Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD43860A04CE11F0B28CADA2762E951A.roa
File: AD43860A04CE11F0B28CADA2762E951A.roa (raw, json)
Hash identifier: CmhmITtJdwWCWwrbzdtM53aR0SUOCcR03Kcb/ghlTSI=
Subject key identifier: F0:28:EA:18:1C:D2:4A:4A:7E:5A:0A:B7:FE:35:1F:66:27:61:80:89
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01752E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD43860A04CE11F0B28CADA2762E951A.roa
Signing time: Wed 19 Mar 2025 14:30:16 +0000
ROA not before: Wed 19 Mar 2025 14:30:13 +0000
ROA not after: Sat 19 Jul 2025 14:30:13 +0000
asID: 150698
IP address blocks: 154.196.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 14:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95534 (0x1752e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 19 14:30:13 2025 GMT
Not After : Jul 19 14:30:13 2025 GMT
Subject: CN=67dad4f8-0121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:2e:76:d5:06:91:f6:c8:e8:c4:64:55:d2:8a:
5d:70:72:62:c6:63:b8:c8:de:a2:4a:58:14:4f:c5:
77:24:60:e0:df:33:bc:dc:61:a0:4b:af:e0:5a:6d:
d1:8b:9e:89:5c:14:17:11:44:5d:e8:db:1d:8d:ae:
86:a7:71:c2:79:a9:0c:a1:a0:b9:3d:f5:56:90:93:
e9:32:a7:be:f3:d4:68:7b:45:bf:69:f3:92:df:6b:
13:35:9a:d2:e1:de:69:35:d9:4e:24:5f:f0:80:34:
5c:a7:63:7c:11:e8:e6:f8:2e:3f:de:23:6b:6b:a2:
79:0e:a0:c2:b3:64:91:02:c4:f4:92:e0:90:8d:2c:
8c:70:90:c5:4a:c3:0c:75:28:a7:56:29:e2:52:c1:
be:07:bf:3f:d0:62:66:c8:4c:eb:8a:1c:c2:e3:9f:
0b:38:3e:0d:06:1c:59:3c:c9:21:e3:1e:ef:a0:19:
40:44:55:69:06:c2:90:95:1e:8d:63:ba:d0:4d:4c:
be:a6:55:6e:3a:4b:bd:a0:b4:7a:db:0a:82:7b:7c:
75:94:34:37:d8:0e:54:25:35:3a:71:f6:a9:3b:52:
69:79:13:bd:0a:d5:77:4d:8b:75:64:56:1b:4f:b8:
96:02:7d:29:4a:a0:8c:56:e7:e9:c2:9f:8a:e1:bd:
20:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:28:EA:18:1C:D2:4A:4A:7E:5A:0A:B7:FE:35:1F:66:27:61:80:89
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD43860A04CE11F0B28CADA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.92.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:27:9a:1f:34:36:83:55:6d:4e:97:ae:74:19:13:68:a6:0c:
6c:04:d0:47:58:73:5a:34:53:90:09:00:ae:58:22:99:98:5e:
43:84:6d:a3:17:b8:0f:fc:3f:0f:bc:4a:26:94:90:8c:9a:91:
e4:21:57:b9:be:7b:b8:a0:5b:ad:63:32:de:0c:cd:d2:ed:68:
7a:6a:b4:c0:36:f3:39:73:4c:46:2e:d9:c2:71:a4:7f:d2:06:
e0:3c:e9:69:21:50:9b:cf:69:3d:ac:4b:3c:13:1c:c8:7b:85:
62:c2:de:d9:bd:c9:af:70:2f:f6:1d:2d:41:3e:50:af:82:77:
2b:b2:e9:e2:b3:37:20:38:4f:7c:4f:e2:29:29:86:99:b3:15:
c5:37:ad:1d:3d:63:42:15:66:1e:08:78:17:bf:0c:b4:ca:3d:
2f:03:67:05:f2:5e:d8:cb:ab:42:56:3c:2f:3a:d2:98:9e:ea:
f6:d9:4d:d5:6a:70:2b:28:86:75:19:04:f6:f2:50:12:5f:80:
c4:55:30:44:c9:43:b5:5b:eb:e0:d9:75:3b:e5:bc:97:e0:f1:
1e:d1:ce:33:a1:e1:8b:c4:ea:19:5e:33:23:cd:bb:af:45:22:
d0:77:a5:1c:65:b5:f8:31:37:4a:a5:00:4a:36:79:1f:20:93:
86:31:38:f7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXUuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE5MTQzMDEzWhcNMjUwNzE5MTQzMDEzWjAYMRYw
FAYDVQQDEw02N2RhZDRmOC0wMTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5C521QaR9sjoxGRV0opdcHJixmO4yN6iSlgUT8V3JGDg3zO83GGgS6/g
Wm3Ri56JXBQXEURd6Nsdja6Gp3HCeakMoaC5PfVWkJPpMqe+89Roe0W/afOS32sT
NZrS4d5pNdlOJF/wgDRcp2N8Eejm+C4/3iNra6J5DqDCs2SRAsT0kuCQjSyMcJDF
SsMMdSinViniUsG+B78/0GJmyEzrihzC458LOD4NBhxZPMkh4x7voBlARFVpBsKQ
lR6NY7rQTUy+plVuOku9oLR62wqCe3x1lDQ32A5UJTU6cfapO1JpeRO9CtV3TYt1
ZFYbT7iWAn0pSqCMVufpwp+K4b0gdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPAo
6hgc0kpKfloKt/41H2YnYYCJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRDQzODYwQTA0Q0UxMUYwQjI4Q0FEQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsRcMA0GCSqGSIb3DQEB
CwUAA4IBAQAdJ5ofNDaDVW1Ol650GRNopgxsBNBHWHNaNFOQCQCuWCKZmF5DhG2j
F7gP/D8PvEomlJCMmpHkIVe5vnu4oFutYzLeDM3S7Wh6arTANvM5c0xGLtnCcaR/
0gbgPOlpIVCbz2k9rEs8ExzIe4Viwt7ZvcmvcC/2HS1BPlCvgncrsuniszcgOE98
T+IpKYaZsxXFN60dPWNCFWYeCHgXvwy0yj0vA2cF8l7Yy6tCVjwvOtKYnur22U3V
anArKIZ1GQT28lASX4DEVTBEyUO1W+vg2XU75byX4PEe0c4zoeGLxOoZXjMjzbuv
RSLQd6UcZbX4MTdKpQBKNnkfIJOGMTj3
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:43:48 2025 by rpki-client