Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/558C7106242C11F09EFE57F2DAE4EC9C.roa
File: 558C7106242C11F09EFE57F2DAE4EC9C.roa (raw, json)
Hash identifier: /QrCBjDmgt5gScRPnj2E48j4xlcvW08eBhmvvJY6rhs=
Subject key identifier: 06:C6:F4:60:D7:97:93:45:1E:EF:1A:C7:7B:0D:B4:16:57:7F:17:C7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BA6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/558C7106242C11F09EFE57F2DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 12:28:48 +0000
ROA not before: Mon 28 Apr 2025 12:28:43 +0000
ROA not after: Sat 21 Mar 2026 12:28:43 +0000
asID: 984
IP address blocks: 154.89.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97190 (0x17ba6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 12:28:43 2025 GMT
Not After : Mar 21 12:28:43 2026 GMT
Subject: CN=680f7480-7eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b5:06:a7:cb:63:13:3c:fc:ca:87:82:b2:be:
91:f0:3c:ee:c0:13:95:cb:3d:3e:d2:40:99:14:21:
36:fc:a4:94:49:0b:16:2c:33:08:69:78:cd:8d:e1:
22:63:08:57:04:27:2a:53:da:f4:90:fe:0f:80:29:
d1:3d:0e:01:c6:dd:b4:41:3a:2e:9f:59:30:b7:70:
ee:61:4f:1e:68:a6:5e:b8:77:54:4a:72:6f:0f:87:
de:ce:82:3e:b1:52:89:67:f1:bd:5d:29:4f:47:63:
f4:ef:62:c3:59:82:50:ba:e6:d3:4c:1f:9e:45:d2:
2f:b1:c3:53:9e:10:ae:88:d7:f2:94:8f:96:08:7c:
bd:73:2b:ba:58:ea:91:5e:e0:a1:9a:74:db:64:ca:
eb:0c:87:e1:29:52:27:e4:8e:b5:97:e6:de:cf:7d:
c2:2f:d3:4e:14:9f:bd:df:ea:97:0b:36:28:91:2b:
77:7d:98:b8:e9:f2:79:4e:ac:8e:89:08:9a:f0:64:
8c:06:fa:a8:f6:d3:33:95:0f:7e:75:a0:eb:cf:37:
36:d1:9f:e9:07:23:0d:af:d9:b2:ab:19:dc:4f:01:
07:be:c3:92:4a:c0:17:56:a2:8f:fa:5f:c9:99:5e:
b7:5c:31:e1:70:2f:be:e4:21:86:a6:4f:94:03:aa:
4c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C6:F4:60:D7:97:93:45:1E:EF:1A:C7:7B:0D:B4:16:57:7F:17:C7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/558C7106242C11F09EFE57F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.9.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:7b:f7:f4:0a:47:48:f6:cf:31:28:55:5e:ae:fd:5b:cd:15:
13:26:f5:cd:12:d1:01:de:a1:7b:cd:ef:20:d3:11:e6:11:94:
c4:67:b1:92:63:aa:14:d1:e7:b7:f1:f4:39:96:02:f8:2b:5d:
0f:ec:6b:60:7a:0a:dc:c4:59:78:90:7d:42:74:2f:d6:24:e1:
00:fd:82:09:04:94:d0:6f:7d:44:b0:9e:e5:7b:2f:4e:fa:7b:
07:c4:b0:0a:c7:c2:31:b3:1c:b7:06:85:25:3d:4d:e0:18:1c:
a5:42:6b:7b:65:82:77:15:7f:23:4b:ae:9e:9a:1d:97:d0:c7:
cb:6b:69:1f:09:57:ac:12:2f:58:87:b8:9e:4c:9d:77:d5:df:
1f:1c:32:ef:54:9b:cb:72:19:a7:d0:4b:35:43:40:3b:1c:eb:
49:98:30:97:28:0d:44:00:a3:a2:e6:07:6a:48:78:8c:df:96:
9a:41:7c:d6:fb:0c:4b:59:8f:56:e0:62:54:18:e4:49:4f:9a:
d9:5b:07:fb:a5:e4:df:70:ff:a4:9b:cc:36:c6:cc:7d:30:b9:
f8:f7:cc:5d:38:89:7d:64:75:1e:db:9d:ed:8d:93:81:94:f6:
ec:35:2c:dc:c6:2b:1d:6e:dd:03:df:0d:2a:9f:fc:7c:11:9e:
83:ba:73:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXumMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTIyODQzWhcNMjYwMzIxMTIyODQzWjAYMRYw
FAYDVQQDEw02ODBmNzQ4MC03ZWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrUGp8tjEzz8yoeCsr6R8DzuwBOVyz0+0kCZFCE2/KSUSQsWLDMIaXjN
jeEiYwhXBCcqU9r0kP4PgCnRPQ4Bxt20QToun1kwt3DuYU8eaKZeuHdUSnJvD4fe
zoI+sVKJZ/G9XSlPR2P072LDWYJQuubTTB+eRdIvscNTnhCuiNfylI+WCHy9cyu6
WOqRXuChmnTbZMrrDIfhKVIn5I61l+bez33CL9NOFJ+93+qXCzYokSt3fZi46fJ5
TqyOiQia8GSMBvqo9tMzlQ9+daDrzzc20Z/pByMNr9myqxncTwEHvsOSSsAXVqKP
+l/JmV63XDHhcC++5CGGpk+UA6pMfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAbG
9GDXl5NFHu8ax3sNtBZXfxfHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NThDNzEwNjI0MkMxMUYwOUVGRTU3RjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkJMA0GCSqGSIb3DQEB
CwUAA4IBAQC3e/f0CkdI9s8xKFVerv1bzRUTJvXNEtEB3qF7ze8g0xHmEZTEZ7GS
Y6oU0ee38fQ5lgL4K10P7GtgegrcxFl4kH1CdC/WJOEA/YIJBJTQb31EsJ7ley9O
+nsHxLAKx8Ixsxy3BoUlPU3gGBylQmt7ZYJ3FX8jS66emh2X0MfLa2kfCVesEi9Y
h7ieTJ131d8fHDLvVJvLchmn0Es1Q0A7HOtJmDCXKA1EAKOi5gdqSHiM35aaQXzW
+wxLWY9W4GJUGORJT5rZWwf7peTfcP+km8w2xsx9MLn498xdOIl9ZHUe253tjZOB
lPbsNSzcxisdbt0D3w0qn/x8EZ6DunNC
-----END CERTIFICATE-----
Generated at Sat May 10 19:10:23 2025 by rpki-client