Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E75E0F90FB3211EFBB29BF9D762E951A.roa
File: E75E0F90FB3211EFBB29BF9D762E951A.roa (raw, json)
Hash identifier: 5p+30ljYgk0hcvv5aJMo7qiLsaCz30EgJJ8sW8ZDcz0=
Subject key identifier: 60:5C:D9:3C:F2:DF:23:EA:BF:E7:97:1A:1A:9C:EC:44:42:33:FB:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172D8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E75E0F90FB3211EFBB29BF9D762E951A.roa
Signing time: Fri 07 Mar 2025 09:02:32 +0000
ROA not before: Fri 07 Mar 2025 09:02:28 +0000
ROA not after: Sat 14 Mar 2026 09:02:28 +0000
asID: 55720
IP address blocks: 154.216.2.0/23 maxlen: 24
154.220.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94936 (0x172d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 7 09:02:28 2025 GMT
Not After : Mar 14 09:02:28 2026 GMT
Subject: CN=67cab628-9c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a5:48:19:c7:13:80:c1:28:17:98:81:c7:f5:
3a:83:d0:93:55:97:53:ff:69:92:5f:bf:b5:c9:88:
d5:cf:61:63:77:b4:bb:3d:1f:21:28:3d:8e:22:14:
bc:af:63:50:30:b4:2f:b6:37:d4:32:ec:54:88:ae:
f6:74:c0:18:5e:58:e8:f9:1a:45:3e:a0:9a:91:ae:
7f:39:4c:88:9d:78:e5:24:b8:2e:71:e7:b9:3b:b4:
97:47:71:df:02:7f:f6:7c:20:08:1d:c5:ad:84:35:
5e:d4:cc:d6:31:9c:e2:8f:a7:69:72:cd:b9:51:b0:
d4:91:73:a4:48:2f:59:9d:a9:60:6c:f8:0f:19:10:
3d:1a:2e:e6:7b:fd:f4:f1:06:5d:17:1a:1c:e9:3b:
a0:2a:59:c6:d2:a9:8b:5e:b0:e5:42:e2:c0:c9:d5:
5f:13:ac:0b:ea:6f:b3:c7:b0:c5:02:9f:ae:d9:98:
a0:51:49:6d:14:92:07:d6:da:0a:de:86:04:7f:d9:
17:74:6f:7e:e6:f8:56:0b:68:fc:52:7f:e9:60:8f:
12:ca:fd:4a:9e:84:63:59:91:c3:55:03:7b:84:35:
a0:a8:63:4b:24:78:5a:2c:99:b2:0d:e4:0e:b8:65:
88:7a:3b:97:f8:e6:32:1a:98:e0:72:00:0a:d7:54:
5d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5C:D9:3C:F2:DF:23:EA:BF:E7:97:1A:1A:9C:EC:44:42:33:FB:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E75E0F90FB3211EFBB29BF9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.2.0/23
154.220.2.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c6:4e:b6:f7:2b:76:9c:58:66:68:3e:e2:72:f7:12:fb:d1:
a8:ad:eb:23:db:0f:90:ce:c7:54:52:f0:00:44:fc:25:2b:f5:
3a:ed:76:fb:ae:9a:43:e1:f6:d0:ff:95:3f:56:db:a7:d7:0f:
f8:8a:7f:52:29:0d:91:88:0c:e9:dd:36:61:ec:3d:e7:3d:39:
a7:b7:74:07:da:88:cb:7d:aa:46:4c:97:49:fb:a8:62:20:99:
20:91:d3:f9:30:e4:eb:a3:23:df:3d:5b:15:62:80:cc:e6:f2:
5e:ce:5f:c5:f8:9d:66:ca:7d:70:4b:88:c1:14:4d:02:cd:21:
75:34:22:38:1a:ee:93:60:13:67:97:44:43:a8:69:bd:e9:46:
9e:67:7c:eb:f1:23:3b:f8:8d:99:cf:b3:cc:26:79:0c:c2:cb:
4f:0a:38:63:a8:47:ed:61:4a:4e:61:a7:04:5c:18:2d:d6:5b:
12:82:68:b9:e2:b8:72:c6:40:42:54:19:6e:2f:6e:5c:ee:a3:
c3:19:d4:ee:08:6f:c9:05:33:39:21:e6:e0:9a:19:45:94:22:
1e:e4:65:e9:73:24:3c:e4:d1:ff:99:8d:4e:2a:6c:16:69:5a:
ee:aa:7d:95:7e:15:f8:aa:4d:f2:3e:e9:2c:a2:05:b9:c0:de:
11:5d:3e:be
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXLYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA3MDkwMjI4WhcNMjYwMzE0MDkwMjI4WjAYMRYw
FAYDVQQDEw02N2NhYjYyOC05YzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy6VIGccTgMEoF5iBx/U6g9CTVZdT/2mSX7+1yYjVz2Fjd7S7PR8hKD2O
IhS8r2NQMLQvtjfUMuxUiK72dMAYXljo+RpFPqCaka5/OUyInXjlJLgucee5O7SX
R3HfAn/2fCAIHcWthDVe1MzWMZzij6dpcs25UbDUkXOkSC9ZnalgbPgPGRA9Gi7m
e/308QZdFxoc6TugKlnG0qmLXrDlQuLAydVfE6wL6m+zx7DFAp+u2ZigUUltFJIH
1toK3oYEf9kXdG9+5vhWC2j8Un/pYI8Syv1KnoRjWZHDVQN7hDWgqGNLJHhaLJmy
DeQOuGWIejuX+OYyGpjgcgAK11RdqwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGBc
2Tzy3yPqv+eXGhqc7ERCM/sPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNzVFMEY5MEZCMzIxMUVGQkIyOUJGOUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmtgCAwQAmtwCMA0GCSqG
SIb3DQEBCwUAA4IBAQBFxk629yt2nFhmaD7icvcS+9Goresj2w+QzsdUUvAARPwl
K/U67Xb7rppD4fbQ/5U/Vtun1w/4in9SKQ2RiAzp3TZh7D3nPTmnt3QH2ojLfapG
TJdJ+6hiIJkgkdP5MOTroyPfPVsVYoDM5vJezl/F+J1myn1wS4jBFE0CzSF1NCI4
Gu6TYBNnl0RDqGm96UaeZ3zr8SM7+I2Zz7PMJnkMwstPCjhjqEftYUpOYacEXBgt
1lsSgmi54rhyxkBCVBluL25c7qPDGdTuCG/JBTM5IebgmhlFlCIe5GXpcyQ85NH/
mY1OKmwWaVruqn2VfhX4qk3yPuksogW5wN4RXT6+
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:19 2025 by rpki-client