Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24DD2AE028C411F0973009B9DAE4EC9C.roa
File: 24DD2AE028C411F0973009B9DAE4EC9C.roa (raw, json)
Hash identifier: sMSL8Ea9b416g8IGAEmajGU6zL90XDd2C+tEMElkiLA=
Subject key identifier: 4C:CF:A6:71:CE:EE:19:95:21:BB:01:8A:9B:4A:C0:05:5E:E6:F5:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017EC4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24DD2AE028C411F0973009B9DAE4EC9C.roa
Signing time: Sun 04 May 2025 08:45:35 +0000
ROA not before: Sun 04 May 2025 08:45:30 +0000
ROA not after: Wed 11 Jun 2025 08:45:30 +0000
asID: 214143
IP address blocks: 154.81.132.0/22 maxlen: 24
154.81.138.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97988 (0x17ec4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 4 08:45:30 2025 GMT
Not After : Jun 11 08:45:30 2025 GMT
Subject: CN=6817292f-1c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:61:bd:e9:3b:9a:e6:44:ab:01:c1:4e:37:5d:
dc:72:f4:80:9d:fa:a8:99:a8:03:ea:1f:05:0d:14:
98:64:97:28:e0:84:5e:e6:14:c2:ea:8d:55:5b:7d:
4b:79:36:63:5d:44:da:7f:9e:9b:b9:9b:2f:11:14:
7c:b5:cd:68:2b:28:bd:0d:9a:58:77:65:66:35:05:
44:b6:02:34:7b:6e:31:4c:da:ac:48:a9:a2:bb:c0:
34:d0:97:4f:55:c8:30:39:d5:ba:ac:ae:17:fc:1a:
49:ad:ff:02:1c:ce:f2:bd:b1:2d:8b:6e:de:65:82:
a9:66:b1:8e:33:39:33:e8:6c:c1:e0:30:d4:cd:4d:
96:7f:d0:7b:d6:ed:da:22:64:19:9d:d9:ca:b6:ba:
16:54:cd:85:cc:91:40:3e:fd:53:7b:e5:dc:30:d3:
92:2e:aa:e6:6b:35:dd:d5:26:01:eb:b9:60:8f:02:
90:37:c5:44:9a:a3:b8:64:4c:bd:e4:e7:e6:b4:8e:
e8:5b:bf:68:fc:ce:cb:ca:7f:91:cc:9d:a7:7c:66:
3e:3e:f8:2d:9f:11:1e:38:2d:dc:c9:c2:a4:96:69:
06:6e:0f:ee:ed:41:84:c2:fb:2c:8b:a9:b2:1c:a6:
e9:c1:c2:cc:a9:07:8c:0a:1c:d1:94:1e:66:a0:e2:
7c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CF:A6:71:CE:EE:19:95:21:BB:01:8A:9B:4A:C0:05:5E:E6:F5:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24DD2AE028C411F0973009B9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.132.0/22
154.81.138.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:3e:d0:62:1d:6b:c6:a6:97:67:9a:93:55:1b:f2:a7:22:7e:
44:fd:4d:99:8a:ce:65:b9:ec:2b:e5:a6:2b:c5:85:99:33:ba:
94:79:9d:0c:bb:2b:ff:43:c2:ad:0c:d5:ee:ad:01:0c:15:7c:
65:de:fc:5f:4b:3d:7f:81:31:af:7e:d2:3b:ee:c8:af:46:55:
2c:e6:61:8a:86:27:9f:2c:4d:b9:94:61:d7:e8:db:11:79:68:
94:2a:45:92:21:cc:c0:8d:80:7b:bb:5e:31:16:76:ef:30:08:
9e:b0:65:21:aa:56:cb:47:32:ac:f2:08:e7:68:8e:c3:1e:05:
dc:c8:21:97:85:b4:67:db:91:ec:55:de:30:d6:90:61:8f:ba:
2e:45:2a:3e:eb:06:4d:b4:46:f7:fd:84:b2:cb:8a:55:ce:32:
3a:df:84:85:19:e4:b5:28:96:07:b1:94:64:10:84:c7:ca:79:
cf:59:29:c7:81:29:af:19:09:5e:80:2b:e6:b6:63:30:4e:db:
0e:00:ba:10:bf:7c:53:1e:a5:b9:f0:85:c7:fc:f6:5e:e3:61:
b2:f8:86:7f:ad:f7:0a:b2:39:7c:70:b8:45:18:65:a7:6e:98:
d0:19:cc:fb:81:a3:10:36:00:d5:55:12:ac:3a:35:59:57:72:
32:5a:31:90
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAX7EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA0MDg0NTMwWhcNMjUwNjExMDg0NTMwWjAYMRYw
FAYDVQQDEw02ODE3MjkyZi0xYzVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy2G96Tua5kSrAcFON13ccvSAnfqomagD6h8FDRSYZJco4IRe5hTC6o1V
W31LeTZjXUTaf56buZsvERR8tc1oKyi9DZpYd2VmNQVEtgI0e24xTNqsSKmiu8A0
0JdPVcgwOdW6rK4X/BpJrf8CHM7yvbEti27eZYKpZrGOMzkz6GzB4DDUzU2Wf9B7
1u3aImQZndnKtroWVM2FzJFAPv1Te+XcMNOSLqrmazXd1SYB67lgjwKQN8VEmqO4
ZEy95OfmtI7oW79o/M7Lyn+RzJ2nfGY+PvgtnxEeOC3cycKklmkGbg/u7UGEwvss
i6myHKbpwcLMqQeMChzRlB5moOJ8GwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFEzP
pnHO7hmVIbsBiptKwAVe5vXaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNEREMkFFMDI4QzQxMUYwOTczMDA5QjlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlGEAwQBmlGKMA0GCSqG
SIb3DQEBCwUAA4IBAQCOPtBiHWvGppdnmpNVG/KnIn5E/U2Zis5luewr5aYrxYWZ
M7qUeZ0Muyv/Q8KtDNXurQEMFXxl3vxfSz1/gTGvftI77sivRlUs5mGKhiefLE25
lGHX6NsReWiUKkWSIczAjYB7u14xFnbvMAiesGUhqlbLRzKs8gjnaI7DHgXcyCGX
hbRn25HsVd4w1pBhj7ouRSo+6wZNtEb3/YSyy4pVzjI634SFGeS1KJYHsZRkEITH
ynnPWSnHgSmvGQlegCvmtmMwTtsOALoQv3xTHqW58IXH/PZe42Gy+IZ/rfcKsjl8
cLhFGGWnbpjQGcz7gaMQNgDVVRKsOjVZV3IyWjGQ
-----END CERTIFICATE-----
Generated at Wed May 7 22:13:16 2025 by rpki-client