Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2EE3440E31111EF871C3E5D762E951A.roa
File: A2EE3440E31111EF871C3E5D762E951A.roa (raw, json)
Hash identifier: H5wBO1UKi2Vfvxrtt9Fytb6mg5Qt/J4qrBGlK1xy/4Q=
Subject key identifier: 8D:FF:76:CB:98:C3:BD:4C:E4:54:59:A7:E6:27:D6:52:D0:83:89:50
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01510B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2EE3440E31111EF871C3E5D762E951A.roa
Signing time: Tue 04 Feb 2025 16:03:56 +0000
ROA not before: Tue 04 Feb 2025 16:03:52 +0000
ROA not after: Wed 30 Apr 2025 16:03:52 +0000
asID: 18229
IP address blocks: 154.210.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86283 (0x1510b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 16:03:52 2025 GMT
Not After : Apr 30 16:03:52 2025 GMT
Subject: CN=67a23a6c-7124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dd:1c:ef:87:b6:75:66:f4:54:38:06:4c:ab:
1c:cb:91:17:d5:47:8b:d0:d7:ee:d4:75:9f:a9:fd:
eb:6c:28:f8:24:a5:47:eb:bf:28:b9:f0:3e:da:5e:
92:41:4f:d1:18:34:36:8e:02:62:24:69:f9:e3:58:
6e:cd:27:c8:fe:a3:94:40:04:79:32:2d:c4:07:b3:
0b:98:ea:b2:8f:82:79:61:11:b8:0a:4b:db:08:77:
18:a3:11:a8:5c:32:99:c9:08:67:9c:55:02:de:5d:
90:b1:ae:db:29:32:39:62:c4:bd:1c:d6:fa:72:50:
45:85:6d:d5:10:3a:2b:60:fa:78:51:63:26:c4:c6:
75:45:a6:50:91:28:df:f6:80:06:5a:ab:9d:72:03:
97:fa:79:48:7c:e7:5b:ce:83:fc:30:3a:44:18:30:
02:56:50:d0:cc:1d:b7:04:7b:3c:15:c6:4c:a0:d3:
b8:83:29:ad:8d:b2:a7:2a:8a:3f:e2:03:bf:98:d7:
b1:a9:63:19:5c:66:9a:0f:85:63:26:24:3f:46:3d:
a0:7b:40:23:ec:91:37:9e:bf:3a:64:dc:4a:a4:d1:
a0:21:7f:0a:67:be:94:8e:94:dc:8f:f3:4e:96:aa:
6e:93:82:59:6d:85:17:78:5a:17:1c:b2:eb:4d:30:
ca:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FF:76:CB:98:C3:BD:4C:E4:54:59:A7:E6:27:D6:52:D0:83:89:50
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2EE3440E31111EF871C3E5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.157.0/24
Signature Algorithm: sha256WithRSAEncryption
98:20:90:61:6c:6e:bb:35:29:49:2b:84:e1:c6:50:fd:f2:30:
48:b0:88:25:ef:7a:99:2c:64:f3:30:e7:fa:03:4f:67:39:4e:
0b:1a:30:6b:83:e8:f0:22:02:02:2c:6e:c0:07:b1:3c:67:ea:
cd:8b:c8:e3:9e:8f:74:a4:20:4f:83:7a:58:e3:a7:bc:79:8b:
55:7b:22:99:b5:6c:72:c5:11:5b:31:bc:06:9a:4b:d8:e1:41:
56:eb:bb:18:12:bb:78:55:27:99:00:7f:dd:2d:0c:66:6f:9a:
c8:0d:0b:b7:39:d7:02:33:18:39:e8:3e:48:95:c5:3c:f2:d6:
76:ea:71:9e:13:ce:ab:31:8a:3d:ee:bd:cf:27:e5:ca:42:5b:
56:c4:50:15:28:36:37:f9:f6:5f:9f:e0:ad:9c:27:8c:2b:70:
54:a6:c7:4a:24:96:03:75:88:93:a7:9e:10:2a:27:5b:f0:47:
c4:36:ff:d3:b2:e0:86:5a:56:c0:de:34:3f:92:f5:08:03:b3:
ad:4f:46:41:25:2b:e8:12:23:8f:f6:f3:89:3d:ee:4b:a9:d3:
00:94:2f:df:68:d1:43:f2:ff:cf:3b:10:93:b5:3b:91:ce:2f:
ba:ee:41:34:a1:da:e2:6f:1e:4d:13:a2:d0:8a:04:9f:6a:3b:
1e:51:b1:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVELMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MTYwMzUyWhcNMjUwNDMwMTYwMzUyWjAYMRYw
FAYDVQQDEw02N2EyM2E2Yy03MTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxt0c74e2dWb0VDgGTKscy5EX1UeL0Nfu1HWfqf3rbCj4JKVH678oufA+
2l6SQU/RGDQ2jgJiJGn541huzSfI/qOUQAR5Mi3EB7MLmOqyj4J5YRG4CkvbCHcY
oxGoXDKZyQhnnFUC3l2Qsa7bKTI5YsS9HNb6clBFhW3VEDorYPp4UWMmxMZ1RaZQ
kSjf9oAGWqudcgOX+nlIfOdbzoP8MDpEGDACVlDQzB23BHs8FcZMoNO4gymtjbKn
Koo/4gO/mNexqWMZXGaaD4VjJiQ/Rj2ge0Aj7JE3nr86ZNxKpNGgIX8KZ76UjpTc
j/NOlqpuk4JZbYUXeFoXHLLrTTDKVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI3/
dsuYw71M5FRZp+Yn1lLQg4lQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMkVFMzQ0MEUzMTExMUVGODcxQzNFNUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKdMA0GCSqGSIb3DQEB
CwUAA4IBAQCYIJBhbG67NSlJK4ThxlD98jBIsIgl73qZLGTzMOf6A09nOU4LGjBr
g+jwIgICLG7AB7E8Z+rNi8jjno90pCBPg3pY46e8eYtVeyKZtWxyxRFbMbwGmkvY
4UFW67sYErt4VSeZAH/dLQxmb5rIDQu3OdcCMxg56D5IlcU88tZ26nGeE86rMYo9
7r3PJ+XKQltWxFAVKDY3+fZfn+CtnCeMK3BUpsdKJJYDdYiTp54QKidb8EfENv/T
suCGWlbA3jQ/kvUIA7OtT0ZBJSvoEiOP9vOJPe5LqdMAlC/faNFD8v/POxCTtTuR
zi+67kE0odribx5NE6LQigSfajseUbFY
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:32:33 2025 by rpki-client