Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E46FBA7AFB2A11EFA609D267762E951A.roa
File: E46FBA7AFB2A11EFA609D267762E951A.roa (raw, json)
Hash identifier: 0h0ThKhIzT+uxe7ieecXoLznT/0bwFgTTgwJAgcRRW4=
Subject key identifier: 9A:D6:B3:38:3A:54:39:2A:20:A0:31:46:17:34:B0:2D:19:24:04:C9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172C6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E46FBA7AFB2A11EFA609D267762E951A.roa
Signing time: Fri 07 Mar 2025 08:05:11 +0000
ROA not before: Fri 07 Mar 2025 08:05:07 +0000
ROA not after: Wed 16 Apr 2025 08:05:07 +0000
asID: 137899
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94918 (0x172c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 7 08:05:07 2025 GMT
Not After : Apr 16 08:05:07 2025 GMT
Subject: CN=67caa8b7-6512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:41:a5:08:74:48:a5:a1:2d:a0:dc:ad:95:4b:
a1:ce:6b:49:0f:62:87:f9:c0:6f:11:03:83:c7:b8:
cd:1f:46:fe:df:1c:47:8d:89:a8:cf:e4:e5:03:ec:
c4:5c:cc:4b:3b:47:cd:fa:00:27:4a:12:a8:24:e1:
c6:70:ca:09:91:c0:7b:5b:e3:6d:14:42:d3:73:84:
c5:f2:d7:f8:ad:e2:5d:3f:44:c1:a5:99:e0:d2:79:
24:2f:c4:41:73:9b:33:21:21:34:e5:c7:58:36:35:
ba:ce:43:7e:eb:b9:a9:fd:11:f0:ec:dd:ca:e9:b1:
f9:33:74:9b:da:7e:45:49:38:7d:7d:f8:0d:ae:be:
74:23:2d:0e:2f:87:7e:1b:e7:0c:e3:0f:75:dd:ec:
ae:a3:61:34:e6:3d:06:4e:db:1c:51:f7:7f:46:b6:
0f:fa:2a:d9:80:c5:b8:2e:0a:91:53:e1:56:a1:07:
a0:f6:aa:7d:65:4f:d7:63:ef:fb:07:23:a8:39:87:
08:bb:67:9d:0b:92:b3:40:d0:00:af:41:6d:f3:54:
af:93:14:d9:f5:bd:c9:23:e4:94:97:25:a9:07:86:
f0:22:2e:b1:83:1a:83:f7:55:de:af:0d:e6:cc:2e:
88:48:f1:5c:a6:6a:f7:9b:1a:49:9d:4d:ba:8a:a6:
e2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D6:B3:38:3A:54:39:2A:20:A0:31:46:17:34:B0:2D:19:24:04:C9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E46FBA7AFB2A11EFA609D267762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
cd:f9:d4:43:1d:a2:74:b7:b8:c2:c4:1e:11:f0:8c:fd:f3:32:
64:4d:f9:2b:e1:d5:e2:99:8f:18:ce:75:69:a7:d7:a2:83:7a:
48:59:b3:4b:c1:92:a4:a6:25:3a:d2:98:bf:10:a4:f2:7b:93:
aa:b3:f5:7f:f0:82:44:52:2a:53:be:35:ea:3b:44:5d:5a:9f:
cf:48:65:13:53:90:b5:44:a8:3e:17:6d:db:0c:cb:78:23:06:
6f:f7:10:a2:bb:6a:e2:1a:39:44:d2:b6:87:ab:92:07:34:c9:
da:55:26:aa:8c:24:28:11:cb:84:8d:72:1f:94:8e:d6:a6:d2:
c4:88:9d:e1:09:66:49:71:43:59:33:0b:3d:5c:3b:68:76:e3:
84:e5:3c:eb:53:9e:fb:45:90:c7:77:44:a0:4d:eb:ea:40:85:
6f:48:5f:46:84:bd:ea:78:2f:0b:94:85:74:40:4b:36:c4:37:
72:eb:4f:d8:5c:50:96:82:a9:d9:f2:53:5a:c3:8c:5f:f5:9f:
0b:3d:45:05:b5:4e:ba:ac:62:d3:0b:79:8e:35:01:bd:10:00:
a0:c4:84:a0:41:f7:be:18:82:e7:1d:51:43:fc:27:25:0b:d6:
a5:46:f0:de:5f:68:37:c8:fb:f5:17:d4:ca:6d:d2:85:4a:27:
e1:0f:e7:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXLGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA3MDgwNTA3WhcNMjUwNDE2MDgwNTA3WjAYMRYw
FAYDVQQDEw02N2NhYThiNy02NTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxkGlCHRIpaEtoNytlUuhzmtJD2KH+cBvEQODx7jNH0b+3xxHjYmoz+Tl
A+zEXMxLO0fN+gAnShKoJOHGcMoJkcB7W+NtFELTc4TF8tf4reJdP0TBpZng0nkk
L8RBc5szISE05cdYNjW6zkN+67mp/RHw7N3K6bH5M3Sb2n5FSTh9ffgNrr50Iy0O
L4d+G+cM4w913eyuo2E05j0GTtscUfd/RrYP+irZgMW4LgqRU+FWoQeg9qp9ZU/X
Y+/7ByOoOYcIu2edC5KzQNAAr0Ft81SvkxTZ9b3JI+SUlyWpB4bwIi6xgxqD91Xe
rw3mzC6ISPFcpmr3mxpJnU26iqbiEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJrW
szg6VDkqIKAxRhc0sC0ZJATJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNDZGQkE3QUZCMkExMUVGQTYwOUQyNjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQDN+dRDHaJ0t7jCxB4R8Iz98zJkTfkr4dXimY8YznVpp9eig3pIWbNL
wZKkpiU60pi/EKTye5Oqs/V/8IJEUipTvjXqO0RdWp/PSGUTU5C1RKg+F23bDMt4
IwZv9xCiu2riGjlE0raHq5IHNMnaVSaqjCQoEcuEjXIflI7WptLEiJ3hCWZJcUNZ
Mws9XDtoduOE5TzrU577RZDHd0SgTevqQIVvSF9GhL3qeC8LlIV0QEs2xDdy60/Y
XFCWgqnZ8lNaw4xf9Z8LPUUFtU66rGLTC3mONQG9EACgxISgQfe+GILnHVFD/Ccl
C9alRvDeX2g3yPv1F9TKbdKFSifhD+dC
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:02:01 2025 by rpki-client