Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4B53F96F2C811EFA5A707BB762E951A.roa
File: A4B53F96F2C811EFA5A707BB762E951A.roa (raw, json)
Hash identifier: lwz6yFf1aB8gdTjBK432Zhda75o7R9uSH0fUR7qBLIE=
Subject key identifier: 60:34:4E:3D:8C:33:45:0F:99:76:EB:B9:18:BE:F7:07:58:22:FA:D3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015C4E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4B53F96F2C811EFA5A707BB762E951A.roa
Signing time: Mon 24 Feb 2025 16:01:44 +0000
ROA not before: Mon 24 Feb 2025 16:01:41 +0000
ROA not after: Mon 24 Mar 2025 16:01:41 +0000
asID: 25160
IP address blocks: 154.81.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89166 (0x15c4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 24 16:01:41 2025 GMT
Not After : Mar 24 16:01:41 2025 GMT
Subject: CN=67bc97e8-7841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:4d:c6:01:6e:a7:f4:83:06:74:47:2e:5c:9a:
96:58:63:43:0e:f0:69:e5:42:dc:a5:48:bd:d0:45:
0d:50:09:cb:e1:8c:7d:11:fa:c7:de:dd:5e:34:3d:
e0:4f:12:fe:3a:30:8a:89:52:00:41:2b:8b:7d:c6:
c2:47:39:5f:c8:f3:f6:38:a2:1d:7f:55:eb:da:6d:
7a:a6:26:4c:3e:dc:43:3f:d2:f7:c5:7e:e9:bc:11:
57:41:5d:26:82:df:63:3f:e4:95:b5:d4:78:e9:ca:
48:16:fa:8d:80:27:f2:5c:11:5f:2a:b5:be:aa:53:
81:fa:ad:96:f8:b0:49:26:e7:03:7a:08:80:9d:17:
11:3f:96:00:86:32:dc:cc:1e:5e:99:35:21:8b:97:
bf:33:2c:36:2b:01:ab:42:97:bb:08:8c:4a:81:8f:
75:72:9d:6e:ca:6a:46:bd:8c:8c:94:9c:6b:74:8a:
3a:3d:51:72:09:5b:de:c4:cf:35:93:81:d3:3d:05:
63:63:52:03:9f:63:25:e2:70:f6:b3:42:ac:49:21:
fe:55:46:46:98:31:95:76:5c:39:28:82:32:9a:8c:
15:14:f1:aa:1b:82:e8:88:60:e7:40:11:1a:82:cc:
30:88:f2:e0:7c:a1:9f:af:9f:3a:f5:df:60:e2:c9:
72:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:34:4E:3D:8C:33:45:0F:99:76:EB:B9:18:BE:F7:07:58:22:FA:D3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4B53F96F2C811EFA5A707BB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.50.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:da:fd:c9:45:a7:95:c8:89:8c:19:ce:6c:4b:17:ba:0c:9f:
7b:b6:9d:e9:fe:87:51:db:d8:60:3f:51:91:a9:c9:e3:50:04:
44:9f:47:d0:43:b4:bb:fc:7e:26:57:cc:d8:85:55:d9:0a:7c:
ed:2c:11:79:12:7b:52:d0:d5:8f:4b:26:9d:89:2f:ed:90:54:
21:fd:a5:25:b2:08:7b:3c:86:90:bf:b5:5d:4d:ac:16:96:ea:
f1:b5:44:5c:e9:33:47:c9:ab:bf:41:b0:40:21:c4:c5:4a:e4:
ac:09:97:c6:40:ed:dd:3b:b7:ad:a1:01:7e:dd:c3:29:54:91:
00:09:c1:47:8a:58:e3:a9:3c:a4:5a:a3:d5:49:cf:57:18:99:
4f:f5:7a:b6:5a:2a:bf:73:8c:1f:f7:17:93:08:b6:3d:a2:e6:
36:46:8f:00:f9:a4:64:4f:a2:4a:41:9b:90:5d:bb:e4:27:f2:
89:67:51:68:f5:41:14:5b:c1:2f:25:fc:10:ba:8c:3c:6b:ec:
a2:f7:14:5e:e4:b1:43:ed:1c:c4:a9:76:18:59:ce:41:67:22:
c0:ba:7b:a9:8d:02:9f:34:2f:b8:d6:bd:28:ef:b1:38:f0:07:
a7:a8:df:5d:df:3e:fd:9d:8a:8e:3c:be:12:48:81:f5:36:bd:
9c:a3:1a:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVxOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTYwMTQxWhcNMjUwMzI0MTYwMTQxWjAYMRYw
FAYDVQQDEw02N2JjOTdlOC03ODQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA703GAW6n9IMGdEcuXJqWWGNDDvBp5ULcpUi90EUNUAnL4Yx9EfrH3t1e
ND3gTxL+OjCKiVIAQSuLfcbCRzlfyPP2OKIdf1Xr2m16piZMPtxDP9L3xX7pvBFX
QV0mgt9jP+SVtdR46cpIFvqNgCfyXBFfKrW+qlOB+q2W+LBJJucDegiAnRcRP5YA
hjLczB5emTUhi5e/Myw2KwGrQpe7CIxKgY91cp1uympGvYyMlJxrdIo6PVFyCVve
xM81k4HTPQVjY1IDn2Ml4nD2s0KsSSH+VUZGmDGVdlw5KIIymowVFPGqG4LoiGDn
QBEagswwiPLgfKGfr5869d9g4slyLwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGA0
Tj2MM0UPmXbruRi+9wdYIvrTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNEI1M0Y5NkYyQzgxMUVGQTVBNzA3QkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlEyMA0GCSqGSIb3DQEB
CwUAA4IBAQCa2v3JRaeVyImMGc5sSxe6DJ97tp3p/odR29hgP1GRqcnjUAREn0fQ
Q7S7/H4mV8zYhVXZCnztLBF5EntS0NWPSyadiS/tkFQh/aUlsgh7PIaQv7VdTawW
lurxtURc6TNHyau/QbBAIcTFSuSsCZfGQO3dO7etoQF+3cMpVJEACcFHiljjqTyk
WqPVSc9XGJlP9Xq2Wiq/c4wf9xeTCLY9ouY2Ro8A+aRkT6JKQZuQXbvkJ/KJZ1Fo
9UEUW8EvJfwQuow8a+yi9xRe5LFD7RzEqXYYWc5BZyLAunupjQKfNC+41r0o77E4
8AenqN9d3z79nYqOPL4SSIH1Nr2coxqG
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:14:30 2025 by rpki-client