Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3B093C226A111F0A779DBE7DAE4EC9C.roa
File: A3B093C226A111F0A779DBE7DAE4EC9C.roa (raw, json)
Hash identifier: mN/OseFRlQsS0bKEUPJ7GDQAi4au89DY+xnCVHKWMco=
Subject key identifier: 34:16:78:82:EE:71:E6:6B:24:B1:61:8A:49:1C:0E:E3:DC:7E:0E:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E2C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3B093C226A111F0A779DBE7DAE4EC9C.roa
Signing time: Thu 01 May 2025 15:33:33 +0000
ROA not before: Thu 01 May 2025 15:33:28 +0000
ROA not after: Fri 28 Apr 2028 15:33:28 +0000
asID: 17561
IP address blocks: 154.95.254.0/24 maxlen: 24
154.95.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97836 (0x17e2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 15:33:28 2025 GMT
Not After : Apr 28 15:33:28 2028 GMT
Subject: CN=6813944d-f0ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a3:45:4d:68:02:ab:91:9d:ba:a7:b5:10:d6:
e7:ca:dc:9c:ae:90:83:da:80:4f:c8:9b:79:f9:1b:
0d:f3:e8:96:ca:f4:f1:9e:43:2c:be:eb:86:f8:35:
c4:6a:05:ac:98:46:bb:ac:5e:d9:ae:74:57:1c:8f:
4b:a1:ea:9d:ec:b7:d3:2c:8a:3a:96:28:30:a8:f9:
e1:bd:d8:01:cd:5c:09:7b:d2:12:ca:6c:16:36:29:
9b:c5:27:55:d2:08:40:ec:69:f4:46:4e:bf:dd:af:
0a:31:82:ca:5a:e5:92:0f:c6:00:29:03:b1:ef:f6:
46:2e:21:bc:2c:03:63:28:b7:e2:3d:9e:25:9f:ba:
ad:8b:cb:5b:8c:86:c1:82:dd:35:57:28:ce:2b:a6:
21:e1:05:99:2b:50:95:98:31:64:6f:96:92:a2:be:
b5:23:4b:da:69:04:f5:64:b1:45:8c:ef:82:e1:7c:
b9:42:c5:da:19:a5:0b:84:0d:46:ea:8d:8f:78:c5:
8b:59:f0:b5:49:47:03:bc:ac:63:f3:0d:55:7a:4e:
dc:a4:7d:50:57:16:92:1d:f5:89:ff:7f:87:68:d6:
b6:fc:07:6f:04:f8:83:f8:0e:9d:2a:7e:06:97:86:
84:3b:a1:40:b1:08:94:bc:8d:73:0e:cd:8c:cc:74:
e2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:16:78:82:EE:71:E6:6B:24:B1:61:8A:49:1C:0E:E3:DC:7E:0E:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3B093C226A111F0A779DBE7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.254.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:0b:19:9d:77:56:52:3f:8a:2f:73:19:06:ad:44:9c:3e:68:
30:ed:c2:0a:73:11:ed:6f:77:c5:97:10:ff:b9:80:b9:d8:70:
d8:00:ba:11:ff:b1:e4:23:52:4e:80:79:bf:a6:75:8a:f0:40:
88:fc:3e:10:1f:66:17:66:bc:2c:ea:e2:8e:cb:6d:eb:33:af:
ec:48:9c:89:db:10:2e:f7:88:d2:f1:91:3f:79:da:3e:52:b9:
9c:e4:76:9f:2f:7e:5e:c5:80:6c:c7:d5:19:1c:1f:c1:c1:7d:
8d:3f:04:f8:a7:12:20:96:d1:e8:86:ed:70:97:86:97:87:70:
87:07:40:fb:aa:ef:6f:07:46:6d:d9:71:78:6a:43:a8:e3:32:
c8:67:5b:ce:7f:69:bd:90:37:bb:4e:e4:ea:16:6a:82:41:41:
43:50:18:26:7f:1a:0b:0c:b5:14:36:31:aa:13:03:f7:e0:65:
1d:51:3d:94:8c:33:37:17:77:45:1b:11:18:60:ef:7b:9e:65:
e0:85:f3:62:67:73:ed:6d:e8:b0:d3:53:7b:d3:87:bc:78:cf:
93:bf:3f:56:e7:66:e8:72:45:26:fb:f7:61:fe:ec:b4:9d:4c:
95:b3:d2:ab:8a:04:f6:e6:da:42:34:6e:67:fe:b1:ff:6e:56:
20:e6:75:9f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX4sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTUzMzI4WhcNMjgwNDI4MTUzMzI4WjAYMRYw
FAYDVQQDEw02ODEzOTQ0ZC1mMGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnaNFTWgCq5Gduqe1ENbnytycrpCD2oBPyJt5+RsN8+iWyvTxnkMsvuuG
+DXEagWsmEa7rF7ZrnRXHI9Loeqd7LfTLIo6ligwqPnhvdgBzVwJe9ISymwWNimb
xSdV0ghA7Gn0Rk6/3a8KMYLKWuWSD8YAKQOx7/ZGLiG8LANjKLfiPZ4ln7qti8tb
jIbBgt01VyjOK6Yh4QWZK1CVmDFkb5aSor61I0vaaQT1ZLFFjO+C4Xy5QsXaGaUL
hA1G6o2PeMWLWfC1SUcDvKxj8w1Vek7cpH1QVxaSHfWJ/3+HaNa2/AdvBPiD+A6d
Kn4Gl4aEO6FAsQiUvI1zDs2MzHTiJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDQW
eILuceZrJLFhikkcDuPcfg7kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BM0IwOTNDMjI2QTExMUYwQTc3OURCRTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml/+MA0GCSqGSIb3DQEB
CwUAA4IBAQAfCxmdd1ZSP4ovcxkGrUScPmgw7cIKcxHtb3fFlxD/uYC52HDYALoR
/7HkI1JOgHm/pnWK8ECI/D4QH2YXZrws6uKOy23rM6/sSJyJ2xAu94jS8ZE/edo+
Urmc5HafL35exYBsx9UZHB/BwX2NPwT4pxIgltHohu1wl4aXh3CHB0D7qu9vB0Zt
2XF4akOo4zLIZ1vOf2m9kDe7TuTqFmqCQUFDUBgmfxoLDLUUNjGqEwP34GUdUT2U
jDM3F3dFGxEYYO97nmXghfNiZ3Ptbeiw01N704e8eM+Tvz9W52bockUm+/dh/uy0
nUyVs9KrigT25tpCNG5n/rH/blYg5nWf
-----END CERTIFICATE-----
Generated at Sat May 10 22:17:22 2025 by rpki-client