Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD3CD414041411F0B1898F94762E951A.roa
File: AD3CD414041411F0B1898F94762E951A.roa (raw, json)
Hash identifier: 04a0GOl1aN5dUeW5ByLs7GIvh0dF9mM64ueZhbsRhvc=
Subject key identifier: 33:C4:23:B9:E8:31:F2:2D:5E:F9:F7:F8:1E:AE:2D:00:28:CB:64:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0174C6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD3CD414041411F0B1898F94762E951A.roa
Signing time: Tue 18 Mar 2025 16:18:50 +0000
ROA not before: Tue 18 Mar 2025 16:18:46 +0000
ROA not after: Wed 16 Apr 2025 16:18:46 +0000
asID: 141167
IP address blocks: 154.212.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95430 (0x174c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 18 16:18:46 2025 GMT
Not After : Apr 16 16:18:46 2025 GMT
Subject: CN=67d99cea-1d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cd:12:ab:0e:79:1f:bc:65:ae:74:39:28:8e:
e5:27:03:09:98:1f:85:b0:87:d1:d6:75:e6:a2:a5:
53:5a:e8:f5:eb:4e:09:4c:82:8a:e4:1a:85:5f:3e:
ff:9a:45:14:f5:a1:24:b6:22:c8:18:19:ed:92:7b:
8c:00:49:0f:c9:ec:ad:b1:b1:d4:cd:cd:3a:ea:a5:
f7:b0:55:1f:1b:8a:cf:dc:34:a4:a3:28:7b:ca:2b:
70:e5:39:6d:5b:de:a4:a0:3a:e0:c0:65:69:a4:c1:
95:5c:cf:f3:9e:3d:e8:ea:6f:99:f0:0d:0e:64:91:
62:14:9d:19:b7:c1:d2:f9:da:c4:d1:d1:1b:c3:5e:
36:2b:d5:4e:36:ea:90:3b:f7:82:85:bd:d5:8a:84:
30:9d:69:ad:10:3d:5f:f7:4d:a0:49:3b:ec:48:e5:
62:2a:71:c8:17:dc:41:5b:b6:f8:4e:ca:e5:72:1c:
47:3c:27:17:22:60:f4:a2:20:f4:f9:cf:4f:48:79:
79:5a:a9:d4:cb:77:89:37:39:b4:1b:3b:70:1a:66:
3f:3f:35:65:d5:32:b5:49:f1:92:2f:40:58:39:92:
75:0f:2f:c7:93:e9:37:70:ce:0d:d9:68:59:96:00:
a4:e7:5a:af:dc:56:8a:da:17:ae:75:18:a0:09:3d:
c2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C4:23:B9:E8:31:F2:2D:5E:F9:F7:F8:1E:AE:2D:00:28:CB:64:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD3CD414041411F0B1898F94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.140.0/23
Signature Algorithm: sha256WithRSAEncryption
72:c3:db:0d:21:0d:27:fd:e2:5c:bc:8d:0f:57:8c:64:95:d0:
6d:3c:ba:36:9b:13:0f:36:25:cb:9b:00:66:cd:a3:8f:38:fc:
34:0f:17:c9:49:42:bd:ea:4d:b0:5f:d0:db:8f:99:45:13:b3:
4a:69:ff:5a:91:a7:c0:07:00:39:5b:6c:ed:57:14:ef:5b:2e:
07:f2:9b:af:76:92:a4:75:c2:f8:03:62:c9:60:eb:e2:70:f8:
49:35:0d:a2:2c:ac:23:03:d7:d4:3f:fb:a2:79:cf:99:67:fd:
88:28:55:23:69:c1:d0:03:6d:6a:4a:2d:df:fb:bc:54:20:da:
4a:b2:15:92:a1:dd:f8:1e:7f:06:3a:34:87:3b:a5:0c:a8:b1:
21:df:a1:c7:c5:4d:68:6f:f0:cb:23:c6:3d:59:5e:3e:04:97:
f0:55:31:3e:53:23:5a:de:26:32:8a:92:23:47:34:6c:d9:0a:
d6:1c:22:5f:7d:f3:ee:5a:51:6f:00:09:ee:49:35:d1:9f:4e:
16:b1:79:e6:cc:27:9c:ae:04:2b:89:39:ea:ba:4c:07:c3:77:
69:63:ea:7b:2c:46:5d:56:d8:c1:23:bb:42:1c:a5:ab:e8:83:
c8:2d:24:a6:2e:c9:89:a4:8b:e9:4b:01:94:db:ad:18:0e:a7:
b3:0c:bf:39
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXTGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE4MTYxODQ2WhcNMjUwNDE2MTYxODQ2WjAYMRYw
FAYDVQQDEw02N2Q5OWNlYS0xZDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArM0Sqw55H7xlrnQ5KI7lJwMJmB+FsIfR1nXmoqVTWuj1604JTIKK5BqF
Xz7/mkUU9aEktiLIGBntknuMAEkPyeytsbHUzc066qX3sFUfG4rP3DSkoyh7yitw
5TltW96koDrgwGVppMGVXM/znj3o6m+Z8A0OZJFiFJ0Zt8HS+drE0dEbw142K9VO
NuqQO/eChb3VioQwnWmtED1f902gSTvsSOViKnHIF9xBW7b4TsrlchxHPCcXImD0
oiD0+c9PSHl5WqnUy3eJNzm0GztwGmY/PzVl1TK1SfGSL0BYOZJ1Dy/Hk+k3cM4N
2WhZlgCk51qv3FaK2heudRigCT3COwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDPE
I7noMfItXvn3+B6uLQAoy2RWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRDNDRDQxNDA0MTQxMUYwQjE4OThGOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtSMMA0GCSqGSIb3DQEB
CwUAA4IBAQByw9sNIQ0n/eJcvI0PV4xkldBtPLo2mxMPNiXLmwBmzaOPOPw0DxfJ
SUK96k2wX9Dbj5lFE7NKaf9akafABwA5W2ztVxTvWy4H8puvdpKkdcL4A2LJYOvi
cPhJNQ2iLKwjA9fUP/uiec+ZZ/2IKFUjacHQA21qSi3f+7xUINpKshWSod34Hn8G
OjSHO6UMqLEh36HHxU1ob/DLI8Y9WV4+BJfwVTE+UyNa3iYyipIjRzRs2QrWHCJf
ffPuWlFvAAnuSTXRn04WsXnmzCecrgQriTnqukwHw3dpY+p7LEZdVtjBI7tCHKWr
6IPILSSmLsmJpIvpSwGU260YDqezDL85
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:55 2025 by rpki-client