Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9894E0204C311F0920CF05E762E951A.roa
File: E9894E0204C311F0920CF05E762E951A.roa (raw, json)
Hash identifier: bKOGNz26k8orfgjhIzkbojO2xF4tHPlncsVQyt3eURk=
Subject key identifier: BB:94:E6:C7:DB:E8:5F:97:22:7F:B2:3B:1E:A2:14:3C:B1:81:AB:04
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017518
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9894E0204C311F0920CF05E762E951A.roa
Signing time: Wed 19 Mar 2025 13:13:13 +0000
ROA not before: Wed 19 Mar 2025 13:13:09 +0000
ROA not after: Sun 27 Apr 2025 13:13:09 +0000
asID: 6079
IP address blocks: 154.202.138.0/23 maxlen: 24
154.202.140.0/22 maxlen: 24
154.207.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95512 (0x17518)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 19 13:13:09 2025 GMT
Not After : Apr 27 13:13:09 2025 GMT
Subject: CN=67dac2e9-ebb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:16:3b:42:65:4f:ce:06:a2:c7:99:07:1a:a9:
9e:b5:52:7e:05:53:7e:d0:b5:b6:1b:84:57:9d:f7:
74:40:81:9d:01:e0:5e:80:b8:0b:3c:d2:8f:70:ef:
5e:08:9f:d9:0d:d3:fd:0a:09:90:d4:b1:e4:9e:73:
a7:91:61:21:a2:1e:44:52:88:91:eb:6d:43:73:35:
02:1a:ec:fa:1d:c3:04:f9:be:c3:bd:42:36:3a:42:
17:cb:f0:7b:66:88:98:4d:f1:91:3e:6d:19:e2:95:
8f:e7:84:ff:94:c9:da:c7:3f:c3:27:18:e4:d3:04:
7b:c8:1b:06:e9:5c:e6:d7:15:92:0d:10:a6:89:50:
2e:35:f2:29:3a:18:0b:24:cb:cd:a5:21:56:8d:a1:
eb:63:8b:10:28:0f:33:9f:57:c7:2a:0e:30:34:dd:
23:b2:66:25:e8:a2:fb:d1:e3:88:7f:a8:04:5e:7e:
bb:3c:aa:0e:64:3f:2a:19:85:c4:a6:44:81:d3:ab:
4e:3e:50:d4:c3:3b:37:9b:71:04:ce:36:d2:6f:9a:
b0:a3:98:d0:5b:84:41:20:08:1a:01:85:85:ef:7a:
89:a1:aa:af:90:e2:37:0a:4c:1d:5f:53:91:1f:1c:
84:8b:62:ae:ca:f6:2b:d4:d5:90:f7:0c:a3:40:06:
18:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:94:E6:C7:DB:E8:5F:97:22:7F:B2:3B:1E:A2:14:3C:B1:81:AB:04
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E9894E0204C311F0920CF05E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.138.0-154.202.143.255
154.207.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b5:af:b8:fb:7d:86:0d:a7:db:ed:d0:27:0b:04:34:52:3c:a5:
ea:44:53:e8:a9:7a:21:8e:8d:81:9d:6c:fb:9e:5c:ef:db:08:
1a:c9:1d:97:2d:fd:d7:98:55:b6:a4:af:de:e7:5a:19:48:53:
50:c6:3e:a7:58:31:7a:1c:f2:13:92:5f:b4:0b:e6:db:ad:d7:
77:9f:81:90:1d:b2:fb:f8:25:1e:55:35:43:af:4b:7f:91:b0:
15:ed:7e:eb:77:d3:6d:91:e1:9a:2d:03:fa:f6:27:b1:6e:54:
c0:62:49:da:c5:74:88:4f:46:0b:3f:27:bb:c3:c1:d8:de:5e:
b8:93:cf:81:ac:69:1b:48:4c:5f:47:28:cf:d3:57:f3:ef:67:
86:9f:ca:cf:a6:d7:30:c9:a5:c6:9e:e5:75:47:73:c8:63:aa:
4c:7d:69:74:6d:f5:cd:51:42:2c:73:ee:e6:47:24:3f:f2:25:
56:b8:c1:fa:de:63:d7:ed:c8:1f:47:8d:0b:81:49:c6:89:f8:
b7:c4:42:46:3c:de:6a:05:17:35:3b:7b:11:89:55:e6:c5:f2:
9c:6e:c0:b0:df:75:9d:d4:79:4b:84:c3:9f:f5:9e:fa:f0:62:
27:4a:b1:57:d3:b8:bd:6e:4f:a5:b8:17:00:3b:62:26:56:27:
4c:d6:c7:b9
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXUYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE5MTMxMzA5WhcNMjUwNDI3MTMxMzA5WjAYMRYw
FAYDVQQDEw02N2RhYzJlOS1lYmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4hY7QmVPzgaix5kHGqmetVJ+BVN+0LW2G4RXnfd0QIGdAeBegLgLPNKP
cO9eCJ/ZDdP9CgmQ1LHknnOnkWEhoh5EUoiR621DczUCGuz6HcME+b7DvUI2OkIX
y/B7ZoiYTfGRPm0Z4pWP54T/lMnaxz/DJxjk0wR7yBsG6Vzm1xWSDRCmiVAuNfIp
OhgLJMvNpSFWjaHrY4sQKA8zn1fHKg4wNN0jsmYl6KL70eOIf6gEXn67PKoOZD8q
GYXEpkSB06tOPlDUwzs3m3EEzjbSb5qwo5jQW4RBIAgaAYWF73qJoaqvkOI3Ckwd
X1ORHxyEi2KuyvYr1NWQ9wyjQAYYPQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFLuU
5sfb6F+XIn+yOx6iFDyxgasEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOTg5NEUwMjA0QzMxMUYwOTIwQ0YwNUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAGayooDBASayoADBAWa
zwAwDQYJKoZIhvcNAQELBQADggEBALWvuPt9hg2n2+3QJwsENFI8pepEU+ipeiGO
jYGdbPueXO/bCBrJHZct/deYVbakr97nWhlIU1DGPqdYMXoc8hOSX7QL5tut13ef
gZAdsvv4JR5VNUOvS3+RsBXtfut3022R4ZotA/r2J7FuVMBiSdrFdIhPRgs/J7vD
wdjeXriTz4GsaRtITF9HKM/TV/PvZ4afys+m1zDJpcae5XVHc8hjqkx9aXRt9c1R
Qixz7uZHJD/yJVa4wfreY9ftyB9HjQuBScaJ+LfEQkY83moFFzU7exGJVebF8pxu
wLDfdZ3UeUuEw5/1nvrwYidKsVfTuL1uT6W4FwA7YiZWJ0zWx7k=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:50 2025 by rpki-client