Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F1E4818243211F0A7F3109BDAE4EC9C.roa
File: 2F1E4818243211F0A7F3109BDAE4EC9C.roa (raw, json)
Hash identifier: Z+8Os/PLwG1grPT65QUncCKB6Vk8UatHgPp/dCsTgEU=
Subject key identifier: EA:40:37:31:84:BD:FD:21:BB:4E:7F:FB:60:5F:65:CB:95:5B:0F:50
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BD7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F1E4818243211F0A7F3109BDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:10:41 +0000
ROA not before: Mon 28 Apr 2025 13:10:36 +0000
ROA not after: Thu 23 Mar 2028 13:10:36 +0000
asID: 17561
IP address blocks: 154.205.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97239 (0x17bd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 13:10:36 2025 GMT
Not After : Mar 23 13:10:36 2028 GMT
Subject: CN=680f7e51-4a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:20:e6:e1:4b:bf:10:89:2b:cd:2b:d6:77:76:
d6:00:b8:dc:6f:5a:55:d6:d1:5b:8b:eb:ae:ab:78:
ed:10:88:86:cf:41:5b:8a:94:02:ff:bf:b2:77:50:
d4:6c:e6:28:c1:d0:4f:4c:4f:87:1a:97:af:ac:8d:
90:51:3b:75:0f:56:b1:aa:48:b0:e2:c9:59:dd:04:
d4:b4:71:4e:96:c2:58:25:6a:e5:45:81:14:88:33:
9a:06:eb:1d:a3:14:ca:4e:53:10:11:bc:ba:d0:fb:
d7:30:f1:dc:c9:1f:ac:c7:38:54:33:dd:86:73:0a:
78:fa:31:13:66:05:16:a8:86:74:bb:c0:1c:33:cb:
9f:fd:c7:af:31:84:d7:1d:97:7b:99:6f:91:ab:6e:
7c:81:34:df:b9:6a:60:24:4e:0b:89:fa:c2:57:23:
99:8a:71:62:63:fc:3e:16:eb:26:5b:88:21:f3:17:
c7:a4:84:d7:d2:73:44:42:6d:33:0a:4d:1a:1c:31:
c8:92:a9:26:58:84:d7:20:b1:60:cb:83:42:dc:9a:
03:55:4d:2d:ce:bd:a3:de:58:a2:b5:b6:ac:5a:27:
7e:77:c9:62:97:49:77:f7:58:8e:78:15:27:4f:76:
bf:c8:36:32:b8:2a:dd:65:38:45:aa:b8:29:85:13:
89:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:40:37:31:84:BD:FD:21:BB:4E:7F:FB:60:5F:65:CB:95:5B:0F:50
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F1E4818243211F0A7F3109BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.161.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:ed:39:2d:c1:00:44:6e:32:b3:45:36:05:fb:64:0a:24:ae:
85:87:8c:e1:8a:39:46:f3:ec:2a:01:26:5c:b8:82:05:10:1b:
2b:41:7e:31:72:74:e1:43:38:6b:cf:63:fc:43:44:37:ee:8d:
f8:76:81:7b:4b:bf:13:29:3c:52:cf:48:0b:9e:4d:6a:af:7c:
fb:59:f1:73:d7:e6:02:af:ae:33:1a:a3:d1:ab:39:00:1a:15:
71:b1:e2:25:3d:cb:8f:9d:ff:8b:23:9b:ee:c0:a4:bf:56:6b:
b1:ba:9c:65:9d:d0:25:0c:eb:98:23:f9:c8:93:33:9d:e8:03:
45:2c:12:77:e0:52:3c:c8:bd:27:d1:c1:b9:87:d1:f3:58:71:
33:32:18:79:bf:39:90:38:0f:59:17:2a:71:8d:e9:3c:74:e3:
75:ed:ef:5c:3c:a3:06:66:cc:42:4e:c8:24:12:2c:d1:dc:bc:
7f:f4:cc:9c:56:57:b0:d7:8b:29:be:43:88:50:11:7e:50:a4:
db:de:85:09:93:c4:9d:32:9c:2e:ad:94:6a:b4:9e:69:ee:3a:
30:f6:fe:6d:4c:7c:eb:fd:ee:81:af:54:3c:61:50:43:81:fd:
37:3d:3c:7a:5c:96:ed:45:69:4f:06:1e:9c:f4:27:cc:98:3b:
da:d4:c2:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXvXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTMxMDM2WhcNMjgwMzIzMTMxMDM2WjAYMRYw
FAYDVQQDEw02ODBmN2U1MS00YTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2yDm4Uu/EIkrzSvWd3bWALjcb1pV1tFbi+uuq3jtEIiGz0FbipQC/7+y
d1DUbOYowdBPTE+HGpevrI2QUTt1D1axqkiw4slZ3QTUtHFOlsJYJWrlRYEUiDOa
BusdoxTKTlMQEby60PvXMPHcyR+sxzhUM92Gcwp4+jETZgUWqIZ0u8AcM8uf/cev
MYTXHZd7mW+Rq258gTTfuWpgJE4LifrCVyOZinFiY/w+FusmW4gh8xfHpITX0nNE
Qm0zCk0aHDHIkqkmWITXILFgy4NC3JoDVU0tzr2j3liitbasWid+d8lil0l391iO
eBUnT3a/yDYyuCrdZThFqrgphROJUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOpA
NzGEvf0hu05/+2BfZcuVWw9QMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRjFFNDgxODI0MzIxMUYwQTdGMzEwOUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2hMA0GCSqGSIb3DQEB
CwUAA4IBAQBc7TktwQBEbjKzRTYF+2QKJK6Fh4zhijlG8+wqASZcuIIFEBsrQX4x
cnThQzhrz2P8Q0Q37o34doF7S78TKTxSz0gLnk1qr3z7WfFz1+YCr64zGqPRqzkA
GhVxseIlPcuPnf+LI5vuwKS/VmuxupxlndAlDOuYI/nIkzOd6ANFLBJ34FI8yL0n
0cG5h9HzWHEzMhh5vzmQOA9ZFypxjek8dON17e9cPKMGZsxCTsgkEizR3Lx/9Myc
Vlew14spvkOIUBF+UKTb3oUJk8SdMpwurZRqtJ5p7jow9v5tTHzr/e6Br1Q8YVBD
gf03PTx6XJbtRWlPBh6c9CfMmDva1MLD
-----END CERTIFICATE-----
Generated at Mon May 12 18:57:24 2025 by rpki-client