Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65AB0A6C243511F0AB8D1FAFDAE4EC9C.roa
File: 65AB0A6C243511F0AB8D1FAFDAE4EC9C.roa (raw, json)
Hash identifier: n9UHsXybhE8OfVNtT+xWOShTyxYmDpNXOvfZlYHmGts=
Subject key identifier: BA:32:0A:55:A2:50:6C:D4:2A:BD:7C:E9:11:3A:7D:4E:55:9B:2B:58
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65AB0A6C243511F0AB8D1FAFDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:33:41 +0000
ROA not before: Mon 28 Apr 2025 13:33:29 +0000
ROA not after: Mon 23 Mar 2026 13:33:29 +0000
asID: 984
IP address blocks: 154.207.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97261 (0x17bed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 13:33:29 2025 GMT
Not After : Mar 23 13:33:29 2026 GMT
Subject: CN=680f83b5-a667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0a:a8:62:53:dc:0a:19:91:37:16:99:f4:e0:
89:2f:77:5a:b3:7d:02:73:c7:0f:90:72:c8:fc:12:
2e:18:5e:1a:9a:18:8a:4d:30:87:bb:44:d3:8a:cf:
91:1b:39:7a:76:2f:cd:7c:fe:df:c8:c5:57:bb:d9:
03:02:63:b2:e0:b8:91:c6:cc:c7:e3:df:93:db:dc:
19:9e:3b:4c:4a:9a:2a:04:16:2a:c5:0e:64:b6:55:
6e:4a:25:ab:9a:df:53:7c:85:05:cb:36:c4:1e:e1:
6b:1f:89:eb:29:07:1e:56:13:b6:52:82:3a:df:ff:
96:86:78:00:5a:0f:39:53:c4:23:e2:09:5d:16:ae:
6a:f3:29:e7:d6:d1:2b:85:b7:f4:c0:66:d7:f0:3e:
cd:29:a1:da:a5:cf:dd:7f:fb:b0:bf:88:4c:42:65:
fe:60:6a:ff:b2:de:09:60:4c:e4:6d:46:86:e7:70:
30:6f:48:fc:9d:4e:f6:57:b9:07:a4:37:f8:4b:87:
89:db:73:0e:f2:26:a3:62:67:b6:57:10:dc:7d:a5:
80:f6:79:62:40:62:11:49:7e:bd:31:6e:26:eb:75:
85:15:ef:94:93:71:1e:64:2f:d9:14:a1:77:3a:d4:
14:28:50:b3:09:10:3e:08:a6:2b:c1:16:11:58:56:
40:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:32:0A:55:A2:50:6C:D4:2A:BD:7C:E9:11:3A:7D:4E:55:9B:2B:58
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65AB0A6C243511F0AB8D1FAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.236.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:87:fb:7a:d6:1f:3d:73:88:e6:cc:b5:63:82:dc:c5:b0:30:
17:a0:a7:35:f2:58:9e:3f:a0:f7:5d:ec:94:e1:71:c7:da:3a:
17:3e:e0:00:db:cd:b1:d4:60:53:5f:3f:42:f1:11:54:39:72:
c6:5d:e0:03:44:ab:6f:92:8c:48:24:de:d7:5d:98:2b:33:21:
1c:62:c9:76:c0:fb:aa:bf:85:86:8f:db:72:bf:02:2f:29:1c:
f0:3a:6a:44:75:28:34:c4:3e:7f:77:8b:82:92:cf:18:d0:c3:
f9:8c:02:7c:4d:3c:2c:59:1a:f5:cf:ef:4a:04:32:b1:d9:78:
7e:15:24:05:81:98:3e:14:ea:14:e0:ec:e8:5b:49:75:cc:b0:
7c:b4:4d:cb:92:05:8a:ca:06:18:64:f5:10:09:06:64:0b:83:
6d:88:6b:a5:c7:5e:74:cf:be:e3:bf:05:8a:55:6e:80:a9:7c:
53:34:3b:e9:21:2f:8e:57:12:7b:dd:8f:60:76:52:0b:1f:04:
c1:2b:ef:f1:5a:66:6d:cb:79:83:ea:ed:9a:16:3d:79:34:cb:
4a:3c:04:fc:92:e5:77:b6:6d:c0:98:8e:c5:6b:7f:42:bf:ca:
f8:33:be:9a:e9:d2:0e:4c:7e:e1:16:3b:62:2f:31:31:93:dc:
eb:fa:ff:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXvtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTMzMzI5WhcNMjYwMzIzMTMzMzI5WjAYMRYw
FAYDVQQDEw02ODBmODNiNS1hNjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvAqoYlPcChmRNxaZ9OCJL3das30Cc8cPkHLI/BIuGF4amhiKTTCHu0TT
is+RGzl6di/NfP7fyMVXu9kDAmOy4LiRxszH49+T29wZnjtMSpoqBBYqxQ5ktlVu
SiWrmt9TfIUFyzbEHuFrH4nrKQceVhO2UoI63/+WhngAWg85U8Qj4gldFq5q8ynn
1tErhbf0wGbX8D7NKaHapc/df/uwv4hMQmX+YGr/st4JYEzkbUaG53Awb0j8nU72
V7kHpDf4S4eJ23MO8iajYme2VxDcfaWA9nliQGIRSX69MW4m63WFFe+Uk3EeZC/Z
FKF3OtQUKFCzCRA+CKYrwRYRWFZA3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLoy
ClWiUGzUKr186RE6fU5VmytYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NUFCMEE2QzI0MzUxMUYwQUI4RDFGQUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms/sMA0GCSqGSIb3DQEB
CwUAA4IBAQCeh/t61h89c4jmzLVjgtzFsDAXoKc18lieP6D3XeyU4XHH2joXPuAA
282x1GBTXz9C8RFUOXLGXeADRKtvkoxIJN7XXZgrMyEcYsl2wPuqv4WGj9tyvwIv
KRzwOmpEdSg0xD5/d4uCks8Y0MP5jAJ8TTwsWRr1z+9KBDKx2Xh+FSQFgZg+FOoU
4OzoW0l1zLB8tE3LkgWKygYYZPUQCQZkC4NtiGulx150z77jvwWKVW6AqXxTNDvp
IS+OVxJ73Y9gdlILHwTBK+/xWmZty3mD6u2aFj15NMtKPAT8kuV3tm3AmI7Fa39C
v8r4M76a6dIOTH7hFjtiLzExk9zr+v/n
-----END CERTIFICATE-----
Generated at Sat May 10 10:36:26 2025 by rpki-client