Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF5D5302F1AA11EFA01A0568762E951A.roa
File: BF5D5302F1AA11EFA01A0568762E951A.roa (raw, json)
Hash identifier: VWi6MCMeLk3Qto8ZEJEwYWBkf7WRP4gNZwagtczNJ+0=
Subject key identifier: 03:FD:43:2C:4D:1D:00:B9:83:70:7E:14:89:5E:E1:5F:5F:9E:78:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015ACC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF5D5302F1AA11EFA01A0568762E951A.roa
Signing time: Sun 23 Feb 2025 05:55:13 +0000
ROA not before: Sun 23 Feb 2025 05:55:09 +0000
ROA not after: Wed 30 Apr 2025 05:55:09 +0000
asID: 46071
IP address blocks: 154.210.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88780 (0x15acc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 23 05:55:09 2025 GMT
Not After : Apr 30 05:55:09 2025 GMT
Subject: CN=67bab841-c7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fa:ac:6f:3e:7b:d0:8f:8a:ec:a8:13:d7:85:
91:98:07:33:83:9f:2c:2b:7b:20:c9:03:2c:e5:39:
11:35:ee:df:4f:a7:34:20:ab:4c:40:47:d6:e4:d0:
e2:51:d7:1a:8f:ed:3f:da:a5:8e:8e:00:1e:4c:1c:
f6:8a:18:0f:80:ef:21:d3:d1:20:4a:c6:b7:b8:38:
39:37:2e:c9:42:65:ce:72:75:2c:31:3a:f5:29:17:
eb:48:44:ca:a6:63:14:11:3d:17:e4:52:3b:8c:68:
42:b2:c0:95:98:94:88:23:3e:1b:ee:76:5e:ec:ec:
18:a1:ba:a7:fc:36:7e:46:70:0c:37:28:f8:b4:59:
6a:d0:fe:f8:bd:e9:58:7c:38:c0:5e:e5:e7:f6:1f:
d8:78:ce:a9:9a:7d:3a:09:5d:e1:f4:21:c2:29:b8:
02:cb:ea:33:24:1f:38:4f:ef:6e:3a:16:02:26:55:
fc:1f:a5:8d:75:d9:3a:0f:1b:4c:db:95:b9:ee:68:
d9:c1:77:b8:18:a3:cd:51:50:86:f9:00:e2:cb:d6:
72:62:4f:60:a6:b5:ad:d4:60:04:66:2e:74:e2:26:
94:9c:cb:34:e9:d7:c2:b1:12:7e:41:bc:c9:24:27:
30:e0:e3:21:3b:2c:40:52:3f:51:d6:77:66:9e:ff:
29:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FD:43:2C:4D:1D:00:B9:83:70:7E:14:89:5E:E1:5F:5F:9E:78:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF5D5302F1AA11EFA01A0568762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.203.0/24
Signature Algorithm: sha256WithRSAEncryption
48:cd:ea:64:39:d5:d4:f9:6f:4c:41:e2:10:3c:57:22:cf:08:
e3:f7:6d:bc:f2:34:89:00:80:75:4e:f1:a3:35:d9:34:d0:1a:
c6:69:f3:c5:03:1d:9d:3c:25:16:18:46:ec:a2:63:36:7f:d6:
94:56:0d:2a:04:cc:03:e5:29:73:75:ab:1b:6e:6c:fd:cb:a1:
20:14:45:7f:ea:61:bc:39:81:57:0b:54:56:a6:43:9a:99:12:
37:5a:ec:d2:48:59:86:00:3d:a8:fc:c3:e6:54:54:75:eb:e3:
f5:62:93:42:20:ea:23:ea:0b:ac:ce:b4:81:f6:e6:c9:c8:83:
3f:58:c7:c9:ff:d3:75:d4:54:17:47:27:1e:f3:70:63:6f:7e:
49:86:a7:68:cf:97:17:23:8e:63:78:21:5a:0b:fa:c8:75:1d:
59:0d:94:8d:8c:27:5b:d3:0d:6c:b6:eb:83:d2:2b:c4:9b:c9:
95:76:b6:02:e5:41:73:a6:06:07:9c:9a:41:7d:d7:5d:a6:6e:
04:70:0a:41:cd:b0:ee:e6:65:d3:c1:3c:a3:b6:e0:94:09:22:
b7:3f:46:54:1c:1d:ae:ca:a4:45:27:20:4e:5c:e2:6d:f1:f3:
7b:49:b7:2b:ed:4d:2f:63:cc:47:15:7a:37:97:2b:e8:f5:40:
06:c8:31:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVrMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIzMDU1NTA5WhcNMjUwNDMwMDU1NTA5WjAYMRYw
FAYDVQQDEw02N2JhYjg0MS1jN2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvPqsbz570I+K7KgT14WRmAczg58sK3sgyQMs5TkRNe7fT6c0IKtMQEfW
5NDiUdcaj+0/2qWOjgAeTBz2ihgPgO8h09EgSsa3uDg5Ny7JQmXOcnUsMTr1KRfr
SETKpmMUET0X5FI7jGhCssCVmJSIIz4b7nZe7OwYobqn/DZ+RnAMNyj4tFlq0P74
velYfDjAXuXn9h/YeM6pmn06CV3h9CHCKbgCy+ozJB84T+9uOhYCJlX8H6WNddk6
DxtM25W57mjZwXe4GKPNUVCG+QDiy9ZyYk9gprWt1GAEZi504iaUnMs06dfCsRJ+
QbzJJCcw4OMhOyxAUj9R1ndmnv8pjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAP9
QyxNHQC5g3B+FIle4V9fnnjRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjVENTMwMkYxQUExMUVGQTAxQTA1Njg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLLMA0GCSqGSIb3DQEB
CwUAA4IBAQBIzepkOdXU+W9MQeIQPFcizwjj92288jSJAIB1TvGjNdk00BrGafPF
Ax2dPCUWGEbsomM2f9aUVg0qBMwD5Slzdasbbmz9y6EgFEV/6mG8OYFXC1RWpkOa
mRI3WuzSSFmGAD2o/MPmVFR16+P1YpNCIOoj6guszrSB9ubJyIM/WMfJ/9N11FQX
Ryce83Bjb35Jhqdoz5cXI45jeCFaC/rIdR1ZDZSNjCdb0w1stuuD0ivEm8mVdrYC
5UFzpgYHnJpBfdddpm4EcApBzbDu5mXTwTyjtuCUCSK3P0ZUHB2uyqRFJyBOXOJt
8fN7Sbcr7U0vY8xHFXo3lyvo9UAGyDEI
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:54 2025 by rpki-client