Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2FA736AF62911EF966B4E6D762E951A.roa
File: A2FA736AF62911EF966B4E6D762E951A.roa (raw, json)
Hash identifier: 0UyxWXmvTvXIz+a7cHIMy9e8fb+u/MCeK6FnBOY8hzs=
Subject key identifier: 16:06:1E:60:C6:90:48:62:73:35:EB:31:24:6A:30:59:AC:84:44:35
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CBB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2FA736AF62911EF966B4E6D762E951A.roa
Signing time: Fri 28 Feb 2025 23:13:36 +0000
ROA not before: Fri 28 Feb 2025 23:13:32 +0000
ROA not after: Sat 19 Apr 2025 23:13:32 +0000
asID: 138915
IP address blocks: 154.93.36.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93371 (0x16cbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 23:13:32 2025 GMT
Not After : Apr 19 23:13:32 2025 GMT
Subject: CN=67c24320-b248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:43:0d:0f:4f:dd:37:85:1e:ec:e8:c2:bc:66:
0c:b5:e2:57:54:87:c6:a5:67:d9:f3:5c:be:be:73:
ca:da:8f:13:a2:51:50:5a:6e:3c:c3:b5:f6:ec:f8:
2e:c8:40:e6:76:2f:6b:63:9f:5b:55:ac:b4:28:0b:
53:3c:45:b1:c3:88:35:8a:7d:36:c1:c6:73:12:e3:
db:16:5f:8e:9e:25:23:d3:af:11:e5:15:4d:ee:89:
26:79:67:3c:44:20:45:fb:9d:8c:82:65:5b:6e:12:
39:5c:4e:85:de:48:98:1e:56:d7:b8:de:3e:75:5a:
76:61:a1:05:99:d5:cf:a5:d9:a5:12:0a:f3:0d:46:
3b:2c:08:c0:74:82:15:59:89:d8:40:e7:56:38:4c:
09:97:b5:00:71:1a:a5:24:7b:c1:f8:7b:c9:c3:a3:
b7:05:21:af:53:07:70:b7:9a:0f:49:e0:c8:fb:93:
a3:10:0f:3d:79:d9:71:25:24:eb:19:56:bc:dd:55:
08:ac:aa:5d:1e:48:39:d9:2a:70:8f:b3:ed:e8:75:
cf:75:b7:94:92:48:39:68:54:1e:6d:32:f1:70:29:
61:71:a9:64:ea:46:de:ed:ef:3c:13:23:65:56:51:
7f:67:bb:14:a6:b9:48:58:53:c6:ad:6b:24:6a:70:
de:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:06:1E:60:C6:90:48:62:73:35:EB:31:24:6A:30:59:AC:84:44:35
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2FA736AF62911EF966B4E6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.36.0/23
Signature Algorithm: sha256WithRSAEncryption
47:e0:32:9d:54:07:e8:54:31:da:7a:46:f0:b9:51:90:22:56:
f9:e2:0b:87:b6:5b:6d:23:ec:c4:11:05:c4:31:79:96:ed:c9:
85:84:a6:d0:d5:a1:b5:43:5b:70:43:83:94:e9:0c:b5:fe:5f:
18:3e:6e:c6:ed:46:50:87:bd:71:22:59:05:29:a1:10:a1:ad:
ac:f9:54:b7:ac:ce:d7:51:a2:2c:91:f1:6d:23:95:74:87:cc:
89:e1:bd:d1:38:be:cf:39:16:54:18:52:05:5e:af:ec:0b:79:
8c:de:fb:83:c2:79:c6:4a:8b:ac:07:ef:4b:04:6c:73:72:0e:
74:f0:27:15:28:67:f0:04:9a:59:3f:7d:e3:80:4e:c3:1d:b4:
75:51:98:b7:5d:13:12:11:39:52:ce:18:5a:8d:15:14:da:f5:
34:e2:e2:8c:16:10:8e:3d:85:ef:f6:50:40:0f:e5:8f:8c:f9:
9c:04:7b:2e:31:20:c1:b9:a5:3c:7e:d1:c6:05:8b:12:71:14:
de:b0:e3:c2:ff:8d:9d:c2:df:79:26:a1:03:c6:89:28:68:50:
af:2b:c7:fe:96:11:4b:d2:59:43:ce:16:80:aa:85:28:3d:1b:
f2:a1:23:df:bb:ec:92:20:67:51:77:c1:be:70:54:b2:0e:8f:
00:7c:1d:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWy7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjMxMzMyWhcNMjUwNDE5MjMxMzMyWjAYMRYw
FAYDVQQDEw02N2MyNDMyMC1iMjQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5EMND0/dN4Ue7OjCvGYMteJXVIfGpWfZ81y+vnPK2o8TolFQWm48w7X2
7PguyEDmdi9rY59bVay0KAtTPEWxw4g1in02wcZzEuPbFl+OniUj068R5RVN7okm
eWc8RCBF+52MgmVbbhI5XE6F3kiYHlbXuN4+dVp2YaEFmdXPpdmlEgrzDUY7LAjA
dIIVWYnYQOdWOEwJl7UAcRqlJHvB+HvJw6O3BSGvUwdwt5oPSeDI+5OjEA89edlx
JSTrGVa83VUIrKpdHkg52Spwj7Pt6HXPdbeUkkg5aFQebTLxcClhcalk6kbe7e88
EyNlVlF/Z7sUprlIWFPGrWskanDeTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBYG
HmDGkEhiczXrMSRqMFmshEQ1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMkZBNzM2QUY2MjkxMUVGOTY2QjRFNkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml0kMA0GCSqGSIb3DQEB
CwUAA4IBAQBH4DKdVAfoVDHaekbwuVGQIlb54guHtlttI+zEEQXEMXmW7cmFhKbQ
1aG1Q1twQ4OU6Qy1/l8YPm7G7UZQh71xIlkFKaEQoa2s+VS3rM7XUaIskfFtI5V0
h8yJ4b3ROL7PORZUGFIFXq/sC3mM3vuDwnnGSousB+9LBGxzcg508CcVKGfwBJpZ
P33jgE7DHbR1UZi3XRMSETlSzhhajRUU2vU04uKMFhCOPYXv9lBAD+WPjPmcBHsu
MSDBuaU8ftHGBYsScRTesOPC/42dwt95JqEDxokoaFCvK8f+lhFL0llDzhaAqoUo
PRvyoSPfu+ySIGdRd8G+cFSyDo8AfB2e
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:44:07 2025 by rpki-client