Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D863322EF44B11EF96B6FD99762E951A.roa
File: D863322EF44B11EF96B6FD99762E951A.roa (raw, json)
Hash identifier: qqwvZh/vAGgy4Y1jHZWa0sH5k/FT6Ud6M2arvFZ3GVY=
Subject key identifier: A5:09:C9:3D:73:69:3D:FA:B9:BD:4C:D1:F7:FE:FD:90:40:89:DA:4C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01642B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D863322EF44B11EF96B6FD99762E951A.roa
Signing time: Wed 26 Feb 2025 14:13:26 +0000
ROA not before: Wed 26 Feb 2025 14:13:23 +0000
ROA not after: Thu 19 Feb 2026 14:13:23 +0000
asID: 984
IP address blocks: 154.210.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91179 (0x1642b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 14:13:23 2025 GMT
Not After : Feb 19 14:13:23 2026 GMT
Subject: CN=67bf2186-f3da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a4:9e:2c:65:75:da:48:4e:fb:54:56:ea:77:
cc:97:ba:91:3c:2e:17:58:b2:98:f5:30:d9:1f:f3:
cf:3c:a2:14:51:8a:3d:c4:eb:3d:58:ca:54:d0:38:
64:39:91:6e:c4:8e:16:f9:75:2a:5c:49:94:8c:cb:
02:86:18:3c:b6:58:3a:22:d3:c7:58:de:1f:a7:c0:
e0:17:23:8c:e3:aa:35:77:b9:f8:e9:98:4a:43:1a:
c8:59:ea:fb:d5:17:a2:0b:70:d8:62:8a:24:7f:80:
35:29:92:e4:ce:f6:6d:c0:57:f1:4b:75:7e:c4:c2:
06:93:e2:f6:c0:a7:e5:e3:3c:31:54:c8:bc:42:a5:
d2:5f:f8:8f:1d:31:4c:d5:7d:36:a9:bc:1b:00:8f:
68:cd:6e:f0:3d:e6:98:29:ea:3c:1d:67:65:4a:c5:
59:7d:7c:00:40:64:4d:05:04:e6:85:18:4d:ad:6f:
6e:25:44:6d:02:cf:6c:92:e5:81:37:d3:f1:25:57:
39:78:ab:3a:57:92:e4:3b:98:cd:af:6a:ea:03:60:
8a:06:ca:58:0b:2e:8a:84:a9:1d:4e:eb:48:63:8d:
6d:e3:ef:0d:f4:2a:4a:9e:ff:1d:fe:bc:c6:ba:be:
2f:78:8a:3b:21:ef:62:8a:1a:e7:9c:60:b7:64:60:
1c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:09:C9:3D:73:69:3D:FA:B9:BD:4C:D1:F7:FE:FD:90:40:89:DA:4C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D863322EF44B11EF96B6FD99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.47.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:bf:30:d2:ee:17:1a:b1:5d:a9:f4:57:73:19:11:a6:c1:02:
35:ed:51:67:b5:cb:c8:48:92:0b:8b:ad:ba:96:87:ae:95:40:
3b:dc:7c:8a:8a:9b:bc:46:8d:3e:bb:a9:f5:f1:c5:b3:d4:f9:
af:bc:c8:a9:5d:be:de:48:8f:bf:4a:53:cd:f9:a7:b7:8b:77:
bf:3e:6e:56:7b:be:a2:b7:5c:1f:6a:89:35:01:36:7e:fd:03:
03:5f:79:11:83:24:7e:85:a5:1f:18:5e:06:80:f5:25:3a:a3:
16:49:6c:f5:68:ca:3b:08:d6:3a:22:49:07:27:de:74:9d:e1:
62:b0:55:08:e0:c8:bc:7a:45:38:fa:59:d3:13:af:80:6d:c4:
c1:c1:33:34:3a:52:1e:78:77:d5:cb:ea:6f:36:17:ff:0e:7d:
40:f0:a9:56:90:b6:42:30:0c:9c:11:ea:1f:9f:b2:84:1f:27:
07:f6:cd:19:30:6c:22:5f:03:98:d9:49:08:79:e8:3c:97:6d:
06:b6:f4:f7:8a:fa:89:a3:e7:e3:35:0a:4d:12:2d:a4:b4:dc:
3b:c9:cf:7f:a5:ac:69:91:fe:8f:ae:0e:19:bb:12:3f:65:f0:
10:d4:f0:9a:ae:2b:59:10:21:53:ff:56:b8:03:3d:b3:13:64:
d0:36:28:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWQrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTQxMzIzWhcNMjYwMjE5MTQxMzIzWjAYMRYw
FAYDVQQDEw02N2JmMjE4Ni1mM2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtaSeLGV12khO+1RW6nfMl7qRPC4XWLKY9TDZH/PPPKIUUYo9xOs9WMpU
0DhkOZFuxI4W+XUqXEmUjMsChhg8tlg6ItPHWN4fp8DgFyOM46o1d7n46ZhKQxrI
Wer71ReiC3DYYookf4A1KZLkzvZtwFfxS3V+xMIGk+L2wKfl4zwxVMi8QqXSX/iP
HTFM1X02qbwbAI9ozW7wPeaYKeo8HWdlSsVZfXwAQGRNBQTmhRhNrW9uJURtAs9s
kuWBN9PxJVc5eKs6V5LkO5jNr2rqA2CKBspYCy6KhKkdTutIY41t4+8N9CpKnv8d
/rzGur4veIo7Ie9iihrnnGC3ZGAc/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKUJ
yT1zaT36ub1M0ff+/ZBAidpMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EODYzMzIyRUY0NEIxMUVGOTZCNkZEOTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtIvMA0GCSqGSIb3DQEB
CwUAA4IBAQDSvzDS7hcasV2p9FdzGRGmwQI17VFntcvISJILi626loeulUA73HyK
ipu8Ro0+u6n18cWz1PmvvMipXb7eSI+/SlPN+ae3i3e/Pm5We76it1wfaok1ATZ+
/QMDX3kRgyR+haUfGF4GgPUlOqMWSWz1aMo7CNY6IkkHJ950neFisFUI4Mi8ekU4
+lnTE6+AbcTBwTM0OlIeeHfVy+pvNhf/Dn1A8KlWkLZCMAycEeofn7KEHycH9s0Z
MGwiXwOY2UkIeeg8l20GtvT3ivqJo+fjNQpNEi2ktNw7yc9/paxpkf6Prg4ZuxI/
ZfAQ1PCaritZECFT/1a4Az2zE2TQNijc
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:43 2025 by rpki-client