Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3817CE4E243C11F0806DB7DDDAE4EC9C.roa
File: 3817CE4E243C11F0806DB7DDDAE4EC9C.roa (raw, json)
Hash identifier: nEixpHi6txN+8dHJtLbxtdfTADdtLiFl0nfL0Y78l5E=
Subject key identifier: E2:85:4F:7E:09:01:CE:BE:D9:C5:CA:10:DA:EF:D6:3E:F3:8C:C6:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C01
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3817CE4E243C11F0806DB7DDDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 14:22:31 +0000
ROA not before: Mon 28 Apr 2025 14:22:25 +0000
ROA not after: Mon 27 Mar 2028 14:22:25 +0000
asID: 17561
IP address blocks: 154.81.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 10 May 2025 00:07:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97281 (0x17c01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 14:22:25 2025 GMT
Not After : Mar 27 14:22:25 2028 GMT
Subject: CN=680f8f27-6421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:43:20:82:ee:24:28:b0:90:3d:16:1f:21:20:
ea:70:89:1c:23:b5:ee:76:9d:f0:e2:ee:8a:28:99:
2f:65:d6:9b:15:31:7f:26:a8:ca:9a:13:68:85:4e:
ed:8b:f7:3b:f7:e1:83:30:0f:ea:3d:8c:ae:46:f9:
8c:cc:be:b8:2c:34:1a:54:fd:91:5e:25:78:77:6f:
70:d8:70:68:4b:cd:60:61:6a:13:e8:95:16:c9:b2:
bd:6f:45:70:f7:88:b4:7c:2f:66:8b:4b:9f:ab:a2:
9a:70:c2:87:92:61:4c:8a:9f:32:c6:58:5c:1a:8a:
e8:40:9c:43:ba:f1:70:63:96:75:ce:0f:c2:3b:29:
3a:51:b0:4f:fe:ae:76:10:32:f0:da:1e:b8:0e:e4:
05:f4:b5:3a:dd:c4:0c:f3:ed:2f:d9:06:8c:9c:6f:
ad:15:99:56:51:aa:fa:8e:f0:55:cd:38:68:33:a4:
1f:86:17:a4:ab:28:5c:96:9f:18:be:41:ab:c7:9e:
16:25:80:af:dd:c6:20:c8:8c:5a:6f:81:52:19:7f:
82:32:96:e4:fc:37:34:a7:6b:fd:09:05:0f:a8:9b:
88:88:5b:a5:38:27:76:97:6d:2f:fe:4e:b7:20:f0:
60:68:da:6b:4c:10:ee:68:ed:47:6f:e3:6b:be:a6:
54:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:85:4F:7E:09:01:CE:BE:D9:C5:CA:10:DA:EF:D6:3E:F3:8C:C6:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3817CE4E243C11F0806DB7DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.12.0/24
Signature Algorithm: sha256WithRSAEncryption
10:8a:d2:2a:d8:58:07:5f:23:06:5c:0d:4b:d7:b6:37:3e:62:
18:c0:49:49:68:bf:fc:87:03:2c:8f:5f:44:c6:02:d0:f8:6f:
17:a9:15:64:7a:66:b8:e5:5c:24:20:67:e8:96:d7:7e:8b:65:
8d:61:f4:ae:37:bc:e0:8e:5d:95:53:59:30:b6:56:fa:f6:c6:
13:84:c4:74:db:ee:dd:78:df:67:b7:4a:11:4e:a2:e9:78:59:
1b:c8:fd:8e:dc:62:e2:c5:e5:4f:8b:82:0b:2c:20:b1:5e:7b:
c2:65:7b:4a:27:ca:10:f5:06:93:d2:b1:00:80:d2:6e:a0:6b:
79:39:7d:95:6d:14:72:e2:de:38:ca:25:6c:f3:0f:b5:4b:12:
7b:56:77:26:32:57:3a:af:b9:0b:9e:0c:cd:f9:9f:53:9d:16:
3d:79:c3:b7:a5:a5:1b:66:e1:d3:7c:ca:4f:fa:4c:12:47:58:
0e:ae:2b:66:eb:e0:9d:2b:4d:11:f8:2c:40:30:66:9d:a0:5a:
2a:03:84:bb:98:3d:57:a0:78:56:ea:e8:f1:e1:3d:eb:dd:7b:
df:53:11:9e:9a:bb:5f:ea:af:15:b3:9c:e5:cd:da:11:c6:c0:
18:62:d9:f3:07:95:e1:6a:0b:50:06:b0:70:e8:a3:b7:0e:27:
54:9d:96:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXwBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTQyMjI1WhcNMjgwMzI3MTQyMjI1WjAYMRYw
FAYDVQQDEw02ODBmOGYyNy02NDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqEMggu4kKLCQPRYfISDqcIkcI7Xudp3w4u6KKJkvZdabFTF/JqjKmhNo
hU7ti/c79+GDMA/qPYyuRvmMzL64LDQaVP2RXiV4d29w2HBoS81gYWoT6JUWybK9
b0Vw94i0fC9mi0ufq6KacMKHkmFMip8yxlhcGoroQJxDuvFwY5Z1zg/COyk6UbBP
/q52EDLw2h64DuQF9LU63cQM8+0v2QaMnG+tFZlWUar6jvBVzThoM6Qfhhekqyhc
lp8YvkGrx54WJYCv3cYgyIxab4FSGX+CMpbk/Dc0p2v9CQUPqJuIiFulOCd2l20v
/k63IPBgaNprTBDuaO1Hb+NrvqZUGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOKF
T34JAc6+2cXKENrv1j7zjMbkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zODE3Q0U0RTI0M0MxMUYwODA2REI3REREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlEMMA0GCSqGSIb3DQEB
CwUAA4IBAQAQitIq2FgHXyMGXA1L17Y3PmIYwElJaL/8hwMsj19ExgLQ+G8XqRVk
ema45VwkIGfoltd+i2WNYfSuN7zgjl2VU1kwtlb69sYThMR02+7deN9nt0oRTqLp
eFkbyP2O3GLixeVPi4ILLCCxXnvCZXtKJ8oQ9QaT0rEAgNJuoGt5OX2VbRRy4t44
yiVs8w+1SxJ7VncmMlc6r7kLngzN+Z9TnRY9ecO3paUbZuHTfMpP+kwSR1gOritm
6+CdK00R+CxAMGadoFoqA4S7mD1XoHhW6ujx4T3r3XvfUxGemrtf6q8Vs5zlzdoR
xsAYYtnzB5XhagtQBrBw6KO3DidUnZal
-----END CERTIFICATE-----
Generated at Thu May 8 12:31:18 2025 by rpki-client