Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDA42F50F58611EFB1A5D99E762E951A.roa
File: CDA42F50F58611EFB1A5D99E762E951A.roa (raw, json)
Hash identifier: 4qrkT7oTmmVDqND16klZ3HKOhY3lad88ZIhxl3S/c9c=
Subject key identifier: 66:E3:91:B0:C4:12:5E:DF:E5:9B:15:DA:F8:B9:7E:C5:C9:CB:8C:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0169B9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDA42F50F58611EFB1A5D99E762E951A.roa
Signing time: Fri 28 Feb 2025 03:48:00 +0000
ROA not before: Fri 28 Feb 2025 03:47:56 +0000
ROA not after: Thu 19 Feb 2026 03:47:56 +0000
asID: 984
IP address blocks: 154.204.99.0/24 maxlen: 24
154.204.108.0/24 maxlen: 24
154.204.115.0/24 maxlen: 24
154.204.122.0/24 maxlen: 24
154.205.115.0/24 maxlen: 24
154.205.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92601 (0x169b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 03:47:56 2025 GMT
Not After : Feb 19 03:47:56 2026 GMT
Subject: CN=67c131ef-4c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d8:d3:d8:12:a2:90:fb:26:b1:85:f8:23:1d:
83:27:68:40:cb:a5:68:a5:14:02:ab:7c:d4:6f:83:
34:9d:1e:44:46:72:76:4b:d0:a3:2b:46:18:6a:a8:
a9:9a:42:37:1c:e6:d0:73:69:8b:2d:32:74:ea:d9:
22:20:0d:e3:2c:e2:99:9e:a7:da:eb:f0:e6:31:33:
01:ae:cb:21:f6:1a:b5:90:24:42:4e:8a:2f:cb:5b:
5b:d9:92:d9:be:60:10:91:c1:45:fe:e7:2e:8b:5d:
24:d9:6e:61:5e:c9:28:18:61:c6:5f:f8:06:90:0e:
8f:7b:88:af:f7:1e:c6:42:5d:ae:78:d4:a5:bd:c7:
10:eb:43:d3:1a:c6:09:73:9d:35:5e:24:c3:f0:f3:
8f:69:b3:35:cd:45:e5:3b:ec:a6:c3:68:08:90:6f:
1b:da:79:a0:8c:9b:21:53:06:71:66:12:66:17:c7:
01:71:15:38:4f:6f:43:04:e6:db:f5:cf:9b:e8:0f:
a2:7c:18:52:95:32:ed:54:d3:58:3d:47:1a:73:11:
b1:17:5e:b6:80:d1:1e:af:38:92:95:fd:d7:22:b2:
e0:42:81:d8:11:9c:35:6a:8c:78:5d:55:16:98:53:
81:09:78:d5:96:6f:67:a7:59:8b:12:a3:47:7b:81:
55:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E3:91:B0:C4:12:5E:DF:E5:9B:15:DA:F8:B9:7E:C5:C9:CB:8C:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDA42F50F58611EFB1A5D99E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.99.0/24
154.204.108.0/24
154.204.115.0/24
154.204.122.0/24
154.205.115.0/24
154.205.120.0/24
Signature Algorithm: sha256WithRSAEncryption
30:3d:1e:54:e6:71:27:e2:20:d4:87:dc:f0:7e:b8:b6:44:14:
62:9c:7f:6e:5c:bf:95:56:a3:ed:ee:29:7a:88:83:7d:0b:ae:
d7:03:6b:ee:33:dd:c9:65:ea:e1:ef:0a:16:c3:4e:21:9f:cb:
6f:c9:4d:75:6d:fc:6e:a9:bc:1e:44:11:d9:00:52:af:a0:21:
22:ee:b4:31:3f:e9:03:6e:5c:21:e7:7c:c4:32:cb:d8:02:e4:
14:61:6a:36:77:b3:13:e1:c5:73:08:9d:5a:cd:91:ef:09:c7:
84:3e:77:5b:f8:45:7c:c3:69:ec:a0:f1:3c:9b:7f:2b:5f:d7:
c3:02:ce:5a:d6:45:28:be:2d:80:b9:2b:d2:33:5b:7a:30:12:
eb:ac:f4:db:3b:f5:ae:e5:a2:7b:3c:d8:48:3d:a2:9b:de:4c:
8a:46:4a:f5:9d:e0:36:90:8f:47:e9:41:12:d2:c4:1a:0b:b5:
43:2e:9c:45:59:b1:91:74:1e:90:97:35:d3:5e:9e:e8:9c:5f:
98:01:b7:51:46:08:e1:ff:75:d4:58:93:58:05:a3:6a:9c:da:
82:21:de:66:51:2e:ba:8c:77:ce:4a:39:ef:79:e7:7c:cb:2d:
d9:b2:29:37:fb:df:44:a0:68:6e:4e:c8:2a:97:21:b4:68:df:
a9:2e:86:9a
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIDAWm5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDM0NzU2WhcNMjYwMjE5MDM0NzU2WjAYMRYw
FAYDVQQDEw02N2MxMzFlZi00YzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw9jT2BKikPsmsYX4Ix2DJ2hAy6VopRQCq3zUb4M0nR5ERnJ2S9CjK0YY
aqipmkI3HObQc2mLLTJ06tkiIA3jLOKZnqfa6/DmMTMBrssh9hq1kCRCToovy1tb
2ZLZvmAQkcFF/ucui10k2W5hXskoGGHGX/gGkA6Pe4iv9x7GQl2ueNSlvccQ60PT
GsYJc501XiTD8POPabM1zUXlO+ymw2gIkG8b2nmgjJshUwZxZhJmF8cBcRU4T29D
BObb9c+b6A+ifBhSlTLtVNNYPUcacxGxF162gNEerziSlf3XIrLgQoHYEZw1aox4
XVUWmFOBCXjVlm9np1mLEqNHe4FVuQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFGbj
kbDEEl7f5ZsV2vi5fsXJy4y8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DREE0MkY1MEY1ODYxMUVGQjFBNUQ5OUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAmsxjAwQAmsxsAwQAmsxz
AwQAmsx6AwQAms1zAwQAms14MA0GCSqGSIb3DQEBCwUAA4IBAQAwPR5U5nEn4iDU
h9zwfri2RBRinH9uXL+VVqPt7il6iIN9C67XA2vuM93JZerh7woWw04hn8tvyU11
bfxuqbweRBHZAFKvoCEi7rQxP+kDblwh53zEMsvYAuQUYWo2d7MT4cVzCJ1azZHv
CceEPndb+EV8w2nsoPE8m38rX9fDAs5a1kUovi2AuSvSM1t6MBLrrPTbO/Wu5aJ7
PNhIPaKb3kyKRkr1neA2kI9H6UES0sQaC7VDLpxFWbGRdB6QlzXTXp7onF+YAbdR
Rgjh/3XUWJNYBaNqnNqCId5mUS66jHfOSjnveed8yy3Zsik3+99EoGhuTsgqlyG0
aN+pLoaa
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:44 2025 by rpki-client