Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01CA2D840CAC11F0971460B4762E951A.roa
File: 01CA2D840CAC11F0971460B4762E951A.roa (raw, json)
Hash identifier: zM7bMnkbWs5uRkm6bOyY5ztwJwidzdappCGBOA/4w70=
Subject key identifier: 3F:6C:CA:B6:9C:62:92:20:65:5D:2B:56:E3:C5:DC:01:85:E8:3E:4E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176A5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01CA2D840CAC11F0971460B4762E951A.roa
Signing time: Sat 29 Mar 2025 14:42:15 +0000
ROA not before: Sat 29 Mar 2025 14:42:11 +0000
ROA not after: Sun 04 May 2025 14:42:11 +0000
asID: 147176
IP address blocks: 154.197.69.0/24 maxlen: 24
154.197.116.0/24 maxlen: 24
154.197.124.0/24 maxlen: 24
154.215.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95909 (0x176a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 29 14:42:11 2025 GMT
Not After : May 4 14:42:11 2025 GMT
Subject: CN=67e806c7-a82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:dd:04:81:8d:f1:87:e5:6a:dc:73:57:31:4b:
74:56:e1:6f:70:31:3a:58:3e:ec:e3:4f:f3:80:7d:
69:8d:3f:52:22:77:fc:f6:76:45:06:a5:4b:1e:dd:
6d:98:da:ef:e1:92:03:ee:ec:8b:cf:2c:2a:de:c6:
fe:fe:3a:d7:d4:ff:f0:4c:33:de:54:bb:71:77:07:
3a:b5:28:a1:88:9e:90:4c:53:da:39:da:13:2c:b3:
46:0a:e5:ef:79:de:b0:e1:ea:43:35:e3:f0:c3:1d:
35:a9:ae:1c:bc:c5:44:00:e7:86:6f:87:2f:4b:be:
0d:15:fa:9f:d1:7f:bb:a8:78:db:70:f4:b8:ba:0f:
6b:2c:83:3e:55:a8:37:ec:4a:7e:7f:04:c5:12:20:
01:db:6c:6c:95:a3:68:e8:c2:b6:da:f6:94:75:41:
0c:70:03:98:b3:c5:d8:e9:92:48:6e:b5:0c:d8:86:
de:47:e6:8c:a0:f7:2d:49:46:25:4c:43:32:91:57:
46:2b:0c:a7:57:e6:63:ce:69:23:e7:08:05:d6:b0:
05:3e:0c:5f:01:49:70:aa:dc:41:40:9c:a0:cf:60:
ae:dc:40:7f:6c:2e:34:e3:b2:3a:0f:7c:86:95:2d:
63:02:c4:27:35:a5:ad:3d:15:84:32:50:c5:26:66:
12:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6C:CA:B6:9C:62:92:20:65:5D:2B:56:E3:C5:DC:01:85:E8:3E:4E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01CA2D840CAC11F0971460B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.69.0/24
154.197.116.0/24
154.197.124.0/24
154.215.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:1d:f9:1d:f5:be:aa:60:0e:df:f8:10:aa:1b:e5:27:83:ee:
ef:f5:b3:69:97:40:a0:77:bd:59:5c:7e:5a:f3:9e:6d:54:6a:
78:f1:2a:a6:43:e1:c0:1a:98:9d:e2:8d:13:f1:3c:87:50:5c:
e6:f7:83:f3:92:1d:0a:0f:71:b5:7c:d3:8b:83:d6:d7:33:dd:
dc:35:90:03:35:37:cc:f9:b6:e7:36:0f:18:86:d4:64:b6:d7:
dd:ab:d3:f6:be:36:19:0f:26:10:17:d6:41:7c:13:ff:e8:2c:
d7:47:40:d4:ba:19:92:30:eb:9a:36:de:15:a3:8a:3e:08:73:
47:29:2e:3b:54:e3:ef:90:0c:5a:58:22:28:99:17:9d:f6:97:
11:f1:1d:0c:11:f1:6d:7f:fc:2f:5b:4a:7e:e6:cc:6c:f5:de:
b7:9b:43:9c:d3:d4:09:74:e1:00:6a:4c:20:c1:f3:27:bc:46:
2b:a0:d1:fe:6c:65:7b:20:a6:cd:04:56:7f:b9:c1:24:32:f5:
2c:68:ca:48:49:31:46:34:bf:6b:35:f7:61:9d:82:d9:a1:54:
d1:80:2c:c4:07:56:01:0c:47:45:8e:7f:6b:99:77:22:95:19:
bd:bc:8c:3e:57:a2:1e:97:9f:e8:a2:ad:7b:ac:45:64:39:a3:
79:2d:1f:ac
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAXalMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTQ0MjExWhcNMjUwNTA0MTQ0MjExWjAYMRYw
FAYDVQQDEw02N2U4MDZjNy1hODJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArt0EgY3xh+Vq3HNXMUt0VuFvcDE6WD7s40/zgH1pjT9SInf89nZFBqVL
Ht1tmNrv4ZID7uyLzywq3sb+/jrX1P/wTDPeVLtxdwc6tSihiJ6QTFPaOdoTLLNG
CuXved6w4epDNePwwx01qa4cvMVEAOeGb4cvS74NFfqf0X+7qHjbcPS4ug9rLIM+
Vag37Ep+fwTFEiAB22xslaNo6MK22vaUdUEMcAOYs8XY6ZJIbrUM2IbeR+aMoPct
SUYlTEMykVdGKwynV+Zjzmkj5wgF1rAFPgxfAUlwqtxBQJygz2Cu3EB/bC4047I6
D3yGlS1jAsQnNaWtPRWEMlDFJmYS/wIDAQABo4ICtzCCArMwHQYDVR0OBBYEFD9s
yracYpIgZV0rVuPF3AGF6D5OMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMUNBMkQ4NDBDQUMxMUYwOTcxNDYwQjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAmsVFAwQAmsV0AwQAmsV8
AwQAmtcOMA0GCSqGSIb3DQEBCwUAA4IBAQBNHfkd9b6qYA7f+BCqG+Ung+7v9bNp
l0Cgd71ZXH5a855tVGp48SqmQ+HAGpid4o0T8TyHUFzm94Pzkh0KD3G1fNOLg9bX
M93cNZADNTfM+bbnNg8YhtRkttfdq9P2vjYZDyYQF9ZBfBP/6CzXR0DUuhmSMOua
Nt4Vo4o+CHNHKS47VOPvkAxaWCIomRed9pcR8R0MEfFtf/wvW0p+5sxs9d63m0Oc
09QJdOEAakwgwfMnvEYroNH+bGV7IKbNBFZ/ucEkMvUsaMpISTFGNL9rNfdhnYLZ
oVTRgCzEB1YBDEdFjn9rmXcilRm9vIw+V6Iel5/ooq17rEVkOaN5LR+s
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:37:25 2025 by rpki-client