Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A393A148F6B011EF9A15148D762E951A.roa
File: A393A148F6B011EF9A15148D762E951A.roa (raw, json)
Hash identifier: QkEvecHPye1b5d97x+SeNgvR14DLGi5sg38qv4qfR5M=
Subject key identifier: 8A:BC:31:D2:D1:56:1B:48:DA:34:7E:79:90:7D:C6:B5:3A:2E:EA:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E9E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A393A148F6B011EF9A15148D762E951A.roa
Signing time: Sat 01 Mar 2025 15:19:59 +0000
ROA not before: Sat 01 Mar 2025 15:19:55 +0000
ROA not after: Sat 05 Apr 2025 15:19:55 +0000
asID: 203020
IP address blocks: 154.205.174.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 15:19:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93854 (0x16e9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 15:19:55 2025 GMT
Not After : Apr 5 15:19:55 2025 GMT
Subject: CN=67c3259f-1a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:48:70:0f:2e:7b:df:77:04:8e:7b:9e:c3:bc:
c9:30:78:7a:6a:ea:c8:5f:e5:85:a5:0c:6d:7f:db:
14:69:89:ca:20:8b:73:11:5c:86:44:bd:9d:f3:3b:
07:2c:ed:e6:d9:1e:db:dc:b4:8b:65:44:bf:9e:65:
70:d3:3d:6d:e2:6f:a5:f8:59:3a:e5:50:ba:9a:f5:
c5:87:aa:10:90:55:62:75:b9:d4:c7:34:24:75:c5:
53:18:10:60:6e:bd:d6:b3:ed:71:f5:55:32:0c:8b:
f2:d9:ef:1d:04:11:b9:45:10:02:09:89:34:3e:84:
7e:8c:2d:7b:b9:48:2c:8f:4a:9b:82:68:9b:fd:74:
1e:e4:bb:93:09:35:d2:12:85:49:cc:8f:10:72:54:
43:0b:1d:81:b2:f4:ff:5e:a7:e0:e8:06:57:79:1e:
bd:03:4b:e5:31:b9:84:27:54:bb:35:04:dc:0d:ed:
cd:19:85:c3:76:88:81:46:db:05:2e:50:d4:4e:fa:
70:b3:f7:33:6f:64:2c:52:2d:8a:d7:fd:72:d8:27:
86:36:46:0a:38:12:07:e0:c7:cc:74:27:2e:22:30:
9c:d5:f1:a1:21:f4:0a:6c:ec:c5:a8:de:f0:6d:73:
36:b0:6d:24:69:ae:48:0c:94:dd:41:e9:07:4c:cb:
70:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BC:31:D2:D1:56:1B:48:DA:34:7E:79:90:7D:C6:B5:3A:2E:EA:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A393A148F6B011EF9A15148D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.174.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:35:e6:47:5c:ed:69:79:a9:b3:d4:8a:62:97:34:3b:02:6f:
8f:d4:5f:02:83:4f:f1:bf:d3:dd:55:87:0d:94:cd:cc:3b:45:
d0:a2:0a:ca:61:f4:18:24:7d:b1:4b:62:f0:43:c8:c4:6d:b7:
a1:0e:ec:a8:f3:fa:06:d9:33:5b:42:ac:3e:86:29:d3:a3:20:
0e:27:fe:b0:5d:5e:bb:ce:9d:d8:ac:12:e9:c0:af:ad:2e:13:
9c:22:5f:83:39:d2:8e:d6:2f:6e:16:0b:50:c7:d3:47:5b:db:
ad:6d:8b:68:d2:bc:01:9d:a2:b0:3a:f9:c2:0f:77:9c:22:fb:
25:e3:73:0c:e6:a7:c3:5f:ee:60:31:d3:58:15:10:33:48:df:
77:a7:61:9a:f1:61:9a:2e:4e:4c:9e:ee:78:2e:45:5b:a3:56:
04:17:cb:cb:a6:3e:fb:d2:73:64:e2:40:c5:85:18:16:e5:32:
e2:0a:d5:16:e6:a0:34:c7:18:9c:3a:8c:0a:b5:3d:35:0a:60:
fa:56:10:6d:7b:39:00:00:e9:85:04:b8:f8:a5:d2:08:3d:c2:
f0:90:da:89:44:6b:28:a5:d6:92:72:c0:dd:88:e4:7d:4b:f5:
6d:9d:ed:1f:dd:57:40:93:98:1b:91:39:45:26:48:84:3e:4a:
a3:dd:8f:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW6eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTUxOTU1WhcNMjUwNDA1MTUxOTU1WjAYMRYw
FAYDVQQDEw02N2MzMjU5Zi0xYTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3EhwDy5733cEjnuew7zJMHh6aurIX+WFpQxtf9sUaYnKIItzEVyGRL2d
8zsHLO3m2R7b3LSLZUS/nmVw0z1t4m+l+Fk65VC6mvXFh6oQkFVidbnUxzQkdcVT
GBBgbr3Ws+1x9VUyDIvy2e8dBBG5RRACCYk0PoR+jC17uUgsj0qbgmib/XQe5LuT
CTXSEoVJzI8QclRDCx2BsvT/Xqfg6AZXeR69A0vlMbmEJ1S7NQTcDe3NGYXDdoiB
RtsFLlDUTvpws/czb2QsUi2K1/1y2CeGNkYKOBIH4MfMdCcuIjCc1fGhIfQKbOzF
qN7wbXM2sG0kaa5IDJTdQekHTMtwwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIq8
MdLRVhtI2jR+eZB9xrU6LurUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzkzQTE0OEY2QjAxMUVGOUExNTE0OEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms2uMA0GCSqGSIb3DQEB
CwUAA4IBAQBcNeZHXO1peamz1IpilzQ7Am+P1F8Cg0/xv9PdVYcNlM3MO0XQogrK
YfQYJH2xS2LwQ8jEbbehDuyo8/oG2TNbQqw+hinToyAOJ/6wXV67zp3YrBLpwK+t
LhOcIl+DOdKO1i9uFgtQx9NHW9utbYto0rwBnaKwOvnCD3ecIvsl43MM5qfDX+5g
MdNYFRAzSN93p2Ga8WGaLk5Mnu54LkVbo1YEF8vLpj770nNk4kDFhRgW5TLiCtUW
5qA0xxicOowKtT01CmD6VhBtezkAAOmFBLj4pdIIPcLwkNqJRGsopdaScsDdiOR9
S/Vtne0f3VdAk5gbkTlFJkiEPkqj3Y/W
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:18:45 2025 by rpki-client