Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F318DA68F4DE11EFA328859A762E951A.roa
File: F318DA68F4DE11EFA328859A762E951A.roa (raw, json)
Hash identifier: jU0vpwAhx5Ay9xq2Oh95tnKFppVIWikS4vugumoC4gw=
Subject key identifier: 69:D7:4C:15:C8:63:D7:26:02:FF:71:00:FA:68:C9:FE:99:A4:BF:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0166B9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F318DA68F4DE11EFA328859A762E951A.roa
Signing time: Thu 27 Feb 2025 07:46:27 +0000
ROA not before: Thu 27 Feb 2025 07:46:23 +0000
ROA not after: Sat 19 Feb 2028 07:46:23 +0000
asID: 17561
IP address blocks: 154.212.144.0/24 maxlen: 24
154.212.145.0/24 maxlen: 24
154.212.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91833 (0x166b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 07:46:23 2025 GMT
Not After : Feb 19 07:46:23 2028 GMT
Subject: CN=67c01853-267f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:1e:3f:0c:1c:e6:4e:2e:ba:4e:7e:c5:2b:
16:a0:ba:06:1b:9d:db:fe:51:01:cf:dc:1d:3e:ea:
ba:dd:56:87:f2:76:07:dc:4d:4e:a0:ad:e9:d5:7a:
02:03:55:47:34:62:d4:ad:7a:79:ec:44:ec:93:99:
35:44:7a:d2:79:4a:44:dd:54:bf:10:aa:56:65:36:
87:1b:99:50:c8:a2:45:12:a6:83:7d:2c:de:00:ea:
ef:53:ee:d0:9e:d7:53:dc:7c:50:4d:99:8d:b2:ab:
1b:0a:5a:96:d0:5c:a1:bb:e6:35:cb:de:95:7a:98:
48:ad:e6:26:9a:79:65:2a:8f:37:da:6e:7d:9f:81:
55:ea:90:d5:93:f9:89:ab:0b:6d:ed:a2:76:66:97:
ec:b9:39:91:0f:c7:46:de:47:83:d3:16:3e:45:51:
c0:17:fa:1b:1a:76:7e:b6:63:6f:89:af:39:f1:96:
83:ef:64:27:9b:74:b0:06:23:b7:a2:58:1f:8e:ad:
32:4b:2f:df:f7:c0:37:8f:21:87:19:25:5d:07:e3:
92:28:48:7f:be:94:ae:0e:02:5b:0b:d3:39:f8:bb:
f4:16:a2:14:ba:cc:4a:70:6f:c7:d7:85:49:a1:76:
3f:16:5e:f6:69:c1:d7:8d:5a:a1:ed:94:cd:b8:eb:
5a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D7:4C:15:C8:63:D7:26:02:FF:71:00:FA:68:C9:FE:99:A4:BF:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F318DA68F4DE11EFA328859A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.144.0-154.212.146.255
Signature Algorithm: sha256WithRSAEncryption
cc:f7:c3:07:da:21:74:06:f6:05:d7:da:cc:a2:d6:8e:4e:61:
b3:c4:92:1c:7b:a2:a7:92:2f:72:27:75:7c:ff:64:6b:1e:2d:
1e:bf:11:20:2e:b6:b3:8e:6d:68:c9:a7:b9:4f:09:c8:26:07:
2c:7e:ca:b1:0b:61:ef:db:99:9e:d7:04:ef:6c:11:1b:8d:ad:
6d:8f:2b:9f:45:fc:33:ed:87:18:6e:34:b8:a2:a1:2a:d2:84:
29:80:e0:28:27:f3:da:77:f1:6a:36:e2:5b:d7:ee:a5:7a:9d:
23:2c:a4:88:4e:49:ba:e0:ec:18:83:7a:58:e4:5b:76:cc:ff:
52:19:f5:2b:cc:4f:00:85:37:91:c8:c8:e9:de:8a:fa:01:68:
e3:08:7b:86:f5:c4:7f:2a:e8:22:3b:ca:4e:a3:c3:0f:ac:11:
f0:de:a2:d9:ba:93:9b:ce:b5:86:6e:3d:46:60:60:ae:de:01:
8f:80:f1:6c:aa:9a:86:cf:68:ea:f7:8f:a6:8b:fe:db:36:56:
6b:48:17:ef:61:2c:dd:f2:4b:2f:10:24:97:44:2d:ce:36:19:
70:5e:46:31:5d:61:f5:a8:7c:93:00:f8:57:f0:db:77:d1:5d:
d8:3c:9e:03:c4:28:bd:11:75:bb:2e:f7:25:bc:e9:a4:af:c7:
6d:74:4c:50
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAWa5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDc0NjIzWhcNMjgwMjE5MDc0NjIzWjAYMRYw
FAYDVQQDEw02N2MwMTg1My0yNjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxfYePwwc5k4uuk5+xSsWoLoGG53b/lEBz9wdPuq63VaH8nYH3E1OoK3p
1XoCA1VHNGLUrXp57ETsk5k1RHrSeUpE3VS/EKpWZTaHG5lQyKJFEqaDfSzeAOrv
U+7QntdT3HxQTZmNsqsbClqW0Fyhu+Y1y96VephIreYmmnllKo832m59n4FV6pDV
k/mJqwtt7aJ2ZpfsuTmRD8dG3keD0xY+RVHAF/obGnZ+tmNvia858ZaD72Qnm3Sw
BiO3olgfjq0ySy/f98A3jyGHGSVdB+OSKEh/vpSuDgJbC9M5+Lv0FqIUusxKcG/H
14VJoXY/Fl72acHXjVqh7ZTNuOtaYwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGnX
TBXIY9cmAv9xAPpoyf6ZpL8cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMzE4REE2OEY0REUxMUVGQTMyODg1OUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASa1JADBACa1JIwDQYJ
KoZIhvcNAQELBQADggEBAMz3wwfaIXQG9gXX2syi1o5OYbPEkhx7oqeSL3IndXz/
ZGseLR6/ESAutrOObWjJp7lPCcgmByx+yrELYe/bmZ7XBO9sERuNrW2PK59F/DPt
hxhuNLiioSrShCmA4Cgn89p38Wo24lvX7qV6nSMspIhOSbrg7BiDeljkW3bM/1IZ
9SvMTwCFN5HIyOneivoBaOMIe4b1xH8q6CI7yk6jww+sEfDeotm6k5vOtYZuPUZg
YK7eAY+A8WyqmobPaOr3j6aL/ts2VmtIF+9hLN3ySy8QJJdELc42GXBeRjFdYfWo
fJMA+Ffw23fRXdg8ngPEKL0Rdbsu9yW86aSvx210TFA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:58 2025 by rpki-client