Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7D654150243411F08DFB96AADAE4EC9C.roa
File: 7D654150243411F08DFB96AADAE4EC9C.roa (raw, json)
Hash identifier: KMXg8OnVgq01sdEDl2cUDB7fjZhY6yyBsiwjEPKWENc=
Subject key identifier: 4C:D9:E8:D8:6C:A0:26:A1:9F:3A:ED:9C:C3:3D:3C:2D:D0:56:38:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BE7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7D654150243411F08DFB96AADAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:27:11 +0000
ROA not before: Mon 28 Apr 2025 13:27:07 +0000
ROA not after: Mon 23 Mar 2026 13:27:07 +0000
asID: 984
IP address blocks: 154.207.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 10 May 2025 00:07:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97255 (0x17be7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 13:27:07 2025 GMT
Not After : Mar 23 13:27:07 2026 GMT
Subject: CN=680f822f-b616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:72:9e:b8:cb:ff:f9:1f:de:54:d1:2f:6f:8f:
5e:0e:21:4d:ac:ec:03:c3:30:64:41:53:ad:be:1b:
85:4e:a8:52:6e:ea:1d:a6:23:b1:ca:30:99:53:c5:
d5:29:76:28:f9:4a:a2:af:93:e0:92:c7:4f:4a:95:
21:fe:a6:d0:3d:35:7d:ce:80:80:70:72:7f:29:c9:
b6:44:dd:df:1e:1a:5e:6d:f5:76:5b:f5:07:97:20:
d5:e8:6e:bf:ed:f2:a7:31:d2:0f:85:6f:59:07:c1:
1c:30:8a:ff:cc:84:2c:d0:de:30:ab:31:aa:13:87:
b1:cc:46:1e:03:1d:85:53:22:54:30:c7:c8:a9:72:
e6:c6:59:fa:af:40:a2:d4:9c:51:94:df:54:a1:99:
4b:1c:1b:af:20:85:c6:da:97:63:91:41:77:be:ed:
c2:1c:86:ee:c5:b4:a5:aa:ec:66:22:16:3b:f9:32:
a2:cc:e3:4b:0f:99:a0:aa:1c:c0:86:9e:bd:b9:5e:
7f:e9:74:56:66:f7:70:92:56:45:ca:78:d7:80:ca:
7d:de:82:3d:ba:b8:16:91:8d:6f:05:a8:49:1e:8a:
33:33:ac:8b:09:26:f6:d2:0f:a0:d7:e7:6d:51:e6:
7e:5d:04:8e:e2:eb:7f:ab:3c:2f:ac:b7:e0:a2:9a:
50:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D9:E8:D8:6C:A0:26:A1:9F:3A:ED:9C:C3:3D:3C:2D:D0:56:38:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7D654150243411F08DFB96AADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.233.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:76:fd:23:bf:e3:d4:af:28:c1:9a:29:e4:b1:99:50:33:98:
04:5c:02:a4:3d:87:e5:64:61:9a:0c:e1:7e:55:7d:93:0c:92:
7f:da:f2:85:06:a4:15:f4:29:48:06:08:de:cb:d4:69:31:d5:
d9:1c:42:73:8e:4b:77:4f:2d:14:2c:45:66:2b:c8:f9:15:e3:
1d:b4:d0:2b:1b:8b:8c:2a:20:1c:5c:74:07:8d:cd:35:b2:7e:
be:8d:53:6f:f0:4e:a7:a3:63:c4:d9:b4:4a:41:a5:51:94:7e:
9e:7f:22:9f:94:67:d3:66:ce:f3:db:8e:8f:cb:ed:16:55:4e:
a2:b5:ff:c0:ea:46:cc:11:a1:ed:13:20:a2:91:73:a4:1e:7a:
01:b4:84:7d:9d:35:3b:4a:8c:91:b2:fa:1b:5d:6a:aa:04:e0:
3d:9a:2c:2d:1d:b6:68:f3:96:eb:50:2f:21:c1:1d:8e:f0:ff:
92:55:20:a4:c5:9a:8d:09:15:90:7a:ae:53:91:d0:89:78:c2:
43:07:da:9f:f2:2b:3f:41:dd:f0:9e:44:e4:f2:db:1e:7a:d9:
d0:2f:86:c3:0e:ae:39:a1:e7:cb:2d:ca:f3:a1:28:fa:91:8a:
8e:d8:48:27:00:9f:43:b6:42:81:72:82:07:b9:29:af:98:b8:
fc:00:c6:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXvnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTMyNzA3WhcNMjYwMzIzMTMyNzA3WjAYMRYw
FAYDVQQDEw02ODBmODIyZi1iNjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2HKeuMv/+R/eVNEvb49eDiFNrOwDwzBkQVOtvhuFTqhSbuodpiOxyjCZ
U8XVKXYo+Uqir5PgksdPSpUh/qbQPTV9zoCAcHJ/Kcm2RN3fHhpebfV2W/UHlyDV
6G6/7fKnMdIPhW9ZB8EcMIr/zIQs0N4wqzGqE4exzEYeAx2FUyJUMMfIqXLmxln6
r0Ci1JxRlN9UoZlLHBuvIIXG2pdjkUF3vu3CHIbuxbSlquxmIhY7+TKizONLD5mg
qhzAhp69uV5/6XRWZvdwklZFynjXgMp93oI9urgWkY1vBahJHoozM6yLCSb20g+g
1+dtUeZ+XQSO4ut/qzwvrLfgoppQ2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEzZ
6NhsoCahnzrtnMM9PC3QVjifMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RDY1NDE1MDI0MzQxMUYwOERGQjk2QUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms/pMA0GCSqGSIb3DQEB
CwUAA4IBAQBcdv0jv+PUryjBminksZlQM5gEXAKkPYflZGGaDOF+VX2TDJJ/2vKF
BqQV9ClIBgjey9RpMdXZHEJzjkt3Ty0ULEVmK8j5FeMdtNArG4uMKiAcXHQHjc01
sn6+jVNv8E6no2PE2bRKQaVRlH6efyKflGfTZs7z246Py+0WVU6itf/A6kbMEaHt
EyCikXOkHnoBtIR9nTU7SoyRsvobXWqqBOA9miwtHbZo85brUC8hwR2O8P+SVSCk
xZqNCRWQeq5TkdCJeMJDB9qf8is/Qd3wnkTk8tseetnQL4bDDq45oefLLcrzoSj6
kYqO2EgnAJ9DtkKBcoIHuSmvmLj8AMbT
-----END CERTIFICATE-----
Generated at Thu May 8 14:06:15 2025 by rpki-client