Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CC45ED52F3B911EFA988909F762E951A.roa
File: CC45ED52F3B911EFA988909F762E951A.roa (raw, json)
Hash identifier: Rmu0zGsGI4MLipNtYnmg3lLztO4zU5Oo5QlYWEbtbLY=
Subject key identifier: E3:63:9B:A4:9C:4A:9D:55:A0:17:C6:17:E8:80:94:29:4D:45:41:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015FFD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CC45ED52F3B911EFA988909F762E951A.roa
Signing time: Tue 25 Feb 2025 20:47:59 +0000
ROA not before: Tue 25 Feb 2025 20:47:56 +0000
ROA not after: Wed 09 Apr 2025 20:47:56 +0000
asID: 138915
IP address blocks: 154.95.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90109 (0x15ffd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 20:47:56 2025 GMT
Not After : Apr 9 20:47:56 2025 GMT
Subject: CN=67be2c7f-b4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6d:f1:fc:98:ce:75:14:8f:1f:3c:e9:75:35:
87:83:83:3c:96:b5:48:41:62:4d:73:53:6e:7c:a5:
1d:53:a6:af:34:d3:c3:ed:02:cc:eb:96:c1:73:cc:
49:1e:2b:c5:c0:ba:5e:3d:61:e8:26:b7:9b:46:53:
61:65:49:0a:85:a6:58:a0:89:4c:ee:a1:37:f5:f4:
5d:bc:cd:39:b4:7c:78:4b:89:22:52:9e:e8:f4:ed:
5e:7c:b1:24:49:2a:fb:e5:29:13:75:f8:c5:c7:49:
e2:b1:d4:20:ff:be:23:f7:95:73:e1:aa:5e:e5:b7:
bf:ee:cd:80:30:98:34:9d:34:b0:7c:0a:82:a5:45:
d2:1f:e7:b6:9a:a0:a6:d4:77:a0:bf:4e:b1:f0:53:
b2:3b:5d:c9:fc:3c:85:25:a8:60:9a:04:4c:03:6e:
64:2f:f1:32:29:76:68:0c:74:6a:4c:bd:e2:b6:50:
7a:c2:4e:e8:f4:41:f0:9f:e2:9f:2a:0e:22:ba:49:
d4:76:c8:c6:b4:10:33:f3:a0:77:e9:08:37:57:64:
2c:31:7d:59:66:52:e7:60:1a:b7:b0:ec:ff:19:8f:
72:ec:51:d2:fa:10:27:02:03:81:35:68:7f:64:15:
65:a1:4c:e0:87:b1:57:c5:94:d7:37:ca:0b:8e:ac:
c1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:63:9B:A4:9C:4A:9D:55:A0:17:C6:17:E8:80:94:29:4D:45:41:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CC45ED52F3B911EFA988909F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.69.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:86:ab:fe:0d:1e:6c:a5:5f:c9:f5:ca:de:c2:5a:55:2c:b6:
72:d6:4a:f4:94:6b:bc:c1:5c:92:e4:89:62:27:1f:e7:de:92:
e2:5b:8d:28:73:e9:05:5c:5f:f9:3e:3d:3a:ca:3d:c8:e6:50:
c8:89:38:df:4d:e8:30:25:62:fa:19:a6:cf:b3:dc:bf:b7:46:
20:6f:f4:09:0c:c8:42:96:78:c6:5e:11:3f:8c:ad:a2:dc:0e:
e0:90:5a:66:f9:d4:9b:3d:75:3b:d7:55:2f:ab:3c:55:8c:f0:
c4:0f:b8:72:8f:9d:c5:92:12:83:77:8d:f1:5a:70:3c:0e:2c:
cf:70:f5:bc:62:3d:62:50:12:19:c5:16:6e:66:0a:2a:1a:1f:
66:41:a8:91:73:14:1f:66:77:06:88:b3:59:4a:33:c8:8e:08:
b3:0b:cb:17:b0:4d:af:8a:7b:85:ea:1e:e2:41:84:f0:e0:16:
54:2a:bd:c7:41:f4:3e:f6:14:8e:f7:61:6f:00:c0:a3:c1:ff:
30:c0:f7:08:4d:b4:b2:b1:d3:96:dd:11:b1:b8:7b:9d:d5:d3:
5e:4f:60:ba:a5:e0:ce:b2:f2:d0:77:b3:d8:f0:76:43:0a:d7:
2f:7b:43:46:fd:e6:c1:88:e9:2b:42:47:c3:e8:08:d0:a4:fb:
2e:6f:11:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV/9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MjA0NzU2WhcNMjUwNDA5MjA0NzU2WjAYMRYw
FAYDVQQDEw02N2JlMmM3Zi1iNGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3G3x/JjOdRSPHzzpdTWHg4M8lrVIQWJNc1NufKUdU6avNNPD7QLM65bB
c8xJHivFwLpePWHoJrebRlNhZUkKhaZYoIlM7qE39fRdvM05tHx4S4kiUp7o9O1e
fLEkSSr75SkTdfjFx0nisdQg/74j95Vz4ape5be/7s2AMJg0nTSwfAqCpUXSH+e2
mqCm1Hegv06x8FOyO13J/DyFJahgmgRMA25kL/EyKXZoDHRqTL3itlB6wk7o9EHw
n+KfKg4iuknUdsjGtBAz86B36Qg3V2QsMX1ZZlLnYBq3sOz/GY9y7FHS+hAnAgOB
NWh/ZBVloUzgh7FXxZTXN8oLjqzBFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFONj
m6ScSp1VoBfGF+iAlClNRUFXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQzQ1RUQ1MkYzQjkxMUVGQTk4ODkwOUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml9FMA0GCSqGSIb3DQEB
CwUAA4IBAQAOhqv+DR5spV/J9crewlpVLLZy1kr0lGu8wVyS5IliJx/n3pLiW40o
c+kFXF/5Pj06yj3I5lDIiTjfTegwJWL6GabPs9y/t0Ygb/QJDMhClnjGXhE/jK2i
3A7gkFpm+dSbPXU711UvqzxVjPDED7hyj53FkhKDd43xWnA8DizPcPW8Yj1iUBIZ
xRZuZgoqGh9mQaiRcxQfZncGiLNZSjPIjgizC8sXsE2vinuF6h7iQYTw4BZUKr3H
QfQ+9hSO92FvAMCjwf8wwPcITbSysdOW3RGxuHud1dNeT2C6peDOsvLQd7PY8HZD
Ctcve0NG/ebBiOkrQkfD6AjQpPsubxGG
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:52:57 2025 by rpki-client