Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D96CED6243011F0818A868DDAE4EC9C.roa
File: 2D96CED6243011F0818A868DDAE4EC9C.roa (raw, json)
Hash identifier: IHY6DRdo8lk+ciNGeKOoOEzGT8TozGHHjYv833GdQMo=
Subject key identifier: CB:5B:76:D0:7A:E3:D2:13:A8:AA:AC:B3:7E:96:4A:5E:F2:F1:C5:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BC5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D96CED6243011F0818A868DDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 12:56:19 +0000
ROA not before: Mon 28 Apr 2025 12:56:15 +0000
ROA not after: Thu 23 Mar 2028 12:56:15 +0000
asID: 17561
IP address blocks: 154.203.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97221 (0x17bc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 12:56:15 2025 GMT
Not After : Mar 23 12:56:15 2028 GMT
Subject: CN=680f7af3-02f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d3:85:60:06:2d:87:74:4b:e2:4b:c9:1f:2b:
20:c6:40:47:41:9b:82:7f:fb:c0:1b:5a:f5:d8:cd:
31:0e:37:a8:04:da:24:2a:bb:cb:c2:9d:7a:8b:c1:
f8:7e:91:a1:65:0c:c8:e2:94:76:23:46:3e:61:6d:
7a:f4:e1:63:2b:bf:22:34:e4:a0:d8:90:15:09:62:
e3:8c:41:c0:06:12:85:8c:c0:f5:f5:ac:ec:22:7a:
58:bc:79:ce:c1:2b:e9:83:db:c4:08:f2:f9:e9:35:
cf:fe:41:78:32:db:95:12:1a:72:79:00:02:d9:cb:
98:3e:be:c2:0f:87:db:a2:8a:32:9e:1c:43:56:69:
04:91:06:b8:04:36:0f:a2:b4:0e:c5:8b:55:a3:18:
c5:46:9a:30:cf:02:4a:4d:18:36:eb:75:20:48:0f:
6d:47:09:c2:10:ba:5d:c6:33:8f:ff:78:fc:6a:87:
4a:67:b2:0e:91:81:51:7a:e6:80:ae:4c:45:c3:ca:
84:ce:a3:c5:7b:ca:0f:c0:fe:62:60:1c:0e:4f:b7:
c8:07:27:a1:1d:d2:c7:06:d5:75:9f:9a:ba:df:8e:
6b:d1:c3:15:cf:40:e3:f3:06:cf:0c:82:90:93:08:
46:7d:be:42:c1:ee:86:6f:85:03:a3:b7:a4:df:41:
b0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5B:76:D0:7A:E3:D2:13:A8:AA:AC:B3:7E:96:4A:5E:F2:F1:C5:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D96CED6243011F0818A868DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.74.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:14:37:43:5d:c4:2b:4a:a0:66:c4:08:60:21:ce:16:2e:03:
86:46:74:eb:db:61:e8:a2:b3:2c:4d:c7:df:bc:b9:f6:77:53:
6c:72:54:e9:3b:7a:ff:48:6d:3c:8d:75:4a:ef:8c:ca:46:47:
3a:e1:9b:f2:6c:b5:98:37:42:a0:24:f0:c5:1b:34:db:aa:0a:
1e:2b:ec:ea:73:91:57:e4:48:0b:18:73:7d:96:7e:9c:66:f8:
03:c5:85:50:01:b5:b3:51:e0:e8:49:a2:23:d2:2c:11:4e:57:
0e:87:7a:b0:b7:c8:d5:f8:9f:39:d7:b5:17:e1:ce:d0:81:a1:
e8:af:95:6f:c3:eb:49:16:f6:47:37:3d:6c:47:a6:72:13:c2:
92:55:1b:a7:7a:e8:9f:6b:cd:79:a8:3d:cb:af:6b:0e:d9:92:
2a:6c:ce:f6:9a:0c:f8:86:5e:db:59:8d:6c:45:3a:1b:b1:ba:
5b:e1:76:bf:29:74:77:08:15:2f:86:2b:b7:69:3a:3c:75:4d:
8c:ea:7a:e2:b0:7d:77:6f:bb:d5:7a:92:db:f6:58:ae:65:8c:
b5:af:2b:20:e3:57:ee:c2:e7:44:e6:85:c2:9f:58:7e:4c:1a:
72:81:d0:39:a2:7a:8e:58:8e:98:d2:65:13:0d:e9:97:ff:aa:
a4:6d:b3:db
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXvFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTI1NjE1WhcNMjgwMzIzMTI1NjE1WjAYMRYw
FAYDVQQDEw02ODBmN2FmMy0wMmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs9OFYAYth3RL4kvJHysgxkBHQZuCf/vAG1r12M0xDjeoBNokKrvLwp16
i8H4fpGhZQzI4pR2I0Y+YW169OFjK78iNOSg2JAVCWLjjEHABhKFjMD19azsInpY
vHnOwSvpg9vECPL56TXP/kF4MtuVEhpyeQAC2cuYPr7CD4fboooynhxDVmkEkQa4
BDYPorQOxYtVoxjFRpowzwJKTRg263UgSA9tRwnCELpdxjOP/3j8aodKZ7IOkYFR
euaArkxFw8qEzqPFe8oPwP5iYBwOT7fIByehHdLHBtV1n5q6345r0cMVz0Dj8wbP
DIKQkwhGfb5Cwe6Gb4UDo7ek30GwGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMtb
dtB649ITqKqss36WSl7y8cW4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRDk2Q0VENjI0MzAxMUYwODE4QTg2OEREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmstKMA0GCSqGSIb3DQEB
CwUAA4IBAQBeFDdDXcQrSqBmxAhgIc4WLgOGRnTr22HoorMsTcffvLn2d1NsclTp
O3r/SG08jXVK74zKRkc64ZvybLWYN0KgJPDFGzTbqgoeK+zqc5FX5EgLGHN9ln6c
ZvgDxYVQAbWzUeDoSaIj0iwRTlcOh3qwt8jV+J8517UX4c7QgaHor5Vvw+tJFvZH
Nz1sR6ZyE8KSVRuneuifa815qD3Lr2sO2ZIqbM72mgz4hl7bWY1sRTobsbpb4Xa/
KXR3CBUvhiu3aTo8dU2M6nrisH13b7vVepLb9liuZYy1rysg41fuwudE5oXCn1h+
TBpygdA5onqOWI6Y0mUTDemX/6qkbbPb
-----END CERTIFICATE-----
Generated at Wed May 7 15:32:29 2025 by rpki-client