Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9B3CC6CF87011EF966B956C762E951A.roa
File: A9B3CC6CF87011EF966B956C762E951A.roa (raw, json)
Hash identifier: B4JIZPf9+VOxJOkSnMi0VgVwq9C6Ojz0mjcTA8svY+s=
Subject key identifier: 75:E3:CC:F1:30:D2:79:2E:71:F8:83:08:45:47:47:76:47:29:CE:90
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017141
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9B3CC6CF87011EF966B956C762E951A.roa
Signing time: Mon 03 Mar 2025 20:47:04 +0000
ROA not before: Mon 03 Mar 2025 20:47:00 +0000
ROA not after: Sat 05 Apr 2025 20:47:00 +0000
asID: 396073
IP address blocks: 154.198.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 20:47:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94529 (0x17141)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 3 20:47:00 2025 GMT
Not After : Apr 5 20:47:00 2025 GMT
Subject: CN=67c61548-df98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d4:7e:28:e2:ec:61:5f:6e:e4:5a:c8:8e:ad:
0a:aa:15:7f:c5:fb:26:70:56:56:35:e0:00:aa:c8:
71:d7:78:12:be:24:2a:40:bc:3f:4d:9c:f7:86:12:
6a:e9:17:40:8c:df:58:f8:f3:98:10:ee:a8:38:5d:
69:5a:47:80:ed:90:75:dc:3e:db:62:2b:9b:52:12:
12:d5:d9:68:69:eb:03:4a:63:97:21:cb:d8:fe:64:
07:a4:2b:7e:2c:a4:ee:a6:69:4c:0f:90:43:10:a9:
4c:94:ef:7f:b8:a4:63:23:df:72:e0:3f:55:63:c0:
54:ff:de:10:04:d6:39:db:1d:95:5f:f1:6d:fa:36:
8a:d1:2a:5c:52:a0:dd:c6:64:2a:c4:35:c0:f4:e0:
af:41:1b:6e:6e:d1:70:21:51:90:80:67:d1:e8:fe:
2c:0f:e1:d2:0f:c8:e8:aa:4f:01:df:e6:45:57:78:
91:39:f8:c1:94:86:f6:da:29:a4:ff:0b:a8:ee:02:
b0:61:d3:b1:9f:bd:26:22:d3:4c:6b:c4:2a:70:22:
e3:9f:d2:5f:87:9b:4f:89:31:8f:6c:d3:06:be:a7:
66:78:89:22:0a:00:de:3d:91:c7:69:a7:4d:28:e6:
68:1e:8e:db:91:81:04:50:88:1a:83:df:8e:e6:b9:
1f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E3:CC:F1:30:D2:79:2E:71:F8:83:08:45:47:47:76:47:29:CE:90
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9B3CC6CF87011EF966B956C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.12.0/24
Signature Algorithm: sha256WithRSAEncryption
45:51:cc:ee:b6:a9:67:6e:35:2a:fc:59:7d:d1:f3:1e:65:1b:
76:21:f2:e5:90:a1:60:4b:b7:a1:f8:cc:16:1f:da:fc:33:53:
5a:b1:53:38:fb:b4:f6:3b:24:63:e4:ee:b5:5b:ba:72:4e:3e:
1d:33:0b:e4:65:7c:7c:b2:4c:37:8e:34:68:df:5d:6a:3d:e6:
86:65:39:7d:09:4e:b9:25:2c:8f:d6:17:9b:fc:0d:9b:8b:c9:
57:dd:28:48:1a:87:50:42:0a:b0:72:38:46:79:0a:c7:67:40:
2c:0d:07:7a:92:aa:0d:65:9f:30:77:3c:e0:9a:9a:d9:27:37:
f9:67:ac:a8:78:4d:7f:13:aa:f6:2e:40:4c:b0:2d:36:7d:ac:
8e:de:4f:5a:89:cb:8c:77:66:25:5a:af:c1:51:c2:c8:d0:88:
6c:79:11:c2:8c:fe:a5:bf:0b:c0:75:07:6f:68:c5:6e:cf:83:
d3:e2:d8:0d:d7:dd:33:be:9c:f0:e4:8e:95:2d:a2:8b:a5:79:
62:36:cb:82:13:c1:98:39:f7:b0:aa:fc:20:1c:82:b1:65:a9:
0c:9c:b3:a7:79:31:d6:28:3a:be:c0:64:6e:ba:a5:0e:20:89:
1b:14:9d:fb:3e:8d:b7:5e:d0:ca:b6:6b:21:a6:34:28:4e:a6:
ff:fe:26:aa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXFBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMjA0NzAwWhcNMjUwNDA1MjA0NzAwWjAYMRYw
FAYDVQQDEw02N2M2MTU0OC1kZjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5dR+KOLsYV9u5FrIjq0KqhV/xfsmcFZWNeAAqshx13gSviQqQLw/TZz3
hhJq6RdAjN9Y+POYEO6oOF1pWkeA7ZB13D7bYiubUhIS1dloaesDSmOXIcvY/mQH
pCt+LKTupmlMD5BDEKlMlO9/uKRjI99y4D9VY8BU/94QBNY52x2VX/Ft+jaK0Spc
UqDdxmQqxDXA9OCvQRtubtFwIVGQgGfR6P4sD+HSD8joqk8B3+ZFV3iROfjBlIb2
2imk/wuo7gKwYdOxn70mItNMa8QqcCLjn9Jfh5tPiTGPbNMGvqdmeIkiCgDePZHH
aadNKOZoHo7bkYEEUIgag9+O5rkfpQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHXj
zPEw0nkucfiDCEVHR3ZHKc6QMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOUIzQ0M2Q0Y4NzAxMUVGOTY2Qjk1NkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYMMA0GCSqGSIb3DQEB
CwUAA4IBAQBFUczutqlnbjUq/Fl90fMeZRt2IfLlkKFgS7eh+MwWH9r8M1NasVM4
+7T2OyRj5O61W7pyTj4dMwvkZXx8skw3jjRo311qPeaGZTl9CU65JSyP1heb/A2b
i8lX3ShIGodQQgqwcjhGeQrHZ0AsDQd6kqoNZZ8wdzzgmprZJzf5Z6yoeE1/E6r2
LkBMsC02fayO3k9aicuMd2YlWq/BUcLI0IhseRHCjP6lvwvAdQdvaMVuz4PT4tgN
190zvpzw5I6VLaKLpXliNsuCE8GYOfewqvwgHIKxZakMnLOneTHWKDq+wGRuuqUO
IIkbFJ37Po23XtDKtmshpjQoTqb//iaq
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:20:51 2025 by rpki-client