Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D364A44AC94111EFA56A675B762E951A.roa
File: D364A44AC94111EFA56A675B762E951A.roa (raw, json)
Hash identifier: 1qM4+vfAcus/F7fPoqHpYJDvUC8FxHGWpVwmMt1CWSA=
Subject key identifier: 4C:4E:C1:8C:90:9D:AC:57:A5:84:00:37:9D:0C:EF:95:C9:B9:C8:3F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01342F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D364A44AC94111EFA56A675B762E951A.roa
Signing time: Thu 02 Jan 2025 19:43:23 +0000
ROA not before: Thu 02 Jan 2025 19:43:19 +0000
ROA not after: Mon 13 Dec 2027 19:43:19 +0000
asID: 17561
IP address blocks: 154.223.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78895 (0x1342f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 19:43:19 2025 GMT
Not After : Dec 13 19:43:19 2027 GMT
Subject: CN=6776ec5b-e771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a5:40:9c:a0:39:20:07:4b:86:32:41:fd:5f:
a0:19:6c:d8:ca:c5:10:56:7c:80:c3:16:fc:90:41:
7b:20:db:da:8a:bd:72:34:1c:22:06:35:93:19:f7:
a3:e7:ed:6c:74:c5:38:a3:1f:08:50:29:93:4b:d7:
64:99:6a:89:d6:ad:70:26:4c:d4:fb:00:43:2f:3b:
80:bc:4d:b2:ff:e9:44:7d:3c:9b:8f:82:dd:18:b2:
34:11:41:04:fb:0a:e7:90:5e:a0:a6:8f:fa:ba:a7:
dc:d2:04:b7:73:ee:bd:79:da:93:3c:ac:7e:c6:88:
20:d3:40:8a:79:57:6c:c1:3f:8a:dc:23:d2:cd:eb:
d2:97:fa:6c:aa:56:0b:b9:e7:be:ad:30:29:0f:14:
1d:6e:12:9b:dc:d9:85:69:95:75:e1:d7:36:79:d6:
47:53:d1:99:6f:8e:80:ac:9a:e5:a4:03:ba:48:0f:
25:44:e5:e7:ae:87:7f:35:fc:6c:c0:53:1b:42:27:
44:86:bb:5a:b3:fe:d7:9b:60:d6:5d:75:43:b2:f9:
88:74:31:aa:18:d1:d4:81:58:d2:7f:81:7e:ae:fe:
a9:4c:ff:1e:3d:09:fa:23:f7:8a:43:89:c4:94:0b:
46:9d:6d:8f:06:3b:17:6f:c9:0c:2d:81:60:0a:bc:
23:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:4E:C1:8C:90:9D:AC:57:A5:84:00:37:9D:0C:EF:95:C9:B9:C8:3F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D364A44AC94111EFA56A675B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:42:6b:89:c6:a1:ef:dc:2c:08:15:b1:f6:11:bb:3d:9f:0b:
90:2a:53:54:14:61:87:3c:40:ce:8e:db:b3:1b:69:57:92:e3:
7f:da:b7:f2:15:34:9c:c9:4a:57:11:cc:de:c9:50:6b:c7:91:
7f:ab:3a:53:af:10:22:81:70:b4:23:6e:b7:1c:eb:78:72:b0:
91:18:86:63:24:d4:4e:ad:aa:9e:ba:ff:11:19:39:d1:0d:7a:
6a:fb:b8:7f:71:70:0a:2b:ff:ce:e2:a6:f3:8d:4a:84:5c:b8:
c0:a7:c3:80:2a:ef:61:d1:e3:45:3a:be:1a:1f:87:d4:38:e9:
5d:68:0f:f4:3d:cc:3a:a3:5f:c8:1b:d5:c6:64:bb:d2:20:09:
59:91:36:d1:fa:5a:44:3b:a1:b9:88:e0:ac:12:10:11:bb:75:
35:8d:1d:0c:e2:e8:19:d5:f1:19:58:53:d5:83:6c:43:ea:8c:
e9:c3:6b:52:ce:98:8d:a8:ba:f8:0d:60:c7:f3:45:dc:db:cf:
46:c4:2a:95:e5:57:16:f0:fb:0f:43:de:5c:2d:a0:e3:88:d0:
e9:c6:65:b5:57:45:3d:64:65:0e:25:d9:f2:19:6c:d0:06:af:
2f:b4:9b:05:4d:5c:35:b4:23:69:d9:f1:ef:78:44:57:1c:2d:
c0:f8:de:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATQvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTk0MzE5WhcNMjcxMjEzMTk0MzE5WjAYMRYw
FAYDVQQDEw02Nzc2ZWM1Yi1lNzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1KVAnKA5IAdLhjJB/V+gGWzYysUQVnyAwxb8kEF7INvair1yNBwiBjWT
Gfej5+1sdMU4ox8IUCmTS9dkmWqJ1q1wJkzU+wBDLzuAvE2y/+lEfTybj4LdGLI0
EUEE+wrnkF6gpo/6uqfc0gS3c+69edqTPKx+xogg00CKeVdswT+K3CPSzevSl/ps
qlYLuee+rTApDxQdbhKb3NmFaZV14dc2edZHU9GZb46ArJrlpAO6SA8lROXnrod/
NfxswFMbQidEhrtas/7Xm2DWXXVDsvmIdDGqGNHUgVjSf4F+rv6pTP8ePQn6I/eK
Q4nElAtGnW2PBjsXb8kMLYFgCrwj9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFExO
wYyQnaxXpYQAN50M75XJucg/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzY0QTQ0QUM5NDExMUVGQTU2QTY3NUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/+MA0GCSqGSIb3DQEB
CwUAA4IBAQCpQmuJxqHv3CwIFbH2Ebs9nwuQKlNUFGGHPEDOjtuzG2lXkuN/2rfy
FTScyUpXEczeyVBrx5F/qzpTrxAigXC0I263HOt4crCRGIZjJNROraqeuv8RGTnR
DXpq+7h/cXAKK//O4qbzjUqEXLjAp8OAKu9h0eNFOr4aH4fUOOldaA/0Pcw6o1/I
G9XGZLvSIAlZkTbR+lpEO6G5iOCsEhARu3U1jR0M4ugZ1fEZWFPVg2xD6ozpw2tS
zpiNqLr4DWDH80Xc289GxCqV5VcW8PsPQ95cLaDjiNDpxmW1V0U9ZGUOJdnyGWzQ
Bq8vtJsFTVw1tCNp2fHveERXHC3A+N7A
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:58:25 2025 by rpki-client