Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3F5FB1AF44D11EFA8244FA8762E951A.roa
File: E3F5FB1AF44D11EFA8244FA8762E951A.roa (raw, json)
Hash identifier: aGMuEfmIETz1+phfM5dGTLJTqo25s/H6leMAFg0US+A=
Subject key identifier: 92:B7:80:7B:58:0B:61:A1:3F:96:98:C7:E2:39:7B:7C:67:2B:4A:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01644F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3F5FB1AF44D11EFA8244FA8762E951A.roa
Signing time: Wed 26 Feb 2025 14:28:05 +0000
ROA not before: Wed 26 Feb 2025 14:28:01 +0000
ROA not after: Thu 19 Feb 2026 14:28:01 +0000
asID: 984
IP address blocks: 154.210.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91215 (0x1644f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 14:28:01 2025 GMT
Not After : Feb 19 14:28:01 2026 GMT
Subject: CN=67bf24f4-aa74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:74:b9:f8:b2:d4:fe:5d:b3:3b:7b:76:2b:1c:
63:eb:da:7b:98:81:00:09:43:7f:c6:4b:fb:14:2f:
19:f0:1c:2c:1f:4d:66:85:cd:31:97:a6:8d:4c:a8:
83:5e:9d:9d:62:38:d2:89:96:f8:8b:b5:7f:ee:42:
dc:9a:c6:de:ff:11:0d:58:6f:d4:d4:cc:3f:93:3e:
16:cd:79:9c:10:74:e9:dc:b1:4d:3a:98:ab:dc:9c:
ac:b3:56:3e:19:0c:d5:b7:2e:b7:ad:58:8a:ce:61:
a2:b9:79:72:ad:a4:89:51:93:1f:47:70:16:24:69:
da:c0:06:84:da:4f:a6:1d:fe:e0:fb:ae:d9:25:c9:
b4:05:cb:02:69:ea:28:07:d7:4c:56:45:ac:dc:1b:
e2:bf:64:82:1f:58:7d:c8:20:39:a0:d6:dd:85:13:
44:55:46:eb:4f:9c:a6:98:e4:42:46:a0:3e:9d:95:
83:50:af:83:db:fd:51:ce:d4:b2:9a:0b:85:40:87:
fa:f8:b8:7b:f7:31:4c:e1:69:3e:79:a4:98:4f:d0:
d9:71:79:54:6b:f9:87:78:84:ef:3f:2a:1e:cc:f7:
f0:bb:4c:57:56:b8:c5:21:2e:01:db:32:e4:5e:e2:
ed:bb:d5:f8:7e:a5:6c:94:ea:28:04:7c:78:a5:09:
11:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B7:80:7B:58:0B:61:A1:3F:96:98:C7:E2:39:7B:7C:67:2B:4A:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3F5FB1AF44D11EFA8244FA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.53.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:a9:1e:b8:3c:b5:46:90:89:b3:65:1c:f6:15:4d:e2:fc:1b:
dd:b8:6a:1c:3d:ab:02:f0:01:a1:f2:99:a6:b9:7b:b5:1d:57:
9c:6b:67:88:96:2a:53:fc:46:77:51:2b:97:60:c7:3e:a8:f2:
8c:c4:40:96:64:9e:4f:e0:dc:86:48:1e:cb:78:f6:76:05:1e:
ee:a5:4e:ea:a4:1c:60:7d:a7:82:89:e5:1e:98:2a:db:ae:a9:
35:bb:d2:d1:57:a2:23:6a:9d:0f:f6:8e:e1:51:da:73:6f:08:
40:52:b1:27:17:24:c9:cc:8f:c4:64:c1:39:3b:43:e0:12:76:
e7:03:7d:61:a9:d2:db:30:b5:cb:04:9d:e0:a4:45:3a:29:25:
8c:02:3d:0c:2b:8a:29:2f:c5:92:7f:28:59:12:d6:14:10:f5:
a3:79:5b:f9:31:ba:b3:01:b1:40:85:5c:18:45:8e:21:ae:01:
34:88:72:40:6d:66:fe:82:30:7b:fd:28:fc:99:6e:c1:20:37:
a6:79:ea:d9:33:86:ae:be:c0:36:1b:c3:64:95:27:dc:31:a3:
18:87:39:63:16:74:d9:eb:a5:c2:08:d0:25:65:e2:b3:2d:5c:
bc:80:89:f8:4b:df:98:07:ce:6a:d0:58:ba:67:9d:da:bf:f5:
29:0e:6e:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWRPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTQyODAxWhcNMjYwMjE5MTQyODAxWjAYMRYw
FAYDVQQDEw02N2JmMjRmNC1hYTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsnS5+LLU/l2zO3t2Kxxj69p7mIEACUN/xkv7FC8Z8BwsH01mhc0xl6aN
TKiDXp2dYjjSiZb4i7V/7kLcmsbe/xENWG/U1Mw/kz4WzXmcEHTp3LFNOpir3Jys
s1Y+GQzVty63rViKzmGiuXlyraSJUZMfR3AWJGnawAaE2k+mHf7g+67ZJcm0BcsC
aeooB9dMVkWs3Bviv2SCH1h9yCA5oNbdhRNEVUbrT5ymmORCRqA+nZWDUK+D2/1R
ztSymguFQIf6+Lh79zFM4Wk+eaSYT9DZcXlUa/mHeITvPyoezPfwu0xXVrjFIS4B
2zLkXuLtu9X4fqVslOooBHx4pQkRwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJK3
gHtYC2GhP5aYx+I5e3xnK0ppMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FM0Y1RkIxQUY0NEQxMUVGQTgyNDRGQTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtI1MA0GCSqGSIb3DQEB
CwUAA4IBAQC8qR64PLVGkImzZRz2FU3i/BvduGocPasC8AGh8pmmuXu1HVeca2eI
lipT/EZ3USuXYMc+qPKMxECWZJ5P4NyGSB7LePZ2BR7upU7qpBxgfaeCieUemCrb
rqk1u9LRV6Ijap0P9o7hUdpzbwhAUrEnFyTJzI/EZME5O0PgEnbnA31hqdLbMLXL
BJ3gpEU6KSWMAj0MK4opL8WSfyhZEtYUEPWjeVv5MbqzAbFAhVwYRY4hrgE0iHJA
bWb+gjB7/Sj8mW7BIDemeerZM4auvsA2G8NklSfcMaMYhzljFnTZ66XCCNAlZeKz
LVy8gIn4S9+YB85q0Fi6Z53av/UpDm6z
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:53:14 2025 by rpki-client