Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ADE921D2ED1311EF96847F95762E951A.roa
File: ADE921D2ED1311EF96847F95762E951A.roa (raw, json)
Hash identifier: QedBqCONvpvZmLz4ylXwxAjOpv6nsJSLe8T00Cb8MTc=
Subject key identifier: 80:32:1F:7F:64:DC:E6:D4:F0:F5:BC:D1:0B:52:B1:67:82:44:72:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0157EA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ADE921D2ED1311EF96847F95762E951A.roa
Signing time: Mon 17 Feb 2025 09:43:45 +0000
ROA not before: Mon 17 Feb 2025 09:43:41 +0000
ROA not after: Sat 23 Aug 2025 09:43:41 +0000
asID: 152920
IP address blocks: 154.208.172.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88042 (0x157ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 17 09:43:41 2025 GMT
Not After : Aug 23 09:43:41 2025 GMT
Subject: CN=67b304d1-6c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9b:b4:cc:bf:3e:34:73:7b:84:6b:35:f6:1a:
64:09:b2:99:86:eb:4f:8d:69:ef:e9:68:67:0c:9f:
c3:21:3e:52:73:e3:f9:fd:df:bb:76:78:28:53:b9:
61:0e:ad:64:eb:e1:43:a7:05:f0:18:86:56:d0:63:
e6:06:28:ea:aa:63:a3:40:73:7d:6f:90:8b:69:25:
ef:3b:2c:8a:8f:ac:63:a8:d4:aa:e7:4f:28:1c:ee:
d0:3b:36:6d:6f:6c:83:05:a1:13:93:58:c8:83:b0:
0b:f1:57:55:e2:98:c6:81:29:cf:18:6e:21:07:e2:
d4:eb:a7:de:c7:91:f1:c8:b6:eb:6c:63:84:d2:0b:
5f:c4:b4:97:53:90:4c:ef:82:3a:2e:de:fc:42:ac:
da:f6:13:03:bd:c8:0b:35:35:d5:76:ef:53:84:c0:
9e:05:45:1a:96:ac:73:b0:8e:48:3e:5c:8b:df:e8:
1a:0e:a2:06:f6:c8:13:62:7d:54:90:4a:d2:9a:83:
df:e1:6a:7d:ad:a0:db:0b:22:96:3c:8e:a5:05:e4:
e5:6f:63:2a:38:b3:84:6e:78:f2:8d:9d:bc:aa:cb:
16:e2:a7:e1:63:2b:37:d8:a1:eb:cc:4d:38:3e:ac:
5e:b8:c9:56:2d:15:6a:00:83:5a:07:1a:ee:75:70:
25:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:32:1F:7F:64:DC:E6:D4:F0:F5:BC:D1:0B:52:B1:67:82:44:72:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ADE921D2ED1311EF96847F95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.172.0/23
Signature Algorithm: sha256WithRSAEncryption
53:cd:65:24:90:70:b3:a1:d9:eb:3a:53:5c:fa:5a:5b:28:c1:
1f:f1:cc:5b:7a:f9:47:e4:a6:7a:06:ea:09:93:c2:4e:e9:ce:
ec:a0:62:e5:6e:d4:6b:e8:d6:3a:a3:83:88:68:f0:80:a2:da:
5a:6a:d7:97:8a:34:2c:28:9f:11:52:90:de:a4:c6:31:be:c5:
3a:71:66:aa:89:d0:77:b0:67:9d:b8:7b:6a:a1:06:0e:ec:38:
d9:70:8b:59:4f:e2:e6:84:5e:21:e0:c2:f4:83:c8:8e:b6:60:
dd:5d:33:7e:b3:a4:4a:9c:d2:cc:df:89:00:87:34:79:09:17:
59:bc:38:54:c6:b5:92:31:ec:84:0c:be:47:32:39:26:99:e4:
56:f9:24:07:e3:73:ee:f7:78:e5:5d:4a:91:2f:ba:bc:ee:8a:
65:e6:25:f0:f4:02:82:99:52:65:93:76:36:38:cd:c9:16:64:
b9:82:15:f3:b2:2e:35:8e:4a:49:87:76:39:6d:6e:bc:29:62:
9e:bf:94:55:c5:c6:94:28:53:d0:d3:d2:7e:18:e4:79:cb:6b:
16:99:25:e9:64:d2:98:a8:4e:98:5a:62:8b:2b:11:95:ab:96:
34:51:cd:a9:65:0e:c4:fb:df:f7:04:15:dd:cb:85:a8:9e:7e:
be:bf:45:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVfqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjE3MDk0MzQxWhcNMjUwODIzMDk0MzQxWjAYMRYw
FAYDVQQDEw02N2IzMDRkMS02YzUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo5u0zL8+NHN7hGs19hpkCbKZhutPjWnv6WhnDJ/DIT5Sc+P5/d+7dngo
U7lhDq1k6+FDpwXwGIZW0GPmBijqqmOjQHN9b5CLaSXvOyyKj6xjqNSq508oHO7Q
OzZtb2yDBaETk1jIg7AL8VdV4pjGgSnPGG4hB+LU66fex5HxyLbrbGOE0gtfxLSX
U5BM74I6Lt78Qqza9hMDvcgLNTXVdu9ThMCeBUUalqxzsI5IPlyL3+gaDqIG9sgT
Yn1UkErSmoPf4Wp9raDbCyKWPI6lBeTlb2MqOLOEbnjyjZ28qssW4qfhYys32KHr
zE04PqxeuMlWLRVqAINaBxrudXAltwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIAy
H39k3ObU8PW80QtSsWeCRHIYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BREU5MjFEMkVEMTMxMUVGOTY4NDdGOTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtCsMA0GCSqGSIb3DQEB
CwUAA4IBAQBTzWUkkHCzodnrOlNc+lpbKMEf8cxbevlH5KZ6BuoJk8JO6c7soGLl
btRr6NY6o4OIaPCAotpaateXijQsKJ8RUpDepMYxvsU6cWaqidB3sGeduHtqoQYO
7DjZcItZT+LmhF4h4ML0g8iOtmDdXTN+s6RKnNLM34kAhzR5CRdZvDhUxrWSMeyE
DL5HMjkmmeRW+SQH43Pu93jlXUqRL7q87opl5iXw9AKCmVJlk3Y2OM3JFmS5ghXz
si41jkpJh3Y5bW68KWKev5RVxcaUKFPQ09J+GOR5y2sWmSXpZNKYqE6YWmKLKxGV
q5Y0Uc2pZQ7E+9/3BBXdy4Wonn6+v0Us
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:16:51 2025 by rpki-client