Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9E14BDAAF43611EF83635383762E951A.roa
File: 9E14BDAAF43611EF83635383762E951A.roa (raw, json)
Hash identifier: lxzBMQPCreCe6nKAGep7V7319VUvF+2bkBaO3mPZlRU=
Subject key identifier: 02:7E:B5:B4:FB:22:67:47:9E:BA:E6:25:0F:8A:73:B6:21:A0:5A:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0162B2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9E14BDAAF43611EF83635383762E951A.roa
Signing time: Wed 26 Feb 2025 11:41:29 +0000
ROA not before: Wed 26 Feb 2025 11:41:19 +0000
ROA not after: Fri 20 Feb 2026 11:41:19 +0000
asID: 984
IP address blocks: 154.199.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90802 (0x162b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:41:19 2025 GMT
Not After : Feb 20 11:41:19 2026 GMT
Subject: CN=67befde9-daaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0a:f4:f1:79:8e:c8:ac:38:30:4b:aa:3b:db:
69:55:f4:0d:e2:cc:d6:c3:07:6d:82:6e:33:c0:16:
dd:df:4a:2e:91:8d:50:0f:9d:61:99:19:ee:b2:cb:
b2:91:07:77:19:f0:a2:1f:ba:06:58:6f:8f:94:1c:
fb:77:63:3b:60:4e:ba:da:9f:1c:68:ae:c6:01:6a:
e3:5d:49:dc:b2:7d:2d:1d:e6:89:81:60:a1:5a:27:
ce:1a:2e:9a:8a:d6:a7:b1:2a:19:09:e6:9f:60:be:
0f:d5:09:01:cf:be:48:32:fa:04:3c:d9:42:a4:fe:
55:c4:15:fe:38:05:5a:a6:f7:5b:b9:e5:15:a6:29:
29:bf:be:32:10:87:9f:67:98:21:68:d2:fd:3d:97:
9f:7c:e6:57:06:43:cf:18:d3:47:73:51:44:aa:bd:
51:9e:46:9b:3f:7f:87:14:b8:c2:38:2c:ab:ab:6a:
4a:c8:2a:94:18:74:59:4c:61:59:8f:14:4a:3b:67:
dd:7e:7e:9a:5f:47:db:65:09:bf:84:a1:55:2b:60:
0c:97:e3:8b:3d:62:02:1a:d7:bf:af:52:cd:7b:ae:
1e:e0:d0:a1:8f:4b:db:0f:5c:d2:c5:d9:21:aa:5e:
07:52:91:98:bf:e5:87:bf:68:db:df:cc:41:6c:ed:
86:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7E:B5:B4:FB:22:67:47:9E:BA:E6:25:0F:8A:73:B6:21:A0:5A:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9E14BDAAF43611EF83635383762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.138.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:10:79:d6:f7:c1:5b:77:aa:8a:5c:fc:d7:90:3d:19:ac:8d:
ab:25:f9:1c:13:e7:ab:8c:c8:7d:04:11:1a:d7:f4:e5:5f:73:
f2:56:c8:8c:79:25:5f:da:d5:d7:c2:80:36:40:52:40:92:a6:
8d:9a:14:fe:4f:58:32:ec:80:30:ca:23:b7:40:08:cc:05:c3:
51:50:dc:a9:3d:3b:f2:54:56:ea:45:b2:40:af:b8:f0:b7:c5:
58:d0:84:b1:79:e6:bf:94:94:f1:63:38:7e:48:af:aa:12:5e:
bc:e9:75:57:f6:cf:82:b1:01:da:4a:b4:6a:c2:52:18:c8:23:
7b:25:3d:05:80:4d:5b:a2:97:cd:6e:e8:3f:7e:49:fc:f4:52:
79:7b:37:de:fa:93:13:5c:4d:98:b6:85:73:20:9c:59:c0:0f:
0f:84:1f:23:0c:c8:52:9a:9d:45:66:4f:a9:33:bc:53:15:7a:
33:d2:8f:e0:32:80:df:53:fd:0b:71:ec:13:4d:01:06:fc:5e:
1c:77:33:c6:c0:5d:27:4d:e0:75:2f:57:05:a2:5e:ee:58:89:
10:0d:b7:07:c2:2f:b9:14:a5:e7:5b:34:a1:50:c3:98:af:3d:
e2:10:0e:2d:6d:82:de:fc:ce:8f:04:7e:a6:bf:4e:ee:77:45:
26:53:3a:29
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWKyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTE0MTE5WhcNMjYwMjIwMTE0MTE5WjAYMRYw
FAYDVQQDEw02N2JlZmRlOS1kYWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Qr08XmOyKw4MEuqO9tpVfQN4szWwwdtgm4zwBbd30oukY1QD51hmRnu
ssuykQd3GfCiH7oGWG+PlBz7d2M7YE662p8caK7GAWrjXUncsn0tHeaJgWChWifO
Gi6aitansSoZCeafYL4P1QkBz75IMvoEPNlCpP5VxBX+OAVapvdbueUVpikpv74y
EIefZ5ghaNL9PZeffOZXBkPPGNNHc1FEqr1RnkabP3+HFLjCOCyrq2pKyCqUGHRZ
TGFZjxRKO2fdfn6aX0fbZQm/hKFVK2AMl+OLPWICGte/r1LNe64e4NChj0vbD1zS
xdkhql4HUpGYv+WHv2jb38xBbO2G3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAJ+
tbT7ImdHnrrmJQ+Kc7YhoFpKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RTE0QkRBQUY0MzYxMUVGODM2MzUzODM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmseKMA0GCSqGSIb3DQEB
CwUAA4IBAQDVEHnW98Fbd6qKXPzXkD0ZrI2rJfkcE+erjMh9BBEa1/TlX3PyVsiM
eSVf2tXXwoA2QFJAkqaNmhT+T1gy7IAwyiO3QAjMBcNRUNypPTvyVFbqRbJAr7jw
t8VY0ISxeea/lJTxYzh+SK+qEl686XVX9s+CsQHaSrRqwlIYyCN7JT0FgE1bopfN
bug/fkn89FJ5ezfe+pMTXE2YtoVzIJxZwA8PhB8jDMhSmp1FZk+pM7xTFXoz0o/g
MoDfU/0LcewTTQEG/F4cdzPGwF0nTeB1L1cFol7uWIkQDbcHwi+5FKXnWzShUMOY
rz3iEA4tbYLe/M6PBH6mv07ud0UmUzop
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:30:56 2025 by rpki-client