Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BACA8E300CD611F086BDDCB3762E951A.roa
File: BACA8E300CD611F086BDDCB3762E951A.roa (raw, json)
Hash identifier: u8+X+9090jfpaGL/Ac68pOjxIpluZ19kFShVnMghrtQ=
Subject key identifier: 85:E6:EB:CD:53:DC:14:6A:AD:86:C2:3E:59:04:90:38:29:CD:A9:2A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176EC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BACA8E300CD611F086BDDCB3762E951A.roa
Signing time: Sat 29 Mar 2025 19:48:04 +0000
ROA not before: Sat 29 Mar 2025 19:48:00 +0000
ROA not after: Thu 03 Jul 2025 19:48:00 +0000
asID: 174
IP address blocks: 154.194.216.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95980 (0x176ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 19:48:00 2025 GMT
Not After : Jul 3 19:48:00 2025 GMT
Subject: CN=67e84e74-63d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:5e:19:49:ca:8a:7f:ea:66:9b:73:27:2e:3e:
b7:8d:0b:2e:61:ad:a7:11:bb:7f:57:18:ac:0e:66:
52:81:87:02:6a:66:ab:f4:18:ff:ad:5c:43:0c:6c:
b8:bd:06:1e:93:2f:b6:2e:98:58:2a:c9:b3:36:45:
ce:38:98:77:c3:3a:f5:dd:b4:8e:42:9d:bd:db:c8:
63:c8:64:dc:71:b2:14:e2:f5:3f:29:00:fb:ad:85:
ff:ae:4b:d8:d6:9c:b2:92:b5:19:1a:d5:c2:3b:b4:
b1:2e:fd:d8:f7:d4:1b:41:5b:e4:12:bc:39:89:04:
10:c9:52:8b:9b:d3:dc:6a:57:c1:b4:61:2b:30:b6:
6b:1f:e8:5c:2b:44:eb:2c:57:e0:e7:10:69:05:59:
26:90:36:5d:6b:c2:7e:9c:5c:58:c2:3d:f4:01:f6:
3b:96:7f:4f:bb:6c:de:91:ad:b5:05:34:3d:10:eb:
2b:37:48:ae:43:95:13:d6:20:4a:a7:7a:0a:5b:a1:
72:85:e2:73:c4:aa:cf:95:59:18:33:15:1e:7d:a9:
94:21:72:49:c7:6c:07:58:d1:5b:2b:ed:2a:ea:09:
45:d7:7d:a1:c3:2c:2f:f2:5f:00:0c:72:1d:57:1c:
38:3b:d5:1c:76:55:05:dd:c6:af:46:14:24:2e:80:
16:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E6:EB:CD:53:DC:14:6A:AD:86:C2:3E:59:04:90:38:29:CD:A9:2A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BACA8E300CD611F086BDDCB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.216.0/21
Signature Algorithm: sha256WithRSAEncryption
d7:ed:4d:2d:1f:dd:c1:aa:4a:c3:66:78:3b:14:d6:d4:f7:c1:
71:b9:9b:c8:a0:c2:69:2d:9a:98:47:cf:20:32:a6:86:b0:62:
21:60:7e:1e:8b:32:78:0d:be:d3:b5:82:ea:5b:02:9c:04:25:
68:d3:d1:6c:5b:73:0d:e5:ae:4b:ba:f5:a7:03:45:cb:30:14:
b3:f8:ec:ff:43:ef:d1:e8:b1:30:84:30:ca:1b:9e:ac:35:75:
c9:3f:63:f4:5f:5e:e5:65:3d:54:fb:9a:b3:92:f1:88:62:04:
e9:86:c6:54:76:7c:e9:ce:17:71:44:e0:8b:f0:e8:7a:59:b5:
78:23:8d:3e:9b:1a:2d:9f:a3:fc:a7:97:90:58:6a:a3:b1:9f:
58:3f:0b:9a:37:5a:d7:56:27:21:f5:a4:dc:e7:6e:53:39:81:
24:73:bb:91:7b:09:0e:0a:4d:11:78:86:79:0e:96:58:e3:d8:
55:91:77:ac:8d:2c:b9:19:bc:5a:d0:b1:b1:9b:a6:5a:ca:cc:
ff:7a:47:21:45:98:c7:9c:85:ab:91:ba:ec:b8:9a:4a:f2:38:
98:77:19:27:69:e0:5e:dc:fe:ec:4b:78:6c:c8:fa:e3:b3:af:
44:81:d5:45:1b:f9:26:9f:8e:a7:eb:78:ff:d1:6c:7d:f8:2d:
9b:b7:a4:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXbsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTk0ODAwWhcNMjUwNzAzMTk0ODAwWjAYMRYw
FAYDVQQDEw02N2U4NGU3NC02M2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/F4ZScqKf+pmm3MnLj63jQsuYa2nEbt/VxisDmZSgYcCamar9Bj/rVxD
DGy4vQYeky+2LphYKsmzNkXOOJh3wzr13bSOQp2928hjyGTccbIU4vU/KQD7rYX/
rkvY1pyykrUZGtXCO7SxLv3Y99QbQVvkErw5iQQQyVKLm9PcalfBtGErMLZrH+hc
K0TrLFfg5xBpBVkmkDZda8J+nFxYwj30AfY7ln9Pu2zeka21BTQ9EOsrN0iuQ5UT
1iBKp3oKW6FyheJzxKrPlVkYMxUefamUIXJJx2wHWNFbK+0q6glF132hwywv8l8A
DHIdVxw4O9UcdlUF3cavRhQkLoAWfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIXm
681T3BRqrYbCPlkEkDgpzakqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQUNBOEUzMDBDRDYxMUYwODZCRERDQjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsLYMA0GCSqGSIb3DQEB
CwUAA4IBAQDX7U0tH93BqkrDZng7FNbU98FxuZvIoMJpLZqYR88gMqaGsGIhYH4e
izJ4Db7TtYLqWwKcBCVo09FsW3MN5a5LuvWnA0XLMBSz+Oz/Q+/R6LEwhDDKG56s
NXXJP2P0X17lZT1U+5qzkvGIYgTphsZUdnzpzhdxROCL8Oh6WbV4I40+mxotn6P8
p5eQWGqjsZ9YPwuaN1rXVich9aTc525TOYEkc7uRewkOCk0ReIZ5DpZY49hVkXes
jSy5Gbxa0LGxm6Zaysz/ekchRZjHnIWrkbrsuJpK8jiYdxknaeBe3P7sS3hsyPrj
s69EgdVFG/kmn46n63j/0Wx9+C2bt6Rq
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:00 2025 by rpki-client