Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7CAC808FCCD11EF804DA470762E951A.roa
File: B7CAC808FCCD11EF804DA470762E951A.roa (raw, json)
Hash identifier: WRrQ1ED9kb551JoxxjvH/t4nM5xkQk953eoqA9nyQUE=
Subject key identifier: FA:3D:27:C7:8A:95:49:0C:08:B0:7B:16:91:19:96:FC:CA:F1:C1:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017310
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7CAC808FCCD11EF804DA470762E951A.roa
Signing time: Sun 09 Mar 2025 10:03:16 +0000
ROA not before: Sun 09 Mar 2025 10:03:11 +0000
ROA not after: Tue 15 Apr 2025 10:03:11 +0000
asID: 396356
IP address blocks: 154.93.8.0/21 maxlen: 24
154.95.48.0/22 maxlen: 24
154.95.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94992 (0x17310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 9 10:03:11 2025 GMT
Not After : Apr 15 10:03:11 2025 GMT
Subject: CN=67cd6763-cd2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c0:70:43:58:0b:9b:d9:81:18:d0:44:56:df:
33:cc:67:7d:4d:d5:34:b2:6c:61:4c:f2:59:9f:e4:
7f:ee:d8:39:fd:75:9c:c5:98:cb:7a:1a:b9:84:b1:
90:11:d0:9f:5f:f3:73:95:48:db:23:24:2f:2d:1f:
20:fc:40:f7:eb:33:f1:78:07:62:80:f2:e7:de:ae:
db:66:fa:74:27:dc:12:5e:70:5b:57:e3:f0:76:7c:
2e:39:82:c4:6f:62:1a:99:b1:cd:6e:ad:a8:46:dd:
70:53:2e:36:05:38:5c:bb:f7:fe:8f:68:39:31:3b:
bf:1f:e4:a8:38:33:6c:e5:9e:04:9e:eb:1b:e1:db:
82:10:97:54:38:99:da:80:5f:43:c7:02:4f:74:7a:
8d:25:44:22:b6:55:51:d3:b7:fb:ba:52:f2:89:09:
f4:12:1f:cd:26:f1:28:0b:e3:1b:4f:1d:e5:88:36:
b0:20:32:86:8b:43:cb:90:26:43:fd:13:c5:b7:db:
f6:9d:75:4b:c8:b9:0e:73:80:4f:5b:09:e1:99:a0:
df:13:1e:93:0a:f6:31:5e:75:77:64:64:f4:e6:f9:
e6:ab:95:0e:24:03:14:02:b4:3a:b2:bc:2a:8f:e9:
20:d6:bc:50:14:20:2d:c5:1d:2e:ba:f6:47:f9:77:
6c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3D:27:C7:8A:95:49:0C:08:B0:7B:16:91:19:96:FC:CA:F1:C1:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7CAC808FCCD11EF804DA470762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.8.0/21
154.95.48.0-154.95.52.255
Signature Algorithm: sha256WithRSAEncryption
9a:f6:8a:e4:68:48:86:ef:45:85:04:f5:11:49:bb:37:7d:b7:
d0:ae:bb:8b:97:50:22:cd:0a:f8:44:c2:e0:d9:2b:e5:02:53:
17:51:ca:f5:7f:8e:0c:b0:76:de:ec:93:55:3e:f8:12:00:92:
9d:7a:36:23:eb:53:d2:20:d4:05:02:fb:53:05:70:be:7d:3c:
79:3f:13:d0:fa:27:19:12:31:32:30:ad:09:fa:8f:7e:76:3a:
9a:95:bb:b5:c3:14:85:cf:d3:66:19:48:fd:e1:28:f2:d5:bf:
56:0b:14:8d:4b:82:0e:d0:81:45:3f:35:a3:44:dd:59:72:b9:
9e:c3:8a:f9:54:61:35:72:d0:5a:bc:f5:ca:8f:7d:7d:db:b3:
a3:1a:60:4c:52:0c:ef:ff:58:00:ae:9e:b7:92:e6:c4:dc:73:
d4:30:bc:ed:50:d8:f9:53:b9:79:8c:f9:af:c9:49:69:dc:93:
eb:59:23:12:0a:fc:f9:0d:82:24:fd:fa:5d:26:64:85:47:e4:
b9:3b:52:c7:9f:9c:50:b2:eb:c8:ec:d0:d3:dd:ca:a6:3a:69:
64:fa:3a:60:4d:39:28:9c:39:49:8f:29:77:52:ec:0c:51:f9:
14:71:82:48:6b:ea:08:de:2d:33:2c:ba:66:3e:4e:14:98:4e:
1d:d7:b8:f6
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXMQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA5MTAwMzExWhcNMjUwNDE1MTAwMzExWjAYMRYw
FAYDVQQDEw02N2NkNjc2My1jZDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1MBwQ1gLm9mBGNBEVt8zzGd9TdU0smxhTPJZn+R/7tg5/XWcxZjLehq5
hLGQEdCfX/NzlUjbIyQvLR8g/ED36zPxeAdigPLn3q7bZvp0J9wSXnBbV+Pwdnwu
OYLEb2IambHNbq2oRt1wUy42BThcu/f+j2g5MTu/H+SoODNs5Z4Enusb4duCEJdU
OJnagF9DxwJPdHqNJUQitlVR07f7ulLyiQn0Eh/NJvEoC+MbTx3liDawIDKGi0PL
kCZD/RPFt9v2nXVLyLkOc4BPWwnhmaDfEx6TCvYxXnV3ZGT05vnmq5UOJAMUArQ6
srwqj+kg1rxQFCAtxR0uuvZH+XdsbwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFPo9
J8eKlUkMCLB7FpEZlvzK8cGtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CN0NBQzgwOEZDQ0QxMUVGODA0REE0NzA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDml0IMAwDBASaXzADBACa
XzQwDQYJKoZIhvcNAQELBQADggEBAJr2iuRoSIbvRYUE9RFJuzd9t9Cuu4uXUCLN
CvhEwuDZK+UCUxdRyvV/jgywdt7sk1U++BIAkp16NiPrU9Ig1AUC+1MFcL59PHk/
E9D6JxkSMTIwrQn6j352OpqVu7XDFIXP02YZSP3hKPLVv1YLFI1Lgg7QgUU/NaNE
3VlyuZ7DivlUYTVy0Fq89cqPfX3bs6MaYExSDO//WACunreS5sTcc9QwvO1Q2PlT
uXmM+a/JSWnck+tZIxIK/PkNgiT9+l0mZIVH5Lk7UsefnFCy68js0NPdyqY6aWT6
OmBNOSicOUmPKXdS7AxR+RRxgkhr6gjeLTMsumY+ThSYTh3XuPY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:57:26 2025 by rpki-client