Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/973CF46C16A911F0B1E17CC76DB8BCC6.roa
File: 973CF46C16A911F0B1E17CC76DB8BCC6.roa (raw, json)
Hash identifier: qHRyegrUXbHXS2pa+E8h8zmfIxosT9kAoH4G7WeBKCc=
Subject key identifier: 3A:2C:71:DD:5D:5B:6F:22:64:3F:0A:3E:AE:10:68:02:18:35:0A:98
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0178D1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/973CF46C16A911F0B1E17CC76DB8BCC6.roa
Signing time: Fri 11 Apr 2025 07:50:09 +0000
ROA not before: Fri 11 Apr 2025 07:50:05 +0000
ROA not after: Sat 17 May 2025 07:50:05 +0000
asID: 57043
IP address blocks: 154.86.115.0/24 maxlen: 24
154.86.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96465 (0x178d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 11 07:50:05 2025 GMT
Not After : May 17 07:50:05 2025 GMT
Subject: CN=67f8c9b1-0fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:71:4a:4c:74:55:c6:94:4e:1c:d6:01:48:c9:
c3:87:2d:25:b8:61:17:ed:0f:7a:0f:cc:98:c4:0f:
84:c0:a8:f5:be:0a:0d:66:2c:ce:b8:d5:17:d7:3f:
cd:1c:f2:f8:8e:db:d8:2f:d7:4a:4b:cc:bc:22:93:
b4:fb:ec:59:ae:ab:2f:ab:88:77:c0:cb:bd:92:24:
47:82:9c:07:8d:e5:a5:9e:02:c6:5b:3e:f9:f2:87:
ef:47:5c:63:d6:2b:11:d8:2d:e5:5e:40:0d:f3:75:
c4:e9:0a:12:70:45:5f:92:da:38:53:25:1c:df:46:
bc:32:9e:62:7f:18:57:09:f7:4a:52:e9:12:21:e1:
7d:95:d4:aa:9f:3b:51:8d:c8:38:ae:88:d1:38:d0:
d0:8b:fa:a9:26:c0:0e:f3:65:23:bf:ca:01:68:0c:
c7:d0:e6:1a:cf:51:d7:ac:c5:06:73:f9:70:51:e6:
e6:41:09:d7:0b:6a:23:01:b2:15:7c:d0:89:8d:59:
da:3e:c2:91:43:78:13:f7:47:b3:37:8b:35:96:c5:
1f:10:1f:2c:47:b6:af:7d:7c:5e:13:f5:5d:f0:25:
d5:85:0a:f2:73:0b:24:05:ff:75:03:9a:bb:90:27:
f8:80:d6:91:05:6d:33:8d:0d:07:08:64:65:51:d4:
a9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2C:71:DD:5D:5B:6F:22:64:3F:0A:3E:AE:10:68:02:18:35:0A:98
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/973CF46C16A911F0B1E17CC76DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.115.0/24
154.86.119.0/24
Signature Algorithm: sha256WithRSAEncryption
74:8f:8f:96:66:71:99:1d:62:a5:0d:bd:26:22:02:43:43:1c:
08:ed:ec:76:4c:f3:f2:b1:c5:93:2b:a4:af:8e:1a:68:c5:0f:
c7:a6:87:6a:5c:64:fc:96:dc:ca:71:6c:7b:a8:41:66:3d:83:
0c:da:46:61:6b:3e:2f:d2:49:88:87:b5:bf:8b:aa:64:93:64:
57:51:41:9a:ef:86:3d:84:03:4d:b6:23:bc:fb:c9:47:aa:77:
a6:df:a6:e9:32:c0:bd:d1:11:e5:4a:17:47:21:ea:c1:cf:31:
5a:f0:80:52:08:96:6b:09:79:19:df:d5:4f:e2:ba:6e:3e:20:
de:6a:ef:74:c0:5a:f8:56:60:c1:15:dd:eb:5b:c9:ea:de:61:
1b:e0:10:0e:bd:9a:1e:9b:ba:3f:7e:55:19:8c:ad:ab:62:a0:
e4:67:cb:23:3c:6e:b4:c7:a6:5e:91:cd:56:f7:1f:27:59:b3:
68:b4:79:2d:59:40:35:59:fe:63:2f:5f:ee:9f:77:5c:53:2c:
aa:21:cf:df:fc:86:f2:84:5d:74:b4:12:51:cd:11:65:0e:56:
4a:dd:6b:c2:92:f4:3d:cf:0e:75:cc:f1:30:94:5c:7b:10:bb:
d4:1a:86:ef:8d:48:33:57:2b:06:32:85:7b:a4:22:c0:1a:6f:
12:94:b3:64
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXjRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDExMDc1MDA1WhcNMjUwNTE3MDc1MDA1WjAYMRYw
FAYDVQQDEw02N2Y4YzliMS0wZmE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyHFKTHRVxpROHNYBSMnDhy0luGEX7Q96D8yYxA+EwKj1vgoNZizOuNUX
1z/NHPL4jtvYL9dKS8y8IpO0++xZrqsvq4h3wMu9kiRHgpwHjeWlngLGWz758ofv
R1xj1isR2C3lXkAN83XE6QoScEVfkto4UyUc30a8Mp5ifxhXCfdKUukSIeF9ldSq
nztRjcg4rojRONDQi/qpJsAO82Ujv8oBaAzH0OYaz1HXrMUGc/lwUebmQQnXC2oj
AbIVfNCJjVnaPsKRQ3gT90ezN4s1lsUfEB8sR7avfXxeE/Vd8CXVhQrycwskBf91
A5q7kCf4gNaRBW0zjQ0HCGRlUdSptwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDos
cd1dW28iZD8KPq4QaAIYNQqYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NzNDRjQ2QzE2QTkxMUYwQjFFMTdDQzc2REI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlZzAwQAmlZ3MA0GCSqG
SIb3DQEBCwUAA4IBAQB0j4+WZnGZHWKlDb0mIgJDQxwI7ex2TPPyscWTK6Svjhpo
xQ/HpodqXGT8ltzKcWx7qEFmPYMM2kZhaz4v0kmIh7W/i6pkk2RXUUGa74Y9hANN
tiO8+8lHqnem36bpMsC90RHlShdHIerBzzFa8IBSCJZrCXkZ39VP4rpuPiDeau90
wFr4VmDBFd3rW8nq3mEb4BAOvZoem7o/flUZjK2rYqDkZ8sjPG60x6Zekc1W9x8n
WbNotHktWUA1Wf5jL1/un3dcUyyqIc/f/IbyhF10tBJRzRFlDlZK3WvCkvQ9zw51
zPEwlFx7ELvUGobvjUgzVysGMoV7pCLAGm8SlLNk
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:48:43 2025 by rpki-client