Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E59718024F411F0875DDFB0DAE4EC9C.roa
File: 0E59718024F411F0875DDFB0DAE4EC9C.roa (raw, json)
Hash identifier: q/pkJd/4WuXnWCXou2Xp8wMSLvZEvZdL0PJYz5o8M1A=
Subject key identifier: 9B:1D:F0:70:90:2D:90:8C:A5:60:43:8B:44:28:76:36:AE:29:88:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017CF1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E59718024F411F0875DDFB0DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 12:18:28 +0000
ROA not before: Tue 29 Apr 2025 12:18:23 +0000
ROA not after: Fri 04 Jul 2025 12:18:23 +0000
asID: 140666
IP address blocks: 154.94.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97521 (0x17cf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 12:18:23 2025 GMT
Not After : Jul 4 12:18:23 2025 GMT
Subject: CN=6810c394-718c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:38:c9:bb:5d:6b:20:57:85:b3:19:d2:52:63:
e7:7b:b6:49:0f:ce:01:5e:86:10:41:7d:83:d0:20:
08:e4:e7:2d:99:5d:45:7d:c9:e6:76:87:77:cd:a4:
49:ad:86:e2:b8:b0:a5:cc:a6:d9:35:1c:b0:2a:a0:
97:fc:20:a7:a7:b1:d9:6a:7a:6d:f5:1c:77:3c:4e:
e3:f8:61:95:d1:ae:be:df:75:8b:1b:9e:c3:64:47:
36:1b:86:ca:e6:68:0d:3a:92:52:28:04:fe:8c:4d:
e4:ae:f1:2b:7a:1f:a1:95:0f:92:4b:91:0f:90:39:
70:f9:72:2e:0c:10:7c:b6:d3:b8:fd:67:a2:a3:b8:
ef:ca:99:20:0c:41:30:55:dd:c3:46:e4:1c:a4:54:
fa:8e:bf:c0:b0:80:89:dd:26:ef:51:d8:2f:e6:2d:
40:7f:ba:e8:07:5d:c4:77:a6:d6:47:48:4a:67:6c:
32:21:7d:f3:15:e1:87:16:3e:dd:d3:57:7b:b8:3e:
07:1b:ec:57:7d:f8:92:ab:ad:84:62:f6:cb:cd:85:
ab:58:71:05:42:e7:aa:ba:c3:62:60:ab:c6:2d:51:
25:51:bf:d9:97:ab:85:35:79:c3:e9:02:46:48:e5:
da:5b:c5:ba:92:9c:f1:ea:4e:b7:dc:de:db:a9:63:
c7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1D:F0:70:90:2D:90:8C:A5:60:43:8B:44:28:76:36:AE:29:88:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E59718024F411F0875DDFB0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.68.0/24
Signature Algorithm: sha256WithRSAEncryption
35:1e:b1:52:ce:29:b5:69:1e:20:e0:c3:c7:ce:59:65:88:73:
d5:e3:31:74:b6:04:20:12:d5:1a:f3:05:71:5b:ba:43:ec:4e:
ff:b0:13:be:9e:86:f8:fb:36:cf:03:f7:3c:da:41:70:ec:50:
f2:48:15:4a:e5:a2:b5:7f:a8:d5:5e:1b:a1:b2:65:72:f9:ee:
65:dc:8c:64:f7:79:ba:0f:c1:a7:cf:3a:39:40:71:e5:14:fa:
79:5e:52:1f:b4:2b:41:03:39:61:ff:be:3d:72:90:6e:61:05:
81:5a:cb:0e:c3:b5:30:95:2e:df:5a:98:74:b0:47:37:61:e5:
18:69:1b:0e:bf:f8:6c:4f:3f:ed:15:2c:3a:1a:aa:60:e0:72:
e5:28:9f:46:ea:60:4f:4b:a5:a4:f2:87:d9:b4:4d:28:37:77:
f6:2a:82:3a:39:7a:51:95:dd:c6:40:23:5f:5b:3c:c5:00:8a:
5e:6f:64:84:3a:e7:bb:b0:a0:d0:0f:38:33:60:f0:35:da:56:
e3:b2:ee:61:dd:a6:60:11:c3:bf:aa:8a:d3:2f:d7:02:4d:e3:
9c:a0:28:6b:fa:62:e7:4b:92:15:d5:f6:63:3d:62:b8:b6:bd:
8c:57:9d:f6:2b:7b:8c:ec:40:b7:8e:b5:0d:96:fc:08:05:e7:
9d:34:12:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXzxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI5MTIxODIzWhcNMjUwNzA0MTIxODIzWjAYMRYw
FAYDVQQDEw02ODEwYzM5NC03MThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0TjJu11rIFeFsxnSUmPne7ZJD84BXoYQQX2D0CAI5OctmV1Ffcnmdod3
zaRJrYbiuLClzKbZNRywKqCX/CCnp7HZanpt9Rx3PE7j+GGV0a6+33WLG57DZEc2
G4bK5mgNOpJSKAT+jE3krvEreh+hlQ+SS5EPkDlw+XIuDBB8ttO4/Weio7jvypkg
DEEwVd3DRuQcpFT6jr/AsICJ3SbvUdgv5i1Af7roB13Ed6bWR0hKZ2wyIX3zFeGH
Fj7d01d7uD4HG+xXffiSq62EYvbLzYWrWHEFQuequsNiYKvGLVElUb/Zl6uFNXnD
6QJGSOXaW8W6kpzx6k633N7bqWPHYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJsd
8HCQLZCMpWBDi0QodjauKYiOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRTU5NzE4MDI0RjQxMUYwODc1RERGQjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5EMA0GCSqGSIb3DQEB
CwUAA4IBAQA1HrFSzim1aR4g4MPHzllliHPV4zF0tgQgEtUa8wVxW7pD7E7/sBO+
nob4+zbPA/c82kFw7FDySBVK5aK1f6jVXhuhsmVy+e5l3Ixk93m6D8Gnzzo5QHHl
FPp5XlIftCtBAzlh/749cpBuYQWBWssOw7UwlS7fWph0sEc3YeUYaRsOv/hsTz/t
FSw6Gqpg4HLlKJ9G6mBPS6Wk8ofZtE0oN3f2KoI6OXpRld3GQCNfWzzFAIpeb2SE
Oue7sKDQDzgzYPA12lbjsu5h3aZgEcO/qorTL9cCTeOcoChr+mLnS5IV1fZjPWK4
tr2MV532K3uM7EC3jrUNlvwIBeedNBIC
-----END CERTIFICATE-----
Generated at Mon May 12 11:08:52 2025 by rpki-client