Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E55EC104058611F0AE463980762E951A.roa
File: E55EC104058611F0AE463980762E951A.roa (raw, json)
Hash identifier: bwaAG6gX9YVpDHy5fCvcZ6cxxa2g37VP7u+05lLeJks=
Subject key identifier: 99:97:64:6D:91:C7:24:39:D5:B8:97:26:03:A8:3A:32:E1:3E:DC:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01754F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E55EC104058611F0AE463980762E951A.roa
Signing time: Thu 20 Mar 2025 12:28:58 +0000
ROA not before: Thu 20 Mar 2025 12:28:54 +0000
ROA not after: Fri 31 Oct 2025 12:28:54 +0000
asID: 400619
IP address blocks: 154.211.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95567 (0x1754f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 20 12:28:54 2025 GMT
Not After : Oct 31 12:28:54 2025 GMT
Subject: CN=67dc0a0a-6aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2b:0f:4d:52:c6:e0:79:79:81:11:3e:4a:ea:
8a:e6:67:f0:71:81:c5:f3:7c:fc:be:aa:90:50:77:
16:b7:d6:f8:ed:76:0f:07:62:a2:a4:ef:cd:f3:80:
be:d5:d5:75:7e:13:e8:8f:bb:f3:32:62:59:ed:74:
c3:0c:61:62:d0:29:8c:52:28:82:66:fc:b5:8e:4a:
92:9c:32:b9:39:fa:e3:4f:b9:d4:0b:d0:ed:cc:95:
6d:cc:77:4d:e5:19:7c:e5:e6:7d:30:f8:49:37:ac:
37:4e:36:82:8c:4c:9b:23:81:21:fb:27:32:2a:d1:
5e:bc:07:9b:4f:e7:aa:09:70:ac:9e:6a:58:56:83:
81:62:47:44:c4:0a:7c:41:8c:b0:44:c4:6f:15:d2:
f9:bb:bf:82:75:d8:94:f3:12:1c:15:f6:b0:3f:11:
6b:d6:a1:53:f0:61:24:f0:ab:cf:7e:b3:4b:b4:c8:
95:d4:b1:0c:c3:02:76:a7:61:73:26:0b:16:cf:30:
bb:f1:dd:24:12:5f:ca:47:b2:38:e4:2c:ef:9b:91:
1d:c2:a4:ca:33:25:93:39:be:7a:78:e8:e7:49:e3:
3c:ac:f3:4c:36:51:cd:34:79:bf:fc:42:e8:74:0d:
d9:16:ae:96:bc:12:5d:41:b1:9a:e5:82:38:21:e2:
23:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:97:64:6D:91:C7:24:39:D5:B8:97:26:03:A8:3A:32:E1:3E:DC:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E55EC104058611F0AE463980762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.4.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:e2:80:38:0b:bc:27:2b:d7:a5:6d:1f:f1:41:f3:f9:bf:d8:
b0:29:4e:43:eb:1f:b2:cd:5e:94:28:e4:65:67:98:a3:ab:ff:
b5:3d:5a:e0:5a:a8:ec:13:3e:44:94:ea:27:72:aa:72:df:16:
d3:15:07:98:93:dd:c0:e4:69:c9:37:94:db:6c:5d:68:24:4c:
09:17:d3:48:bd:81:02:96:16:9a:94:f3:c7:98:75:d4:dd:ba:
ad:51:8d:d2:09:00:ce:81:84:27:74:83:18:6e:ee:49:ef:69:
91:f0:79:32:81:cb:4c:03:1b:04:be:8d:e7:ed:41:e6:fc:55:
d0:1d:0e:c8:7e:95:f9:06:51:45:f7:90:a6:fc:3e:d5:42:f9:
d2:ac:ba:6c:d2:58:7b:01:08:90:a8:79:1c:ee:b8:37:6a:8b:
16:17:85:d2:54:95:69:11:bf:47:55:06:3d:85:35:ec:ac:67:
c8:4c:bf:1e:48:d1:fb:72:29:9a:a3:ac:f4:2b:45:21:ff:b6:
92:78:94:9e:3c:a4:2e:d8:42:6f:ca:2e:c0:bf:ad:b4:a8:40:
ff:eb:78:6f:58:04:9b:2e:ef:83:1e:3b:4c:5a:39:4d:b0:1b:
5f:4c:fc:ab:e8:2d:ae:ae:6e:d7:45:8e:10:46:a8:d2:0a:54:
09:70:66:b1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXVPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIwMTIyODU0WhcNMjUxMDMxMTIyODU0WjAYMRYw
FAYDVQQDEw02N2RjMGEwYS02YWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6CsPTVLG4Hl5gRE+SuqK5mfwcYHF83z8vqqQUHcWt9b47XYPB2KipO/N
84C+1dV1fhPoj7vzMmJZ7XTDDGFi0CmMUiiCZvy1jkqSnDK5OfrjT7nUC9DtzJVt
zHdN5Rl85eZ9MPhJN6w3TjaCjEybI4Eh+ycyKtFevAebT+eqCXCsnmpYVoOBYkdE
xAp8QYywRMRvFdL5u7+CddiU8xIcFfawPxFr1qFT8GEk8KvPfrNLtMiV1LEMwwJ2
p2FzJgsWzzC78d0kEl/KR7I45Czvm5EdwqTKMyWTOb56eOjnSeM8rPNMNlHNNHm/
/ELodA3ZFq6WvBJdQbGa5YI4IeIjUwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJmX
ZG2RxyQ51biXJgOoOjLhPtxKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNTVFQzEwNDA1ODYxMUYwQUU0NjM5ODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtMEMA0GCSqGSIb3DQEB
CwUAA4IBAQBN4oA4C7wnK9elbR/xQfP5v9iwKU5D6x+yzV6UKORlZ5ijq/+1PVrg
WqjsEz5ElOoncqpy3xbTFQeYk93A5GnJN5TbbF1oJEwJF9NIvYEClhaalPPHmHXU
3bqtUY3SCQDOgYQndIMYbu5J72mR8HkygctMAxsEvo3n7UHm/FXQHQ7IfpX5BlFF
95Cm/D7VQvnSrLps0lh7AQiQqHkc7rg3aosWF4XSVJVpEb9HVQY9hTXsrGfITL8e
SNH7cimao6z0K0Uh/7aSeJSePKQu2EJvyi7Av620qED/63hvWASbLu+DHjtMWjlN
sBtfTPyr6C2urm7XRY4QRqjSClQJcGax
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:27:36 2025 by rpki-client