Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7F0C490E24211EFAF08B66C762E951A.roa
File: B7F0C490E24211EFAF08B66C762E951A.roa (raw, json)
Hash identifier: l7QyyBqgaMi+epnIvI/DMKcnwCNVdba5Rawr6RCGv4g=
Subject key identifier: 17:BF:6F:B5:C1:6F:E8:F3:7D:75:25:FD:75:8B:1F:A7:86:0E:41:91
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015039
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7F0C490E24211EFAF08B66C762E951A.roa
Signing time: Mon 03 Feb 2025 15:22:45 +0000
ROA not before: Mon 03 Feb 2025 15:22:42 +0000
ROA not after: Wed 30 Apr 2025 15:22:42 +0000
asID: 150008
IP address blocks: 154.210.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86073 (0x15039)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 3 15:22:42 2025 GMT
Not After : Apr 30 15:22:42 2025 GMT
Subject: CN=67a0df45-a99b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:78:3f:d6:98:42:80:f0:1e:36:9e:65:15:f6:
a7:4a:8e:60:37:80:5c:e8:6d:bd:c3:42:d2:c9:1b:
73:cb:31:d1:df:a6:97:d4:13:cd:6d:f4:2d:2b:21:
98:da:cc:b1:2c:e2:39:c4:a1:54:91:a0:0b:8a:a2:
ce:f2:2e:88:54:01:ce:34:6a:a1:da:fb:e1:02:08:
48:74:f8:b6:c0:1a:24:b5:8a:6b:aa:ee:56:4c:fc:
a3:e2:61:b4:db:8c:8b:c6:80:4b:7d:1b:51:9f:fe:
a0:64:cf:c6:88:5c:75:90:23:92:c3:63:45:28:6a:
4c:40:8d:94:89:f4:2c:e3:00:5f:bb:2f:79:02:08:
22:c9:e9:f7:9d:cb:dc:41:2c:e3:eb:1b:ac:9b:51:
aa:2c:72:b7:4b:d3:4c:ed:b7:3a:43:75:6d:b6:75:
85:52:0b:3f:fe:7c:b1:29:04:43:bb:66:a3:ab:b3:
6e:23:6b:50:59:ed:ad:a1:1b:13:3e:1d:0b:98:83:
93:93:dd:ff:0c:de:94:a4:f4:af:be:73:9f:ce:29:
b2:47:e6:66:20:35:ec:a2:a5:52:2a:dc:e2:2e:cf:
b2:9f:b3:4a:cf:f9:91:a1:cb:0a:27:06:81:47:ae:
cb:0b:0d:42:25:94:52:c2:45:46:23:50:17:d7:d7:
31:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BF:6F:B5:C1:6F:E8:F3:7D:75:25:FD:75:8B:1F:A7:86:0E:41:91
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7F0C490E24211EFAF08B66C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.229.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:8c:52:5b:21:dc:56:c8:94:d2:01:05:21:b3:92:29:0a:59:
64:dd:36:d8:0c:00:f7:47:66:9b:ff:3d:ad:14:7f:1c:bc:d7:
02:72:56:28:64:d0:c7:cc:63:11:0c:3b:6d:ce:33:8a:cc:9f:
30:52:5e:77:7d:4c:e0:37:a9:4d:f9:30:96:4b:35:7d:d5:ab:
68:97:ac:de:ff:fd:67:e3:cd:2d:7e:e6:4f:0b:fd:69:4a:bd:
69:60:29:a3:d0:43:cc:de:00:5d:e5:d6:7f:da:d4:c1:f3:a9:
9c:c2:aa:46:e3:47:93:ba:e9:25:61:15:8c:2f:cd:44:76:22:
fc:3f:ea:ef:e0:0d:6c:d2:ed:3c:65:eb:07:12:e8:51:63:76:
a8:89:90:cf:94:da:51:30:ef:44:35:14:7e:17:71:a1:c7:5b:
1e:29:cc:83:5c:f8:0d:c6:e7:9c:8c:ee:47:7e:38:3b:db:cf:
aa:b3:6a:78:6d:7f:14:66:dd:44:28:1b:28:2a:90:73:2d:07:
5a:4e:4b:b3:d8:38:f4:46:36:c4:79:a6:13:d5:7a:fb:15:0f:
f2:13:fd:0f:74:53:ee:d5:92:42:d5:a7:a4:b8:3f:eb:f5:cf:
41:df:8e:f5:26:52:08:4c:15:a0:02:13:b9:18:0d:d0:82:c1:
5a:36:31:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVA5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjAzMTUyMjQyWhcNMjUwNDMwMTUyMjQyWjAYMRYw
FAYDVQQDEw02N2EwZGY0NS1hOTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzXg/1phCgPAeNp5lFfanSo5gN4Bc6G29w0LSyRtzyzHR36aX1BPNbfQt
KyGY2syxLOI5xKFUkaALiqLO8i6IVAHONGqh2vvhAghIdPi2wBoktYprqu5WTPyj
4mG024yLxoBLfRtRn/6gZM/GiFx1kCOSw2NFKGpMQI2UifQs4wBfuy95Aggiyen3
ncvcQSzj6xusm1GqLHK3S9NM7bc6Q3VttnWFUgs//nyxKQRDu2ajq7NuI2tQWe2t
oRsTPh0LmIOTk93/DN6UpPSvvnOfzimyR+ZmIDXsoqVSKtziLs+yn7NKz/mRocsK
JwaBR67LCw1CJZRSwkVGI1AX19cxRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBe/
b7XBb+jzfXUl/XWLH6eGDkGRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CN0YwQzQ5MEUyNDIxMUVGQUYwOEI2NkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLlMA0GCSqGSIb3DQEB
CwUAA4IBAQCtjFJbIdxWyJTSAQUhs5IpCllk3TbYDAD3R2ab/z2tFH8cvNcCclYo
ZNDHzGMRDDttzjOKzJ8wUl53fUzgN6lN+TCWSzV91atol6ze//1n480tfuZPC/1p
Sr1pYCmj0EPM3gBd5dZ/2tTB86mcwqpG40eTuuklYRWML81EdiL8P+rv4A1s0u08
ZesHEuhRY3aoiZDPlNpRMO9ENRR+F3Ghx1seKcyDXPgNxuecjO5Hfjg728+qs2p4
bX8UZt1EKBsoKpBzLQdaTkuz2Dj0RjbEeaYT1Xr7FQ/yE/0PdFPu1ZJC1aekuD/r
9c9B3471JlIITBWgAhO5GA3QgsFaNjE4
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:29 2025 by rpki-client