Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7A672AA070411F0991DF79C762E951A.roa
File: B7A672AA070411F0991DF79C762E951A.roa (raw, json)
Hash identifier: q9hHKjPGdXbMHc8GzjJDIeSUbTB1kOcIsL8s4JP8K8c=
Subject key identifier: C0:94:A7:5B:A9:3C:16:14:8F:B6:CF:73:3A:0D:A7:79:12:E1:B8:D5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017584
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7A672AA070411F0991DF79C762E951A.roa
Signing time: Sat 22 Mar 2025 10:02:09 +0000
ROA not before: Sat 22 Mar 2025 10:02:05 +0000
ROA not after: Wed 30 Apr 2025 10:02:05 +0000
asID: 137899
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95620 (0x17584)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 22 10:02:05 2025 GMT
Not After : Apr 30 10:02:05 2025 GMT
Subject: CN=67de8aa1-1c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bf:cc:7a:64:8c:7a:71:9d:ce:1d:24:5f:ab:
b6:51:d5:8f:eb:d1:63:d5:06:07:ee:d7:ab:70:e2:
74:a9:73:83:80:cd:3e:62:09:0c:54:5e:37:cf:44:
bc:72:b0:4a:df:fb:ca:1d:48:33:13:9d:4a:19:fe:
7e:35:b2:2f:8b:92:5f:59:21:cb:c4:0d:39:fc:ad:
44:e9:7b:5e:bb:0f:06:c2:40:2b:c3:45:1f:7a:e7:
15:cb:a5:b1:bf:39:d2:c9:52:1b:b7:ba:9b:9e:74:
03:c3:05:ff:75:e4:a4:cd:08:c4:f0:cc:51:4b:2e:
fc:c4:80:b0:89:52:fa:1b:85:5c:fb:6d:42:7c:e5:
29:70:61:1d:d9:f9:23:20:4e:92:1a:80:c0:ed:ac:
4a:db:10:52:f9:7e:aa:ea:c4:18:87:d8:32:52:de:
88:f2:56:1b:2b:e3:94:63:5d:ac:59:70:69:d0:57:
68:bd:19:c9:ce:19:83:78:a8:7b:3c:ad:df:eb:04:
5f:f3:14:50:06:aa:14:b4:ac:a3:c4:bb:05:da:eb:
1d:dc:68:f0:b8:a1:de:d5:e5:27:ee:dc:72:61:39:
7a:bc:af:b8:6f:f1:4b:2d:66:55:bc:0e:82:5e:d0:
7b:ea:98:eb:02:3a:52:84:58:19:81:38:b2:f1:05:
78:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:94:A7:5B:A9:3C:16:14:8F:B6:CF:73:3A:0D:A7:79:12:E1:B8:D5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7A672AA070411F0991DF79C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
d6:a5:22:e1:b8:00:c4:05:50:48:fe:2f:fc:bf:6f:bd:10:ba:
12:0b:7f:70:33:95:36:ca:e1:2a:ee:a8:ae:42:d4:80:98:1d:
a0:42:39:38:78:a1:d5:76:f1:b7:41:0a:8c:02:bf:da:c2:4d:
b8:ef:4e:e4:6b:15:2e:75:b3:03:a8:5d:04:51:0a:36:1c:0f:
9b:3a:44:3b:44:d8:ef:c7:6c:f7:31:11:ec:78:69:58:b8:e5:
6f:bd:64:7a:e3:e9:d5:88:1a:f9:3d:cb:fd:d6:88:1a:71:82:
47:8a:0e:df:3d:76:bc:37:8c:46:11:a5:1c:9a:2a:b9:bb:b8:
36:3f:fb:4f:03:de:a1:38:d0:64:63:f6:50:cc:68:4c:fb:03:
fb:50:0c:75:a2:e8:60:df:2d:b6:72:83:19:ea:b3:3c:2b:ae:
08:f1:2d:03:13:f6:c3:74:65:50:6d:49:81:2a:96:c7:df:3c:
4d:e5:6e:e3:f8:df:bb:36:d8:fc:02:2f:81:79:b0:d1:7b:87:
06:2b:72:e3:aa:ac:f9:2b:1f:dd:7b:e0:85:6a:87:ba:48:87:
9f:e4:e7:9e:9d:28:60:42:0e:29:84:d8:60:a4:95:a2:a7:63:
c6:eb:c2:49:55:f2:f3:4d:b6:3a:61:f4:73:cf:e6:eb:e8:08:
d6:7b:ec:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXWEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIyMTAwMjA1WhcNMjUwNDMwMTAwMjA1WjAYMRYw
FAYDVQQDEw02N2RlOGFhMS0xYzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4L/MemSMenGdzh0kX6u2UdWP69Fj1QYH7tercOJ0qXODgM0+YgkMVF43
z0S8crBK3/vKHUgzE51KGf5+NbIvi5JfWSHLxA05/K1E6Xteuw8GwkArw0UfeucV
y6WxvznSyVIbt7qbnnQDwwX/deSkzQjE8MxRSy78xICwiVL6G4Vc+21CfOUpcGEd
2fkjIE6SGoDA7axK2xBS+X6q6sQYh9gyUt6I8lYbK+OUY12sWXBp0FdovRnJzhmD
eKh7PK3f6wRf8xRQBqoUtKyjxLsF2usd3GjwuKHe1eUn7txyYTl6vK+4b/FLLWZV
vA6CXtB76pjrAjpShFgZgTiy8QV4GwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMCU
p1upPBYUj7bPczoNp3kS4bjVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CN0E2NzJBQTA3MDQxMUYwOTkxREY3OUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQDWpSLhuADEBVBI/i/8v2+9ELoSC39wM5U2yuEq7qiuQtSAmB2gQjk4
eKHVdvG3QQqMAr/awk24707kaxUudbMDqF0EUQo2HA+bOkQ7RNjvx2z3MRHseGlY
uOVvvWR64+nViBr5Pcv91ogacYJHig7fPXa8N4xGEaUcmiq5u7g2P/tPA96hONBk
Y/ZQzGhM+wP7UAx1ouhg3y22coMZ6rM8K64I8S0DE/bDdGVQbUmBKpbH3zxN5W7j
+N+7Ntj8Ai+BebDRe4cGK3Ljqqz5Kx/de+CFaoe6SIef5OeenShgQg4phNhgpJWi
p2PG68JJVfLzTbY6YfRzz+br6AjWe+yg
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:21:12 2025 by rpki-client