Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4049DDA0241E11F09E785D96DAE4EC9C.roa
File: 4049DDA0241E11F09E785D96DAE4EC9C.roa (raw, json)
Hash identifier: a9R5nN6ns+WDXXG6a2xuJMQiQqv9jAqWecTtPR9AXto=
Subject key identifier: AC:6D:1B:A2:AA:4C:D2:7C:96:FF:DC:55:8C:9C:EF:84:14:95:DF:77
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B6C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4049DDA0241E11F09E785D96DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 10:48:00 +0000
ROA not before: Mon 28 Apr 2025 10:47:55 +0000
ROA not after: Sat 31 May 2025 10:47:55 +0000
asID: 398704
IP address blocks: 154.200.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97132 (0x17b6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 10:47:55 2025 GMT
Not After : May 31 10:47:55 2025 GMT
Subject: CN=680f5ce0-d717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:22:e3:a9:e0:6f:f7:af:2c:9b:df:8b:fc:8b:
66:c1:87:fe:c9:86:a6:94:2b:fa:b5:38:43:12:0d:
68:33:83:b2:35:48:bc:19:8f:47:85:e4:96:86:38:
48:40:12:57:74:b2:62:b0:db:ff:04:a1:85:c1:30:
4b:78:0f:05:1b:67:f3:8a:22:08:b9:54:f6:7b:02:
f0:13:08:8f:c5:4f:c1:a5:0e:c2:e3:dc:13:57:c8:
1f:7c:62:7e:cf:38:57:5f:34:77:5b:dc:ac:6a:0c:
0d:db:9c:43:a5:be:df:e4:cc:df:5b:01:a1:b5:8e:
5c:bd:6b:84:99:24:d8:14:48:1e:a8:e6:ac:7e:4e:
42:0b:c0:14:27:c0:76:d9:b8:42:7d:fa:dc:ba:07:
2e:44:b4:d2:8e:c7:c0:8e:f0:7e:18:6f:cb:54:dc:
d6:2e:43:b7:5c:54:a1:39:5f:90:eb:a5:8f:55:ca:
3c:47:ca:65:f6:07:c4:55:f8:27:7e:6c:ee:22:a9:
c2:01:45:3e:39:c7:1b:e8:b4:17:59:11:fe:c3:8c:
6a:9b:5d:e4:c1:34:3f:4e:b2:77:6c:17:e0:aa:9c:
55:7e:8d:4f:b2:5d:b3:7c:04:b0:aa:b6:26:5a:3f:
d5:f6:54:79:e0:02:e4:c4:0e:94:40:a9:a3:ae:79:
fd:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:6D:1B:A2:AA:4C:D2:7C:96:FF:DC:55:8C:9C:EF:84:14:95:DF:77
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4049DDA0241E11F09E785D96DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.146.0/24
Signature Algorithm: sha256WithRSAEncryption
25:eb:c9:e0:72:af:c0:99:cc:2b:7a:ce:d6:08:6a:af:a9:f5:
f6:31:45:f0:db:f2:63:91:bb:26:ff:5a:0c:03:4f:4a:55:6e:
65:7e:10:11:cc:18:c5:0c:4b:b2:52:13:f6:4c:17:9c:96:2f:
09:04:96:e6:74:cb:05:c3:bc:e4:6c:73:48:38:20:16:5a:45:
27:1b:9d:b0:74:c0:7b:1f:fe:41:8d:b2:91:9e:8f:45:fe:73:
f9:1b:c6:02:0f:d1:1b:e3:8f:67:ea:55:7d:4c:99:6e:05:d4:
e4:58:91:4c:3f:bc:d0:64:f4:4c:db:b0:db:f2:2f:70:98:c5:
a5:06:b3:b6:3f:b8:92:14:f6:cb:5e:dd:46:5e:f3:e7:14:10:
16:6f:d3:7f:2f:bf:2b:3a:b5:33:d4:ab:c2:74:30:66:9b:8a:
db:6c:c9:ca:02:53:f8:94:2d:ac:4b:4c:b0:47:a7:41:a2:28:
bf:66:9a:18:89:3c:17:3c:c2:ac:89:5c:72:37:f3:3c:6d:c3:
90:60:bd:5d:53:46:ca:af:3b:1a:ce:18:80:bc:b9:67:97:d0:
e0:5c:a7:1d:38:14:56:78:c7:32:be:2e:04:d4:3b:4d:df:fe:
a2:be:82:96:b2:00:eb:2c:87:bd:c4:da:0e:cd:a1:f9:5e:35:
8d:9e:39:f0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXtsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTA0NzU1WhcNMjUwNTMxMTA0NzU1WjAYMRYw
FAYDVQQDEw02ODBmNWNlMC1kNzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9CLjqeBv968sm9+L/ItmwYf+yYamlCv6tThDEg1oM4OyNUi8GY9HheSW
hjhIQBJXdLJisNv/BKGFwTBLeA8FG2fziiIIuVT2ewLwEwiPxU/BpQ7C49wTV8gf
fGJ+zzhXXzR3W9ysagwN25xDpb7f5MzfWwGhtY5cvWuEmSTYFEgeqOasfk5CC8AU
J8B22bhCffrcugcuRLTSjsfAjvB+GG/LVNzWLkO3XFShOV+Q66WPVco8R8pl9gfE
VfgnfmzuIqnCAUU+Occb6LQXWRH+w4xqm13kwTQ/TrJ3bBfgqpxVfo1Psl2zfASw
qrYmWj/V9lR54ALkxA6UQKmjrnn9KwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKxt
G6KqTNJ8lv/cVYyc74QUld93MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MDQ5RERBMDI0MUUxMUYwOUU3ODVEOTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsiSMA0GCSqGSIb3DQEB
CwUAA4IBAQAl68ngcq/Amcwres7WCGqvqfX2MUXw2/Jjkbsm/1oMA09KVW5lfhAR
zBjFDEuyUhP2TBecli8JBJbmdMsFw7zkbHNIOCAWWkUnG52wdMB7H/5BjbKRno9F
/nP5G8YCD9Eb449n6lV9TJluBdTkWJFMP7zQZPRM27Db8i9wmMWlBrO2P7iSFPbL
Xt1GXvPnFBAWb9N/L78rOrUz1KvCdDBmm4rbbMnKAlP4lC2sS0ywR6dBoii/ZpoY
iTwXPMKsiVxyN/M8bcOQYL1dU0bKrzsazhiAvLlnl9DgXKcdOBRWeMcyvi4E1DtN
3/6ivoKWsgDrLIe9xNoOzaH5XjWNnjnw
-----END CERTIFICATE-----
Generated at Sat May 10 22:22:18 2025 by rpki-client