Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABCB44A8F3FC11EFA88CC175762E951A.roa
File: ABCB44A8F3FC11EFA88CC175762E951A.roa (raw, json)
Hash identifier: c/6prC9TKe/MQg8vWIkcSWTaOK1p3WpMG3kxR1z8qe8=
Subject key identifier: 6F:BE:C2:48:FC:AD:1F:82:6B:7F:5E:1E:71:1D:20:0F:F9:26:7E:A2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0160E3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABCB44A8F3FC11EFA88CC175762E951A.roa
Signing time: Wed 26 Feb 2025 04:46:41 +0000
ROA not before: Wed 26 Feb 2025 04:46:37 +0000
ROA not after: Thu 19 Feb 2026 04:46:37 +0000
asID: 984
IP address blocks: 154.203.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90339 (0x160e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 04:46:37 2025 GMT
Not After : Feb 19 04:46:37 2026 GMT
Subject: CN=67be9cb1-104c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:16:b7:3c:05:73:76:dc:fc:54:8f:e2:7b:09:
36:5e:5c:b5:72:2a:8b:d9:3d:49:6d:74:ae:ba:c8:
16:65:74:ec:bd:51:b1:18:b7:10:ca:2b:a2:5d:29:
33:cf:9b:15:36:6c:ec:89:cc:d5:28:dd:fc:d7:3a:
35:33:4a:66:7e:95:42:97:2f:b4:9c:6c:c4:9b:58:
8d:b9:34:04:4f:97:f2:c4:9c:ab:81:ca:51:35:91:
39:e5:87:c6:66:90:d3:3f:33:d6:5e:63:c0:9b:e7:
16:0f:8f:c1:0b:b5:36:d8:9f:d8:5d:53:25:74:62:
4c:55:9a:7b:52:db:f4:a5:89:1f:03:3b:11:9c:3a:
d5:2f:24:3d:a4:f0:86:8f:aa:7d:9f:97:61:c3:06:
11:03:aa:19:93:4c:30:85:3c:98:22:1e:e8:87:28:
ca:13:6d:60:66:61:66:b6:37:68:0d:b5:88:e0:56:
39:c5:bd:e2:b2:47:6a:a8:29:58:26:f7:7b:99:ed:
13:9b:a7:76:91:45:6a:2c:73:5c:37:43:7b:e9:cd:
15:f2:0a:59:2c:c5:2e:84:23:f7:85:80:bc:5c:85:
d0:7e:1e:ef:ab:2b:ff:23:63:12:cd:19:54:52:11:
d4:1b:36:a5:57:5d:13:de:c5:86:16:04:f7:f3:f4:
25:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BE:C2:48:FC:AD:1F:82:6B:7F:5E:1E:71:1D:20:0F:F9:26:7E:A2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABCB44A8F3FC11EFA88CC175762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.241.0/24
Signature Algorithm: sha256WithRSAEncryption
92:0e:69:3f:08:13:8e:55:e5:98:f0:73:f8:6c:de:5f:53:8c:
c7:65:16:9d:e8:e7:96:6a:a4:90:03:01:e0:84:4e:88:56:2c:
42:a3:24:e8:63:e8:41:c7:fe:40:a0:a6:e1:d2:23:c9:04:78:
5c:5b:ba:c8:79:63:80:06:03:ef:58:22:b3:36:5d:d3:df:9e:
c4:3f:9c:c0:29:d9:55:62:12:5a:68:2b:43:88:f6:87:b5:4c:
76:9d:ea:61:e9:a5:59:84:01:2f:8d:db:63:f0:ef:5f:1f:8c:
e4:cf:70:52:d6:3d:b4:6b:36:dd:a3:e6:79:46:ef:6b:1d:84:
4a:5a:c1:ca:c8:47:a2:4c:b4:6c:da:88:e5:0c:b5:e7:ea:63:
01:99:1c:52:5f:62:d6:05:97:0f:a3:03:89:53:c2:2d:6b:c2:
00:a2:f5:e2:9a:25:f5:ef:26:71:f1:00:f7:12:60:e5:41:3c:
d9:61:91:39:2d:32:12:ac:87:54:89:71:92:4c:73:6e:9d:21:
03:28:d8:e1:6a:4a:f8:4f:da:f8:8d:1a:47:ec:d6:c4:d3:de:
2f:7f:30:3d:d9:e4:01:93:88:98:13:35:76:6d:42:92:68:65:
a8:51:af:4c:46:2c:13:93:fb:4e:25:db:eb:6a:2c:2a:fb:e5:
6b:8c:99:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWDjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDQ0NjM3WhcNMjYwMjE5MDQ0NjM3WjAYMRYw
FAYDVQQDEw02N2JlOWNiMS0xMDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzRa3PAVzdtz8VI/iewk2Xly1ciqL2T1JbXSuusgWZXTsvVGxGLcQyiui
XSkzz5sVNmzsiczVKN381zo1M0pmfpVCly+0nGzEm1iNuTQET5fyxJyrgcpRNZE5
5YfGZpDTPzPWXmPAm+cWD4/BC7U22J/YXVMldGJMVZp7Utv0pYkfAzsRnDrVLyQ9
pPCGj6p9n5dhwwYRA6oZk0wwhTyYIh7ohyjKE21gZmFmtjdoDbWI4FY5xb3iskdq
qClYJvd7me0Tm6d2kUVqLHNcN0N76c0V8gpZLMUuhCP3hYC8XIXQfh7vqyv/I2MS
zRlUUhHUGzalV10T3sWGFgT38/QlHQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG++
wkj8rR+Ca39eHnEdIA/5Jn6iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQkNCNDRBOEYzRkMxMUVGQTg4Q0MxNzU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsvxMA0GCSqGSIb3DQEB
CwUAA4IBAQCSDmk/CBOOVeWY8HP4bN5fU4zHZRad6OeWaqSQAwHghE6IVixCoyTo
Y+hBx/5AoKbh0iPJBHhcW7rIeWOABgPvWCKzNl3T357EP5zAKdlVYhJaaCtDiPaH
tUx2neph6aVZhAEvjdtj8O9fH4zkz3BS1j20azbdo+Z5Ru9rHYRKWsHKyEeiTLRs
2ojlDLXn6mMBmRxSX2LWBZcPowOJU8Ita8IAovXimiX17yZx8QD3EmDlQTzZYZE5
LTISrIdUiXGSTHNunSEDKNjhakr4T9r4jRpH7NbE094vfzA92eQBk4iYEzV2bUKS
aGWoUa9MRiwTk/tOJdvraiwq++VrjJm0
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:13:45 2025 by rpki-client