Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7E3EFE0F2E311EF951EA874762E951A.roa
File: E7E3EFE0F2E311EF951EA874762E951A.roa (raw, json)
Hash identifier: 4AMp+KRTb1Z/CTalcHwJzAWWUwV6e0ygsOG0tSdP1Do=
Subject key identifier: CC:0E:7B:45:A3:A7:EE:2F:C6:F3:CD:B2:C0:E4:22:DC:94:86:7D:50
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015CE4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7E3EFE0F2E311EF951EA874762E951A.roa
Signing time: Mon 24 Feb 2025 19:16:53 +0000
ROA not before: Mon 24 Feb 2025 19:16:50 +0000
ROA not after: Mon 07 Apr 2025 19:16:50 +0000
asID: 138915
IP address blocks: 154.223.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89316 (0x15ce4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 24 19:16:50 2025 GMT
Not After : Apr 7 19:16:50 2025 GMT
Subject: CN=67bcc5a5-10c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:83:05:fe:66:73:76:82:7b:4b:5b:d6:19:14:
c0:e1:8f:eb:5a:c3:b8:50:63:ac:00:63:67:b0:e3:
9e:8c:3a:91:2e:da:75:34:c7:30:9f:57:d5:5c:1a:
d3:dd:79:a8:4a:78:25:e0:a1:e7:7f:a9:74:a4:c9:
54:e5:8a:26:22:9f:cf:f9:58:15:1b:a6:32:04:4e:
5c:31:aa:24:d6:f0:d6:b7:7a:5a:09:22:01:8c:83:
d1:31:a0:01:10:c3:4e:f7:03:24:7d:8b:82:4f:41:
62:3e:55:41:05:e6:ed:3b:e0:aa:25:c8:17:c7:00:
b4:c5:2a:aa:5a:3e:70:37:1f:bf:ea:9f:0e:89:21:
80:fa:b1:40:87:05:19:ff:e8:ef:22:64:2e:97:6a:
55:85:a7:e5:a1:66:ac:c1:d6:23:8a:ce:ec:d3:2c:
e9:b4:3b:54:da:27:bd:a8:70:10:e8:04:31:3e:88:
6e:df:68:44:da:5a:27:f7:d2:b3:b0:ac:48:a3:0b:
85:77:9d:6d:1b:ff:19:82:14:fe:55:d4:7d:7b:0f:
d5:91:84:fd:df:9e:94:f1:cb:06:6d:63:02:44:27:
21:ce:a9:f1:79:84:12:47:89:0d:c5:27:48:18:97:
b9:36:ef:22:1e:a0:55:4d:b6:26:5d:c4:85:24:32:
56:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:0E:7B:45:A3:A7:EE:2F:C6:F3:CD:B2:C0:E4:22:DC:94:86:7D:50
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7E3EFE0F2E311EF951EA874762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.44.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:86:61:b2:a8:7c:1b:7c:96:6c:5e:65:d9:94:7c:1d:de:7d:
82:a8:91:c3:e9:92:2c:b6:fa:d0:13:ae:51:c4:0f:8f:07:a9:
bd:57:ff:b8:a0:07:7a:ae:05:80:44:80:64:ef:c7:e3:08:6f:
f0:d7:98:7d:72:7f:8e:66:ec:39:62:8d:93:45:aa:e3:ae:26:
9a:c3:7a:40:28:c0:e9:74:94:22:f0:35:74:7d:da:55:0a:90:
51:af:75:76:74:f6:97:6e:07:9a:77:f3:7c:83:16:e5:47:0f:
47:28:af:10:2f:64:35:0a:0e:4a:a2:fd:b0:cb:72:c1:42:49:
3e:79:4a:a0:c0:23:78:07:f1:f7:72:14:1b:31:e0:d8:00:e0:
46:f0:1c:78:71:45:c6:5c:ef:88:80:9b:8d:2d:19:34:24:a6:
c5:24:3a:3d:dd:83:c8:63:ca:14:4f:16:81:c7:0f:5a:99:ca:
af:c2:41:ef:d5:19:8c:0e:27:3a:4a:5c:5a:ff:49:d4:d7:10:
69:8e:b4:e1:fe:fd:89:06:24:97:b4:f6:e5:53:ab:b9:2d:37:
19:f1:37:10:24:91:82:17:e7:11:fc:1c:b0:e2:95:78:13:91:
f2:99:06:47:c4:7e:1c:4d:6e:29:fd:01:07:cb:2f:80:63:84:
2a:11:23:ba
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVzkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTkxNjUwWhcNMjUwNDA3MTkxNjUwWjAYMRYw
FAYDVQQDEw02N2JjYzVhNS0xMGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn4MF/mZzdoJ7S1vWGRTA4Y/rWsO4UGOsAGNnsOOejDqRLtp1NMcwn1fV
XBrT3XmoSngl4KHnf6l0pMlU5YomIp/P+VgVG6YyBE5cMaok1vDWt3paCSIBjIPR
MaABEMNO9wMkfYuCT0FiPlVBBebtO+CqJcgXxwC0xSqqWj5wNx+/6p8OiSGA+rFA
hwUZ/+jvImQul2pVhafloWaswdYjis7s0yzptDtU2ie9qHAQ6AQxPohu32hE2lon
99KzsKxIowuFd51tG/8ZghT+VdR9ew/VkYT9356U8csGbWMCRCchzqnxeYQSR4kN
xSdIGJe5Nu8iHqBVTbYmXcSFJDJWbwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMwO
e0Wjp+4vxvPNssDkItyUhn1QMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FN0UzRUZFMEYyRTMxMUVGOTUxRUE4NzQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8sMA0GCSqGSIb3DQEB
CwUAA4IBAQDEhmGyqHwbfJZsXmXZlHwd3n2CqJHD6ZIstvrQE65RxA+PB6m9V/+4
oAd6rgWARIBk78fjCG/w15h9cn+OZuw5Yo2TRarjriaaw3pAKMDpdJQi8DV0fdpV
CpBRr3V2dPaXbgead/N8gxblRw9HKK8QL2Q1Cg5Kov2wy3LBQkk+eUqgwCN4B/H3
chQbMeDYAOBG8Bx4cUXGXO+IgJuNLRk0JKbFJDo93YPIY8oUTxaBxw9amcqvwkHv
1RmMDic6Slxa/0nU1xBpjrTh/v2JBiSXtPblU6u5LTcZ8TcQJJGCF+cR/Byw4pV4
E5HymQZHxH4cTW4p/QEHyy+AY4QqESO6
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:44:01 2025 by rpki-client