Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3308BCDE120211F0B0648597762E951A.roa
File: 3308BCDE120211F0B0648597762E951A.roa (raw, json)
Hash identifier: sGm8rPqNMuJkGY2PrLZ+KlDgpmLGf6AD2XazALh1/DA=
Subject key identifier: 24:7D:D4:45:69:63:49:9D:DE:85:DF:7C:D6:37:A6:26:DE:69:8A:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0177E6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3308BCDE120211F0B0648597762E951A.roa
Signing time: Sat 05 Apr 2025 09:41:50 +0000
ROA not before: Sat 05 Apr 2025 09:41:45 +0000
ROA not after: Sun 11 May 2025 09:41:45 +0000
asID: 51896
IP address blocks: 154.194.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 04 May 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96230 (0x177e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 5 09:41:45 2025 GMT
Not After : May 11 09:41:45 2025 GMT
Subject: CN=67f0fade-d90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:68:6b:e7:ed:60:41:fe:92:29:bb:95:00:d2:
55:97:26:a3:6c:ef:11:68:61:b0:ac:8b:b5:74:ec:
a5:45:54:ff:f5:21:6b:cf:1e:4b:8c:27:8b:41:37:
e8:bc:2f:8c:53:91:6f:35:42:6a:44:13:9e:77:c7:
9b:91:90:b7:8c:4a:03:1d:41:ad:79:da:84:ba:a4:
22:81:92:bb:3c:2d:42:bb:52:38:44:99:88:72:2c:
69:41:30:1c:c0:a5:34:90:59:f2:14:3c:50:1b:77:
c9:d9:92:19:50:d6:df:16:fb:08:54:b5:60:ca:26:
cc:9d:0f:60:66:c5:f9:5e:31:32:42:95:52:c7:ad:
b3:54:56:e7:4e:cc:86:b9:da:64:18:68:a9:d7:51:
77:f5:f0:63:fa:2f:a4:8d:3b:0b:27:b8:9f:25:6e:
44:20:2e:21:cd:bb:9a:eb:11:aa:60:87:ac:37:84:
b0:22:f8:01:2d:e1:34:be:ac:37:b7:e9:63:65:4f:
65:40:03:16:18:3b:30:a3:c2:11:61:5d:02:55:32:
a9:88:c6:e0:bb:32:1a:90:50:bc:fd:c8:79:b9:72:
29:1d:b4:10:ff:1d:7c:52:0b:ac:b7:c0:ae:23:59:
5c:ab:0f:73:b1:fc:65:87:42:c9:ca:a0:95:e6:de:
74:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7D:D4:45:69:63:49:9D:DE:85:DF:7C:D6:37:A6:26:DE:69:8A:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3308BCDE120211F0B0648597762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.43.0/24
Signature Algorithm: sha256WithRSAEncryption
61:bc:fe:78:78:25:ba:2a:7f:6d:b6:3e:f8:d0:ba:4b:55:18:
19:ae:b3:7e:37:7b:6f:ea:cc:65:c6:84:26:b8:13:ea:5c:d8:
76:20:7e:8d:27:92:bb:ed:fd:61:04:d7:d4:43:b2:dd:cb:e1:
e9:5f:46:9c:be:6a:6b:69:a4:17:0c:13:39:60:e9:01:b8:05:
8c:58:12:e5:7e:ea:fd:d0:f7:ca:9a:a5:2e:5c:29:8f:92:cc:
5e:cb:50:39:87:dd:c9:74:4c:26:99:09:40:cb:86:48:54:34:
e4:56:61:8d:51:b1:cc:6d:51:79:ee:e7:48:6a:ed:29:af:48:
34:b0:da:7b:90:a2:74:33:91:aa:c7:d5:16:e9:8b:1e:4b:e2:
3d:c8:3a:63:77:52:54:ca:d4:f2:a1:cb:f1:3f:f0:0c:d7:79:
a9:49:7c:1b:6a:f9:62:ac:89:64:07:00:06:d0:b7:3b:b7:d0:
a1:cf:4c:ef:ba:ba:4a:5b:09:48:8e:d7:b1:31:ca:75:a1:8c:
ca:b4:6c:d6:45:fd:06:be:45:7b:a9:7b:92:79:7b:97:72:ab:
13:7d:2a:a2:a6:85:b5:3f:48:ae:e3:87:38:22:60:85:2f:3c:
25:64:87:f8:51:c1:7b:7b:0b:00:87:5b:d7:32:9d:5a:eb:45:
65:b3:d9:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXfmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA1MDk0MTQ1WhcNMjUwNTExMDk0MTQ1WjAYMRYw
FAYDVQQDEw02N2YwZmFkZS1kOTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA72hr5+1gQf6SKbuVANJVlyajbO8RaGGwrIu1dOylRVT/9SFrzx5LjCeL
QTfovC+MU5FvNUJqRBOed8ebkZC3jEoDHUGtedqEuqQigZK7PC1Cu1I4RJmIcixp
QTAcwKU0kFnyFDxQG3fJ2ZIZUNbfFvsIVLVgyibMnQ9gZsX5XjEyQpVSx62zVFbn
TsyGudpkGGip11F39fBj+i+kjTsLJ7ifJW5EIC4hzbua6xGqYIesN4SwIvgBLeE0
vqw3t+ljZU9lQAMWGDswo8IRYV0CVTKpiMbguzIakFC8/ch5uXIpHbQQ/x18Ugus
t8CuI1lcqw9zsfxlh0LJyqCV5t50EQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCR9
1EVpY0md3oXffNY3pibeaYq4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMzA4QkNERTEyMDIxMUYwQjA2NDg1OTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIrMA0GCSqGSIb3DQEB
CwUAA4IBAQBhvP54eCW6Kn9ttj740LpLVRgZrrN+N3tv6sxlxoQmuBPqXNh2IH6N
J5K77f1hBNfUQ7Ldy+HpX0acvmpraaQXDBM5YOkBuAWMWBLlfur90PfKmqUuXCmP
ksxey1A5h93JdEwmmQlAy4ZIVDTkVmGNUbHMbVF57udIau0pr0g0sNp7kKJ0M5Gq
x9UW6YseS+I9yDpjd1JUytTyocvxP/AM13mpSXwbavlirIlkBwAG0Lc7t9Chz0zv
urpKWwlIjtexMcp1oYzKtGzWRf0GvkV7qXuSeXuXcqsTfSqipoW1P0iu44c4ImCF
LzwlZIf4UcF7ewsAh1vXMp1a60Vls9kI
-----END CERTIFICATE-----
Generated at Fri May 2 21:38:57 2025 by rpki-client