Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/544B2BD4243111F0AA3E3094DAE4EC9C.roa
File: 544B2BD4243111F0AA3E3094DAE4EC9C.roa (raw, json)
Hash identifier: aqdPHJjSRW6/Hrw8uuauLaExoDvQgO9SFUnfDtKR+m4=
Subject key identifier: 18:91:04:F8:2C:E5:F1:5B:E6:A8:F5:1E:0F:CE:10:61:0C:80:54:DE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BCF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/544B2BD4243111F0AA3E3094DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:04:34 +0000
ROA not before: Mon 28 Apr 2025 13:04:29 +0000
ROA not after: Thu 23 Mar 2028 13:04:29 +0000
asID: 17561
IP address blocks: 154.203.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97231 (0x17bcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 13:04:29 2025 GMT
Not After : Mar 23 13:04:29 2028 GMT
Subject: CN=680f7ce2-7665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:17:ed:af:41:9d:57:32:35:f9:8d:fb:b7:
99:b2:2d:7f:f7:ec:26:33:6b:09:a3:b4:52:73:8f:
1e:25:e6:3f:f4:37:91:e0:c9:ca:ca:bb:9d:d6:de:
88:62:83:6e:c8:b9:86:5e:69:44:0e:94:11:c9:4a:
25:c8:9f:a9:6d:54:c9:5c:78:fa:21:dc:a7:d8:e4:
97:ac:f9:43:b7:a5:1b:a9:62:70:e0:9e:92:a7:5d:
a5:c3:e8:f6:f5:f2:af:1e:fe:dc:c0:b9:9e:b5:7a:
b3:81:f8:e1:a7:94:c8:7b:44:7c:8b:4d:62:6e:b5:
f3:ae:77:3f:91:1a:8d:9b:c7:1d:db:70:a7:0f:44:
aa:56:0a:40:0b:bf:cb:c8:33:79:ac:95:09:a6:2f:
d0:6d:a2:0f:dc:f6:c1:a4:3e:b0:18:80:5e:ec:96:
4d:b8:d3:25:4a:42:05:51:32:bc:07:a0:64:d0:a6:
97:a1:a4:9c:a0:cf:25:e8:13:cd:0c:a8:cb:89:85:
8b:4f:9e:30:5e:99:f6:9c:79:4f:51:db:a7:6b:4b:
0b:1a:ad:da:c8:14:02:49:99:51:d0:0a:f5:19:f4:
7f:65:a9:e7:74:c7:13:be:eb:2c:ad:7a:97:36:09:
46:55:87:ee:ac:d9:e5:c7:8a:8f:89:6a:be:76:94:
8e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:91:04:F8:2C:E5:F1:5B:E6:A8:F5:1E:0F:CE:10:61:0C:80:54:DE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/544B2BD4243111F0AA3E3094DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.78.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:fa:b7:b7:3c:3e:2d:90:6a:b4:d4:b9:59:76:f5:e5:79:a7:
99:29:d4:ed:91:74:de:2a:d3:85:69:d5:ad:31:a8:53:c7:83:
76:2e:89:bd:c4:9f:24:68:aa:b5:54:d8:59:e7:7e:1f:7c:15:
e4:5c:32:e3:55:c5:ff:a0:16:65:16:5d:78:d5:54:98:aa:30:
f4:91:92:17:61:3e:e3:5a:f5:f7:a8:e7:de:a9:28:b5:36:83:
65:a9:ab:64:1a:25:76:cd:cb:60:3f:3d:b8:1e:25:f7:58:a7:
5b:1a:7e:8d:5a:3d:65:d2:e9:aa:04:ca:ba:30:78:27:8c:d7:
3b:70:d1:62:bc:0d:67:d9:26:51:14:28:ee:bf:5f:0e:f9:bb:
9d:32:a7:3e:2c:aa:c5:c2:42:b0:a2:f6:b0:11:65:7e:47:52:
31:5a:22:ea:f5:d3:42:13:c5:6b:9e:60:a6:78:b7:d4:2f:0e:
77:ed:6b:b8:08:31:ed:c1:fb:f9:d3:08:22:1e:bb:8b:8c:9a:
4d:45:93:fd:81:0c:37:48:b1:ca:02:4f:9b:d3:a7:49:97:71:
03:1d:a4:1b:1e:a3:f1:d7:b8:94:66:a5:be:c3:a8:eb:15:b9:
38:e2:89:45:83:58:38:5c:da:df:c2:6e:38:61:10:80:f8:a1:
f7:3c:68:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXvPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTMwNDI5WhcNMjgwMzIzMTMwNDI5WjAYMRYw
FAYDVQQDEw02ODBmN2NlMi03NjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArBAX7a9BnVcyNfmN+7eZsi1/9+wmM2sJo7RSc48eJeY/9DeR4MnKyrud
1t6IYoNuyLmGXmlEDpQRyUolyJ+pbVTJXHj6Idyn2OSXrPlDt6UbqWJw4J6Sp12l
w+j29fKvHv7cwLmetXqzgfjhp5TIe0R8i01ibrXzrnc/kRqNm8cd23CnD0SqVgpA
C7/LyDN5rJUJpi/QbaIP3PbBpD6wGIBe7JZNuNMlSkIFUTK8B6Bk0KaXoaScoM8l
6BPNDKjLiYWLT54wXpn2nHlPUduna0sLGq3ayBQCSZlR0Ar1GfR/ZanndMcTvuss
rXqXNglGVYfurNnlx4qPiWq+dpSOTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBiR
BPgs5fFb5qj1Hg/OEGEMgFTeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NDRCMkJENDI0MzExMUYwQUEzRTMwOTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmstOMA0GCSqGSIb3DQEB
CwUAA4IBAQA6+re3PD4tkGq01LlZdvXleaeZKdTtkXTeKtOFadWtMahTx4N2Lom9
xJ8kaKq1VNhZ534ffBXkXDLjVcX/oBZlFl141VSYqjD0kZIXYT7jWvX3qOfeqSi1
NoNlqatkGiV2zctgPz24HiX3WKdbGn6NWj1l0umqBMq6MHgnjNc7cNFivA1n2SZR
FCjuv18O+budMqc+LKrFwkKwovawEWV+R1IxWiLq9dNCE8VrnmCmeLfULw537Wu4
CDHtwfv50wgiHruLjJpNRZP9gQw3SLHKAk+b06dJl3EDHaQbHqPx17iUZqW+w6jr
Fbk44olFg1g4XNrfwm44YRCA+KH3PGjA
-----END CERTIFICATE-----
Generated at Wed May 7 09:01:27 2025 by rpki-client