Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD94E9341A0A11F0832AA4D66DB8BCC6.roa
File: CD94E9341A0A11F0832AA4D66DB8BCC6.roa (raw, json)
Hash identifier: ZYVbdTXsYyCXbnuQJtR/DBkU469d3Ws9jFMVuP09mvs=
Subject key identifier: 0E:66:6C:94:56:01:AB:ED:DF:A3:DB:3B:A3:30:A4:BB:5C:5B:88:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017949
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD94E9341A0A11F0832AA4D66DB8BCC6.roa
Signing time: Tue 15 Apr 2025 15:03:35 +0000
ROA not before: Tue 15 Apr 2025 15:03:31 +0000
ROA not after: Sun 19 Apr 2026 15:03:31 +0000
asID: 136513
IP address blocks: 154.197.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96585 (0x17949)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 15:03:31 2025 GMT
Not After : Apr 19 15:03:31 2026 GMT
Subject: CN=67fe7547-24dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5a:ae:d8:de:73:d6:f5:4a:b5:9a:78:57:f1:
d3:2f:33:6a:eb:10:6f:60:59:12:c4:e9:d2:3e:af:
2b:27:70:d0:e6:94:75:9f:7e:eb:6f:10:e7:cf:e3:
b2:b0:a8:72:f0:51:2d:69:e6:3d:07:be:e3:69:65:
da:d1:52:23:11:0a:a4:97:4a:61:95:5b:f8:dc:5c:
39:4d:13:dd:74:94:71:04:b1:0a:64:df:77:00:57:
08:01:01:c7:3c:76:4a:55:e9:a5:19:f9:89:de:33:
60:89:cd:c2:5e:59:58:e0:48:2e:08:be:cc:fb:60:
b0:b3:10:8c:3b:9f:82:1a:ff:5f:9e:73:cd:e4:4c:
f0:fe:e0:af:47:49:95:af:b2:37:66:9b:a8:0c:29:
51:3d:49:0b:5e:db:9a:c4:af:5e:6a:d2:94:39:f3:
1d:68:27:fd:2e:3e:60:7e:e0:5d:9a:9b:cb:cf:8d:
bd:d6:60:6e:58:9a:6d:78:8d:5e:cf:0a:ab:c0:f0:
1d:33:52:70:83:04:23:c5:89:83:22:69:34:e9:ea:
e3:91:0a:b5:75:c3:66:f2:23:12:b4:cc:e1:42:ec:
07:f2:d6:36:8a:eb:11:d6:05:ea:c6:3f:9a:ed:ef:
e9:ea:36:b6:c7:72:67:80:dc:2b:3e:01:d7:59:b3:
a9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:66:6C:94:56:01:AB:ED:DF:A3:DB:3B:A3:30:A4:BB:5C:5B:88:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD94E9341A0A11F0832AA4D66DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.0.0/24
Signature Algorithm: sha256WithRSAEncryption
11:bc:aa:85:bb:27:d4:5b:ea:6e:a4:dc:94:1d:5f:f6:fd:b2:
96:3a:69:16:e6:13:02:27:56:ea:2b:67:ea:38:39:5d:68:d4:
51:cc:da:8b:e6:d2:32:4a:b2:38:93:7a:3c:99:3c:d8:1d:3b:
b9:fb:44:44:18:5a:d1:9c:60:b1:4d:74:fc:26:d8:a9:68:b2:
0a:a0:af:37:38:0b:59:4f:2d:97:d6:bf:56:2e:6f:cf:6a:94:
10:53:48:d1:0a:33:bc:a5:28:7e:36:21:8c:ae:ed:e9:37:be:
50:5a:bb:98:f8:56:53:0e:e4:08:54:7f:43:bd:c9:aa:b2:3a:
b3:74:89:17:60:f0:e6:c4:ae:ec:c3:bb:f6:da:eb:87:b4:d5:
b7:ae:93:26:6d:19:20:f4:36:b1:a5:71:8d:ab:be:68:8c:26:
ea:a8:21:79:42:f8:09:f4:c4:f8:8a:1e:9f:f0:4f:29:69:69:
82:76:16:b4:af:1f:82:af:07:0f:cc:10:b5:37:41:0d:41:d9:
42:85:cf:df:85:cb:12:82:b4:89:39:33:36:96:99:f3:f6:0a:
bb:83:80:8d:bd:af:19:71:c8:6d:0f:c5:fc:9c:22:0a:34:45:
db:52:e9:fe:d6:02:3d:2c:b6:2c:27:28:0e:30:13:86:53:47:
6e:2d:f4:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXlJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE1MTUwMzMxWhcNMjYwNDE5MTUwMzMxWjAYMRYw
FAYDVQQDEw02N2ZlNzU0Ny0yNGRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzFqu2N5z1vVKtZp4V/HTLzNq6xBvYFkSxOnSPq8rJ3DQ5pR1n37rbxDn
z+OysKhy8FEtaeY9B77jaWXa0VIjEQqkl0phlVv43Fw5TRPddJRxBLEKZN93AFcI
AQHHPHZKVemlGfmJ3jNgic3CXllY4EguCL7M+2CwsxCMO5+CGv9fnnPN5Ezw/uCv
R0mVr7I3ZpuoDClRPUkLXtuaxK9eatKUOfMdaCf9Lj5gfuBdmpvLz4291mBuWJpt
eI1ezwqrwPAdM1JwgwQjxYmDImk06erjkQq1dcNm8iMStMzhQuwH8tY2iusR1gXq
xj+a7e/p6ja2x3JngNwrPgHXWbOpYQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA5m
bJRWAavt36PbO6MwpLtcW4iCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDk0RTkzNDFBMEExMUYwODMyQUE0RDY2REI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsUAMA0GCSqGSIb3DQEB
CwUAA4IBAQARvKqFuyfUW+pupNyUHV/2/bKWOmkW5hMCJ1bqK2fqODldaNRRzNqL
5tIySrI4k3o8mTzYHTu5+0REGFrRnGCxTXT8JtipaLIKoK83OAtZTy2X1r9WLm/P
apQQU0jRCjO8pSh+NiGMru3pN75QWruY+FZTDuQIVH9DvcmqsjqzdIkXYPDmxK7s
w7v22uuHtNW3rpMmbRkg9DaxpXGNq75ojCbqqCF5QvgJ9MT4ih6f8E8paWmCdha0
rx+CrwcPzBC1N0ENQdlChc/fhcsSgrSJOTM2lpnz9gq7g4CNva8ZcchtD8X8nCIK
NEXbUun+1gI9LLYsJygOMBOGU0duLfRz
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:09:12 2025 by rpki-client