Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/688D5D4A243811F0B2E0EEC4DAE4EC9C.roa
File: 688D5D4A243811F0B2E0EEC4DAE4EC9C.roa (raw, json)
Hash identifier: YMoY1/EwiMbt6k11BjtVQpS3o5qa+FkRqNojp1rpb1E=
Subject key identifier: A0:2C:2F:25:CE:5F:13:83:FE:A2:BB:C3:C8:68:86:64:4A:61:50:6E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BFB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/688D5D4A243811F0B2E0EEC4DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:55:14 +0000
ROA not before: Mon 28 Apr 2025 13:55:10 +0000
ROA not after: Mon 02 Jun 2025 13:55:10 +0000
asID: 59642
IP address blocks: 154.84.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97275 (0x17bfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 13:55:10 2025 GMT
Not After : Jun 2 13:55:10 2025 GMT
Subject: CN=680f88c2-ba16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:94:ef:da:d3:6f:2f:69:b4:b2:4d:2f:51:c1:
32:d4:7d:38:8d:79:4a:c5:bd:dd:a9:90:b8:87:87:
6a:7e:e8:39:3f:22:4f:2c:9f:87:e8:dd:70:96:5c:
a8:35:88:75:6d:39:17:b4:b5:c9:57:1b:d2:3b:95:
21:b1:2c:a1:04:37:25:8f:04:19:1e:db:3e:2c:9b:
ca:61:52:8b:3d:c7:80:62:dd:67:fa:03:fd:78:40:
d4:6c:4a:66:8b:0d:7d:1e:e1:18:b9:5d:ab:e6:8f:
a0:b5:86:82:d7:94:f5:3a:30:2f:b1:b0:8a:20:22:
c6:da:f1:08:16:26:00:0d:e2:1f:cb:0d:3a:49:2a:
43:9b:ae:0c:f6:db:87:72:a7:01:2d:ec:11:5e:87:
17:7f:44:7a:94:23:6f:5b:b6:2d:2e:46:a3:3a:9c:
3c:51:8e:d7:3c:9e:ee:07:d0:13:32:16:e0:01:39:
c3:72:90:1e:e4:6d:2a:1f:03:36:8a:da:ee:0d:3b:
f4:8d:24:6f:0c:cd:2f:5b:4f:0d:0a:99:b0:c2:fe:
53:1d:a7:b9:90:be:19:21:b4:62:f3:23:d7:f3:df:
31:49:c6:0a:c2:3c:f4:a4:20:6a:f2:59:64:9f:3e:
6f:5c:47:9b:0e:4b:2d:db:3b:03:36:7d:fd:26:83:
76:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2C:2F:25:CE:5F:13:83:FE:A2:BB:C3:C8:68:86:64:4A:61:50:6E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/688D5D4A243811F0B2E0EEC4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.164.0/24
Signature Algorithm: sha256WithRSAEncryption
96:40:f7:a3:2f:a2:e4:30:e5:16:96:0d:8e:f4:32:8e:85:1b:
e8:6b:48:46:a0:b0:dc:3b:f4:3d:ba:54:5d:5e:80:0b:a1:18:
fb:50:4f:36:4c:93:74:1a:78:9c:00:22:61:8d:ad:78:af:4e:
b7:f2:d5:12:3b:3e:17:5e:cd:e3:ca:a4:1b:00:7c:ae:35:4b:
85:fe:88:b4:d8:5f:fc:29:9c:46:8c:df:2a:27:b7:60:1a:66:
fa:28:88:93:bc:a5:3d:8b:ae:ea:a9:b6:3e:6b:3a:b6:28:2c:
d3:dd:f5:42:dd:e5:f8:6f:76:b8:1a:cc:a1:c3:2a:f7:bd:97:
b8:07:3a:19:f2:cf:ee:2a:18:a9:30:31:64:ec:d1:e2:37:f8:
c4:06:cf:f7:3c:01:4d:5b:b1:d3:6e:2d:81:09:af:a5:30:e2:
af:5a:29:47:0d:85:73:02:47:40:7d:46:c7:b5:e3:54:2b:a0:
d4:20:22:84:0c:b5:04:45:e6:10:97:23:38:73:1b:74:e7:2e:
85:99:97:68:f0:a6:30:6e:63:87:b8:1b:67:ee:b7:16:9d:00:
e7:74:fa:03:3f:9f:02:01:e3:cb:3e:54:5d:94:76:72:45:47:
ca:82:7c:0e:a9:d5:31:67:b1:95:75:6a:76:c7:b6:05:7e:b0:
2f:ab:33:ce
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXv7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTM1NTEwWhcNMjUwNjAyMTM1NTEwWjAYMRYw
FAYDVQQDEw02ODBmODhjMi1iYTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw5Tv2tNvL2m0sk0vUcEy1H04jXlKxb3dqZC4h4dqfug5PyJPLJ+H6N1w
llyoNYh1bTkXtLXJVxvSO5UhsSyhBDcljwQZHts+LJvKYVKLPceAYt1n+gP9eEDU
bEpmiw19HuEYuV2r5o+gtYaC15T1OjAvsbCKICLG2vEIFiYADeIfyw06SSpDm64M
9tuHcqcBLewRXocXf0R6lCNvW7YtLkajOpw8UY7XPJ7uB9ATMhbgATnDcpAe5G0q
HwM2itruDTv0jSRvDM0vW08NCpmwwv5THae5kL4ZIbRi8yPX898xScYKwjz0pCBq
8llknz5vXEebDkst2zsDNn39JoN2UQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKAs
LyXOXxOD/qK7w8hohmRKYVBuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODhENUQ0QTI0MzgxMUYwQjJFMEVFQzREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSkMA0GCSqGSIb3DQEB
CwUAA4IBAQCWQPejL6LkMOUWlg2O9DKOhRvoa0hGoLDcO/Q9ulRdXoALoRj7UE82
TJN0GnicACJhja14r0638tUSOz4XXs3jyqQbAHyuNUuF/oi02F/8KZxGjN8qJ7dg
Gmb6KIiTvKU9i67qqbY+azq2KCzT3fVC3eX4b3a4Gsyhwyr3vZe4BzoZ8s/uKhip
MDFk7NHiN/jEBs/3PAFNW7HTbi2BCa+lMOKvWilHDYVzAkdAfUbHteNUK6DUICKE
DLUEReYQlyM4cxt05y6FmZdo8KYwbmOHuBtn7rcWnQDndPoDP58CAePLPlRdlHZy
RUfKgnwOqdUxZ7GVdWp2x7YFfrAvqzPO
-----END CERTIFICATE-----
Generated at Sun May 11 22:47:00 2025 by rpki-client