZn
BzHyKe5x+TsdBmk1GI6XGhTrDuxL5Do19fpkPQd4jxYcmeRvnDcVSdyyuulRS0SA
Z31daZOBL/HVNPIWS5BBCv8YslTWwBmaVGLCRT6HdgVWCHYSxCECUB1S7KsJDmgB
fvPj2MOvs8gdaJNgmmItl/ijVJc0YN8HZAfQxU/P/6NeTvDuadRkUXhqQxfTb7od
180i7NwnOaOwSEooQxEZpecRmvDE3mV6kmCMa8D5sixtppsyRs3U0iT1QIke7qra
MBdNXFkHypi0/uzsle2+qyqRjNpK9m36
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:18:43 2025 by rpki-client