Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CF937282B2B11F0B723CBC9DAE4EC9C.roa
File: 2CF937282B2B11F0B723CBC9DAE4EC9C.roa (raw, json)
Hash identifier: SAHIquAjug/m6LwXLI9HilceWcQ0iNf9gRH09Qns2Pg=
Subject key identifier: 3F:36:29:37:27:B5:95:96:04:C8:97:C5:48:72:A4:9F:25:A4:A3:F9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017F55
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CF937282B2B11F0B723CBC9DAE4EC9C.roa
Signing time: Wed 07 May 2025 10:08:09 +0000
ROA not before: Wed 07 May 2025 10:08:04 +0000
ROA not after: Sat 14 Jun 2025 10:08:04 +0000
asID: 210542
IP address blocks: 154.91.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98133 (0x17f55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 7 10:08:04 2025 GMT
Not After : Jun 14 10:08:04 2025 GMT
Subject: CN=681b3109-b647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:20:33:e2:03:6a:3c:9c:80:38:0f:b2:64:5e:
c3:00:73:b5:96:4c:c9:2e:84:3d:1f:54:6d:3f:05:
7b:b9:10:f1:a2:20:cc:3a:b3:13:58:a7:4b:ff:09:
9e:a2:81:bc:e0:11:4f:7b:0d:b6:c9:e1:6f:76:67:
08:50:f6:37:b8:b0:8c:20:f9:e2:99:1d:36:02:d2:
a9:79:fd:78:bf:2f:b8:e1:f8:3a:b8:29:1d:aa:37:
83:4e:ba:c0:1e:28:5c:df:d9:69:ba:2c:6b:ca:b1:
d9:b3:68:a8:d2:f1:64:00:2f:07:6c:dc:15:c5:f9:
80:e4:4c:d5:9a:ba:7b:d7:ac:58:d1:ee:95:21:60:
6c:bd:e1:31:38:5c:5c:01:3c:d2:d4:bd:7b:69:81:
db:6c:b1:a4:e7:fb:c1:6e:c4:ac:d8:9c:af:0e:4b:
9e:56:0f:33:38:37:01:0f:21:86:d6:89:8e:c5:d2:
29:60:03:fd:c3:ad:a8:71:11:26:28:40:d9:24:98:
15:c6:78:31:ad:5b:5a:21:9d:56:31:be:42:cf:b0:
ec:98:e6:b8:5d:52:bd:d1:4b:d4:be:21:1b:bf:c8:
b8:1c:88:fc:16:e4:90:23:60:74:35:c5:37:a7:b8:
8d:2a:8d:0d:05:f6:b1:43:d4:2c:d3:3d:3f:86:c9:
88:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:36:29:37:27:B5:95:96:04:C8:97:C5:48:72:A4:9F:25:A4:A3:F9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CF937282B2B11F0B723CBC9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.201.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:c7:21:87:93:92:be:dc:de:ea:d4:be:3f:c7:98:57:9d:00:
f4:7b:76:6f:c1:d8:ec:ea:fc:79:1a:03:dd:d5:05:62:fe:1f:
35:2d:3a:a5:57:bc:c8:f8:8f:19:6f:5c:8a:d9:4b:61:b7:0c:
8b:a2:3c:fc:b0:bc:fc:cf:37:be:b1:59:bb:a3:92:d3:00:5f:
66:f8:33:34:23:27:08:10:50:5a:55:c5:0c:47:af:dd:d1:a8:
b2:7d:c5:97:51:8d:22:68:8a:41:63:0b:ad:50:ef:f1:5e:cf:
f3:1a:6e:cd:b3:87:42:5d:e7:40:e7:2d:ee:45:f2:5a:c0:ec:
c9:48:62:1e:2d:a8:6c:13:74:82:54:a8:30:34:9e:de:ad:df:
bb:8e:9e:9f:43:f5:9a:4e:38:21:26:aa:86:b8:4b:48:f4:4b:
ef:16:51:ba:4e:d7:98:bb:e4:ce:76:e5:01:32:f9:e5:a0:c6:
c2:4f:57:5e:0d:5a:59:69:a3:35:54:3d:5f:83:3c:8d:a2:a5:
81:e8:cb:b2:5a:eb:6f:ae:3f:6c:3b:66:ca:64:82:43:68:3c:
bd:74:ed:a7:f1:b6:c3:53:1f:39:5b:d9:0e:22:75:c0:18:a4:
30:4d:d3:43:a0:bb:ff:c2:61:b8:5b:42:0a:48:6d:d6:6b:76:
72:62:b4:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX9VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA3MTAwODA0WhcNMjUwNjE0MTAwODA0WjAYMRYw
FAYDVQQDEw02ODFiMzEwOS1iNjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzSAz4gNqPJyAOA+yZF7DAHO1lkzJLoQ9H1RtPwV7uRDxoiDMOrMTWKdL
/wmeooG84BFPew22yeFvdmcIUPY3uLCMIPnimR02AtKpef14vy+44fg6uCkdqjeD
TrrAHihc39lpuixryrHZs2io0vFkAC8HbNwVxfmA5EzVmrp716xY0e6VIWBsveEx
OFxcATzS1L17aYHbbLGk5/vBbsSs2JyvDkueVg8zODcBDyGG1omOxdIpYAP9w62o
cREmKEDZJJgVxngxrVtaIZ1WMb5Cz7DsmOa4XVK90UvUviEbv8i4HIj8FuSQI2B0
NcU3p7iNKo0NBfaxQ9Qs0z0/hsmIXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD82
KTcntZWWBMiXxUhypJ8lpKP5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0Y5MzcyODJCMkIxMUYwQjcyM0NCQzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlvJMA0GCSqGSIb3DQEB
CwUAA4IBAQCrxyGHk5K+3N7q1L4/x5hXnQD0e3Zvwdjs6vx5GgPd1QVi/h81LTql
V7zI+I8Zb1yK2UthtwyLojz8sLz8zze+sVm7o5LTAF9m+DM0IycIEFBaVcUMR6/d
0aiyfcWXUY0iaIpBYwutUO/xXs/zGm7Ns4dCXedA5y3uRfJawOzJSGIeLahsE3SC
VKgwNJ7erd+7jp6fQ/WaTjghJqqGuEtI9EvvFlG6TteYu+TOduUBMvnloMbCT1de
DVpZaaM1VD1fgzyNoqWB6MuyWutvrj9sO2bKZIJDaDy9dO2n8bbDUx85W9kOInXA
GKQwTdNDoLv/wmG4W0IKSG3Wa3ZyYrQV
-----END CERTIFICATE-----
Generated at Thu May 15 23:47:11 2025 by rpki-client