Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E41B03FC0CD911F09498254A762E951A.roa
File: E41B03FC0CD911F09498254A762E951A.roa (raw, json)
Hash identifier: vOm5Rfm/xyIAbNn5OgsLgWHdkGBLgfl474OiUjM94xo=
Subject key identifier: 8B:18:9E:4C:0D:C0:29:66:B0:D4:17:F2:1C:56:53:62:5C:63:0D:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176F0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E41B03FC0CD911F09498254A762E951A.roa
Signing time: Sat 29 Mar 2025 20:10:42 +0000
ROA not before: Sat 29 Mar 2025 20:10:38 +0000
ROA not after: Sat 17 May 2025 20:10:38 +0000
asID: 400619
IP address blocks: 154.210.16.0/20 maxlen: 24
154.222.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95984 (0x176f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 20:10:38 2025 GMT
Not After : May 17 20:10:38 2025 GMT
Subject: CN=67e853c2-faea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:47:5d:2f:0c:8c:b2:2b:dd:e3:ed:e2:38:55:
e7:fa:e2:7d:f9:af:8f:6e:fe:4b:ed:d7:6c:ae:a6:
44:a6:c3:b4:72:8c:4b:94:48:fa:e4:65:a6:ca:eb:
66:d3:c0:b6:86:47:fa:ec:2b:11:5b:6c:6f:9c:8c:
3b:09:38:d4:78:77:e1:b1:ae:20:78:dd:28:87:58:
9d:c4:81:2a:1b:f1:ba:8c:a2:48:6d:32:ff:bc:4c:
13:50:6e:9c:08:1e:55:38:86:0f:bc:3b:1d:d9:ff:
ca:0a:90:5b:45:7b:8c:58:66:2b:d1:77:68:95:c3:
88:b6:5a:0a:45:f0:37:36:95:7e:db:6c:0d:f3:fe:
e3:9b:3a:61:91:23:e6:f0:4c:aa:e6:02:6a:a9:51:
be:32:e2:fa:b3:79:aa:02:24:c7:53:dc:c5:16:5b:
16:ff:0f:53:3e:b8:e3:dc:6c:df:5c:bf:ff:4f:14:
67:5b:60:98:7e:56:a4:1d:ad:4e:91:de:07:6c:6d:
68:6d:6e:50:a5:45:d5:1f:a0:cd:e5:e7:26:2e:2d:
0a:4e:af:0e:5f:68:c8:a2:a2:86:35:c6:69:cb:1b:
76:ce:06:b6:28:6e:d0:9e:d5:36:31:84:4f:9a:2d:
33:68:00:92:11:5b:d5:1e:94:5a:96:67:08:c7:df:
16:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:18:9E:4C:0D:C0:29:66:B0:D4:17:F2:1C:56:53:62:5C:63:0D:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E41B03FC0CD911F09498254A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.16.0/20
154.222.224.0/20
Signature Algorithm: sha256WithRSAEncryption
a2:0f:76:93:a8:e3:be:7a:1b:18:48:fd:26:fa:c1:66:ec:8d:
04:3c:62:32:e0:c2:8f:98:06:81:c5:7b:f7:94:8c:f5:b4:9b:
c7:d8:57:f1:60:1b:18:ca:ed:bc:c3:64:c1:5d:86:da:fa:81:
3a:b7:c7:b0:17:69:e7:d9:0f:c0:2e:d1:1d:00:89:7c:7f:df:
96:41:0e:ac:1e:74:fc:72:89:9e:a4:d6:a1:4a:23:ab:05:2e:
0e:62:88:10:b6:5e:f5:f8:83:e6:98:71:15:22:25:90:0d:1b:
dc:d4:27:96:1a:53:2f:8e:10:d7:d3:58:f5:7a:5b:81:37:d2:
ed:65:fe:5e:2c:11:9d:50:28:d4:db:6b:d3:51:a2:82:4c:29:
63:a4:aa:93:42:07:d3:a6:00:16:a5:80:95:39:c3:66:b4:0d:
f2:4e:ab:eb:44:0c:08:d4:53:23:8c:23:f7:d8:0d:2b:cc:96:
24:43:a3:17:43:88:2a:5a:7c:4b:49:b5:45:89:b9:93:97:4f:
58:a4:77:5b:05:2a:6f:dc:fd:5b:5e:4e:31:db:cc:b1:63:48:
1d:da:01:0d:98:82:e0:eb:93:d4:45:c1:eb:85:e2:89:cb:1e:
77:07:94:a4:83:61:ec:33:39:e6:09:aa:61:f0:70:03:6f:86:
86:66:db:81
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXbwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MjAxMDM4WhcNMjUwNTE3MjAxMDM4WjAYMRYw
FAYDVQQDEw02N2U4NTNjMi1mYWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy0ddLwyMsivd4+3iOFXn+uJ9+a+Pbv5L7ddsrqZEpsO0coxLlEj65GWm
yutm08C2hkf67CsRW2xvnIw7CTjUeHfhsa4geN0oh1idxIEqG/G6jKJIbTL/vEwT
UG6cCB5VOIYPvDsd2f/KCpBbRXuMWGYr0XdolcOItloKRfA3NpV+22wN8/7jmzph
kSPm8Eyq5gJqqVG+MuL6s3mqAiTHU9zFFlsW/w9TPrjj3GzfXL//TxRnW2CYflak
Ha1Okd4HbG1obW5QpUXVH6DN5ecmLi0KTq8OX2jIoqKGNcZpyxt2zga2KG7QntU2
MYRPmi0zaACSEVvVHpRalmcIx98WjQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFIsY
nkwNwClmsNQX8hxWU2JcYw3vMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNDFCMDNGQzBDRDkxMUYwOTQ5ODI1NEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmtIQAwQEmt7gMA0GCSqG
SIb3DQEBCwUAA4IBAQCiD3aTqOO+ehsYSP0m+sFm7I0EPGIy4MKPmAaBxXv3lIz1
tJvH2FfxYBsYyu28w2TBXYba+oE6t8ewF2nn2Q/ALtEdAIl8f9+WQQ6sHnT8come
pNahSiOrBS4OYogQtl71+IPmmHEVIiWQDRvc1CeWGlMvjhDX01j1eluBN9LtZf5e
LBGdUCjU22vTUaKCTCljpKqTQgfTpgAWpYCVOcNmtA3yTqvrRAwI1FMjjCP32A0r
zJYkQ6MXQ4gqWnxLSbVFibmTl09YpHdbBSpv3P1bXk4x28yxY0gd2gENmILg65PU
RcHrheKJyx53B5Skg2HsMznmCaph8HADb4aGZtuB
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:14 2025 by rpki-client