Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/753D6560243011F08AFB5C8FDAE4EC9C.roa
File: 753D6560243011F08AFB5C8FDAE4EC9C.roa (raw, json)
Hash identifier: x6Ay0PdkFlNH0ca1rD7kUsYUSPY9nkIDhw+m8PwaAxY=
Subject key identifier: 50:B6:E4:5A:CB:FA:C7:16:E6:7B:27:A4:98:AC:B5:D3:71:CD:12:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BC9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/753D6560243011F08AFB5C8FDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 12:58:20 +0000
ROA not before: Mon 28 Apr 2025 12:58:15 +0000
ROA not after: Thu 23 Mar 2028 12:58:15 +0000
asID: 17561
IP address blocks: 154.203.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97225 (0x17bc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 12:58:15 2025 GMT
Not After : Mar 23 12:58:15 2028 GMT
Subject: CN=680f7b6b-fe69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:88:5b:d6:0b:3b:7b:32:1e:c5:71:81:8d:61:
61:fa:73:7e:9f:82:22:23:6c:7b:d9:10:21:c9:af:
ef:bc:96:9f:9a:c5:ca:ef:e6:cb:81:9a:3d:d8:83:
e9:f9:56:d0:0b:f9:21:39:3c:ba:67:52:f4:04:56:
8c:59:8e:a1:ff:dc:fa:1e:dd:dd:b6:a7:bd:8b:f1:
da:34:f0:e3:c6:29:5e:2a:27:73:5e:5e:be:5f:c8:
9a:c2:47:92:de:77:8d:d3:37:c9:e2:aa:40:ad:aa:
2b:91:3a:76:07:91:4b:2a:a4:2a:4c:0b:49:56:87:
d3:79:cd:4c:4c:c2:33:6e:a3:2a:e0:6f:1b:f8:fe:
b5:ed:e9:54:8c:27:fe:5a:52:82:86:79:7f:f3:fe:
5f:cd:bf:37:d5:0b:76:bd:68:d3:a6:57:48:a0:90:
93:4d:35:b7:40:b8:9a:4c:e3:d3:0a:85:95:8d:81:
81:0e:8e:a7:a1:53:b0:4d:74:3c:18:61:fc:6f:ea:
1a:93:4b:bf:23:65:12:3a:42:11:a6:60:cc:c4:31:
d9:29:d0:c6:00:63:92:b6:34:4a:30:bf:60:a5:29:
a9:f2:1c:25:de:f7:84:12:ac:e5:91:7b:37:f2:07:
3f:9b:2d:f2:a8:52:cd:cd:c4:bd:1f:6e:d4:7d:fb:
8b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B6:E4:5A:CB:FA:C7:16:E6:7B:27:A4:98:AC:B5:D3:71:CD:12:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/753D6560243011F08AFB5C8FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.75.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:be:38:3b:d4:2c:f9:aa:54:b1:87:54:9d:b0:91:8e:87:dd:
ce:1a:c5:37:f9:f5:bd:1c:f3:52:e0:9f:82:11:5f:0f:d4:fa:
f5:0f:46:23:a0:f1:7e:af:36:75:9f:83:77:38:c2:cf:00:b3:
fe:99:74:3b:88:4b:f1:16:22:fb:e9:7c:ad:f3:52:dc:80:d7:
42:bb:fc:da:b2:1b:0b:55:24:56:aa:b1:41:1d:91:a3:e9:23:
30:69:ed:83:09:d4:e6:7f:bd:d4:61:14:95:6a:9f:4e:a9:25:
2e:a3:7e:54:f8:68:b2:d5:9b:f9:1a:af:3b:0d:21:68:c6:bd:
da:b8:af:98:b3:24:52:91:6d:0d:1a:d0:b7:c6:8f:5d:d8:5b:
08:38:61:87:57:5d:9b:7a:ee:83:5b:18:ea:b5:8e:56:33:b1:
11:03:86:bd:58:96:ee:b1:ce:31:95:fb:a0:64:81:17:f3:02:
a7:fe:09:66:d2:99:90:1d:a1:01:40:09:d9:ad:38:b1:fd:fb:
36:76:96:d0:61:d1:0a:fb:76:af:aa:00:de:d1:ad:de:24:0b:
c1:76:52:b2:60:32:da:7e:32:0e:99:23:5a:33:34:7c:ef:5c:
1e:71:45:c4:9a:f4:93:46:3e:f8:44:c6:c8:24:f9:52:f4:e5:
e2:3a:fd:01
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXvJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTI1ODE1WhcNMjgwMzIzMTI1ODE1WjAYMRYw
FAYDVQQDEw02ODBmN2I2Yi1mZTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyohb1gs7ezIexXGBjWFh+nN+n4IiI2x72RAhya/vvJafmsXK7+bLgZo9
2IPp+VbQC/khOTy6Z1L0BFaMWY6h/9z6Ht3dtqe9i/HaNPDjxileKidzXl6+X8ia
wkeS3neN0zfJ4qpAraorkTp2B5FLKqQqTAtJVofTec1MTMIzbqMq4G8b+P617elU
jCf+WlKChnl/8/5fzb831Qt2vWjTpldIoJCTTTW3QLiaTOPTCoWVjYGBDo6noVOw
TXQ8GGH8b+oak0u/I2USOkIRpmDMxDHZKdDGAGOStjRKML9gpSmp8hwl3veEEqzl
kXs38gc/my3yqFLNzcS9H27UffuLZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFC2
5FrL+scW5nsnpJistdNxzRKrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NTNENjU2MDI0MzAxMUYwOEFGQjVDOEZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmstLMA0GCSqGSIb3DQEB
CwUAA4IBAQCNvjg71Cz5qlSxh1SdsJGOh93OGsU3+fW9HPNS4J+CEV8P1Pr1D0Yj
oPF+rzZ1n4N3OMLPALP+mXQ7iEvxFiL76Xyt81LcgNdCu/zashsLVSRWqrFBHZGj
6SMwae2DCdTmf73UYRSVap9OqSUuo35U+Giy1Zv5Gq87DSFoxr3auK+YsyRSkW0N
GtC3xo9d2FsIOGGHV12beu6DWxjqtY5WM7ERA4a9WJbusc4xlfugZIEX8wKn/glm
0pmQHaEBQAnZrTix/fs2dpbQYdEK+3avqgDe0a3eJAvBdlKyYDLafjIOmSNaMzR8
71wecUXEmvSTRj74RMbIJPlS9OXiOv0B
-----END CERTIFICATE-----
Generated at Wed May 7 07:50:46 2025 by rpki-client