Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40742966242D11F0B32B057BDAE4EC9C.roa
File: 40742966242D11F0B32B057BDAE4EC9C.roa (raw, json)
Hash identifier: lwVohaaoCwLWta86oMuRDxLXnGXrXzzH5D9MOFPhVXY=
Subject key identifier: 24:D0:67:CE:CE:38:FB:C5:7A:0A:27:A8:29:36:A9:5F:1D:1C:EC:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BAE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40742966242D11F0B32B057BDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 12:35:22 +0000
ROA not before: Mon 28 Apr 2025 12:35:18 +0000
ROA not after: Tue 21 Mar 2028 12:35:18 +0000
asID: 17561
IP address blocks: 154.197.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 04:21:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97198 (0x17bae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 12:35:18 2025 GMT
Not After : Mar 21 12:35:18 2028 GMT
Subject: CN=680f760a-c96a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f6:48:7f:10:c5:11:db:00:12:7c:b6:7b:78:
fc:65:c0:9e:0c:74:36:7f:46:1c:28:04:16:d8:f4:
e1:a0:b2:c2:98:c7:c1:3c:da:36:be:97:10:1e:db:
1e:41:54:c9:ae:52:40:f9:96:85:e0:dd:e0:f0:33:
04:d9:30:4c:21:e2:97:dc:05:23:2a:97:2d:e9:e3:
c1:e0:62:2e:d6:7d:53:92:8c:b3:86:a6:43:83:7a:
9c:d5:7f:40:e7:6d:dd:62:4b:fe:e9:f6:de:93:e7:
08:05:01:8b:cf:02:b1:15:c6:c9:b2:9a:ad:20:aa:
0e:eb:a3:38:e6:b7:fb:6e:f5:4c:5e:04:c0:d4:54:
6e:67:9a:82:90:5f:35:e9:d7:0a:71:f6:cf:bb:fe:
87:a2:20:cc:22:7a:44:65:58:d5:fc:53:2c:f1:cb:
ce:88:b8:ad:80:73:1f:9f:f8:0a:8e:a0:7e:3d:61:
0d:c7:1c:9d:82:13:d0:62:ef:74:c7:36:58:72:42:
41:71:c7:4b:7f:d0:34:54:67:1f:36:42:cd:f9:79:
0e:4c:9a:c2:3e:17:71:b8:cf:5f:de:dc:b3:ef:ee:
2e:2a:c0:0e:a2:f0:95:fd:30:a1:11:3d:12:f2:a1:
26:0d:55:1a:10:dd:0b:dd:34:50:57:42:7b:6f:85:
57:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D0:67:CE:CE:38:FB:C5:7A:0A:27:A8:29:36:A9:5F:1D:1C:EC:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40742966242D11F0B32B057BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.90.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:cb:e0:fe:a3:2a:22:b8:28:13:5e:92:26:b7:4f:06:de:15:
c6:1d:ef:c5:6a:c6:34:e1:3f:94:6c:7e:2f:8b:d5:0b:66:40:
46:fa:37:47:d5:ee:19:50:3a:40:c4:fa:02:9c:ba:f8:90:60:
b9:84:c4:c3:a5:94:fe:c5:ea:a1:32:f5:42:4e:90:0e:ee:18:
da:9c:10:2d:c9:88:9f:c0:f9:6a:ca:e6:a0:8a:02:b3:92:73:
d0:00:89:e4:27:44:52:9f:fb:7a:0d:2b:21:b2:73:8e:88:08:
dd:a9:14:5b:dc:51:95:0b:8c:02:1c:28:c8:0c:c6:7d:e1:a9:
f1:be:51:1d:76:2b:82:3e:bc:61:7a:16:1f:35:5a:0f:a3:88:
02:cf:c2:a4:f3:59:56:31:e5:f1:c8:01:72:1b:bf:40:30:2b:
cc:dd:b2:87:d6:42:0d:50:1f:4c:db:cb:80:08:be:b7:ed:e0:
e1:74:ea:70:17:af:c4:bc:01:55:b9:50:54:f0:75:02:44:ab:
14:c2:d4:07:44:64:c8:f7:11:5a:be:7f:3c:c6:a6:b1:bf:b5:
cf:d1:60:1b:b3:90:a0:4a:33:fa:7f:2f:09:9d:60:3a:d9:d3:
19:f3:3f:fb:1e:94:6b:a7:2b:56:73:df:76:15:ec:9b:8f:08:
02:c2:74:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXuuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTIzNTE4WhcNMjgwMzIxMTIzNTE4WjAYMRYw
FAYDVQQDEw02ODBmNzYwYS1jOTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuPZIfxDFEdsAEny2e3j8ZcCeDHQ2f0YcKAQW2PThoLLCmMfBPNo2vpcQ
HtseQVTJrlJA+ZaF4N3g8DME2TBMIeKX3AUjKpct6ePB4GIu1n1TkoyzhqZDg3qc
1X9A523dYkv+6fbek+cIBQGLzwKxFcbJspqtIKoO66M45rf7bvVMXgTA1FRuZ5qC
kF816dcKcfbPu/6HoiDMInpEZVjV/FMs8cvOiLitgHMfn/gKjqB+PWENxxydghPQ
Yu90xzZYckJBccdLf9A0VGcfNkLN+XkOTJrCPhdxuM9f3tyz7+4uKsAOovCV/TCh
ET0S8qEmDVUaEN0L3TRQV0J7b4VXgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCTQ
Z87OOPvFegonqCk2qV8dHOz7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MDc0Mjk2NjI0MkQxMUYwQjMyQjA1N0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVaMA0GCSqGSIb3DQEB
CwUAA4IBAQBey+D+oyoiuCgTXpImt08G3hXGHe/FasY04T+UbH4vi9ULZkBG+jdH
1e4ZUDpAxPoCnLr4kGC5hMTDpZT+xeqhMvVCTpAO7hjanBAtyYifwPlqyuagigKz
knPQAInkJ0RSn/t6DSshsnOOiAjdqRRb3FGVC4wCHCjIDMZ94anxvlEddiuCPrxh
ehYfNVoPo4gCz8Kk81lWMeXxyAFyG79AMCvM3bKH1kINUB9M28uACL637eDhdOpw
F6/EvAFVuVBU8HUCRKsUwtQHRGTI9xFavn88xqaxv7XP0WAbs5CgSjP6fy8JnWA6
2dMZ8z/7HpRrpytWc992FeybjwgCwnTG
-----END CERTIFICATE-----
Generated at Tue May 13 08:00:58 2025 by rpki-client