Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86B1EAA8243711F0B134CFBDDAE4EC9C.roa
File: 86B1EAA8243711F0B134CFBDDAE4EC9C.roa (raw, json)
Hash identifier: +0AtnWMzyukNSkMue69jTOa/TN85PIgh0q3WWSXREk4=
Subject key identifier: 20:27:25:07:E3:06:97:C5:1E:28:42:FE:10:CC:74:89:1C:2B:91:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BF9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86B1EAA8243711F0B134CFBDDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:48:55 +0000
ROA not before: Mon 28 Apr 2025 13:48:51 +0000
ROA not after: Sun 26 Mar 2028 13:48:51 +0000
asID: 17561
IP address blocks: 154.89.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97273 (0x17bf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 13:48:51 2025 GMT
Not After : Mar 26 13:48:51 2028 GMT
Subject: CN=680f8747-17b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:df:15:35:a4:c4:51:a0:54:a1:61:c0:e8:ba:
0e:6c:4d:b4:b7:87:47:60:1b:e8:9b:75:14:db:26:
ca:92:98:83:7f:cc:d1:15:9f:c4:c2:dc:70:5e:32:
ef:7e:b5:9b:bf:60:f4:c1:c3:70:83:97:55:4c:88:
fe:ca:e1:90:05:aa:51:b4:29:db:10:e7:47:72:8c:
e7:c0:bb:19:d2:a4:8b:54:39:68:71:be:21:72:f8:
20:e7:a6:e5:01:e7:8f:86:4d:0c:c2:c9:a1:9d:a0:
f0:f8:fc:6c:db:c7:df:48:ae:41:08:1d:9e:2a:28:
42:16:db:0b:58:64:a1:7b:4e:34:95:6a:c7:fd:77:
33:97:ef:7b:93:93:15:26:38:f8:50:c6:df:a0:25:
1c:f7:9c:61:20:4a:04:ca:69:34:4c:a6:24:66:46:
12:17:a2:c6:79:91:6b:b5:0a:13:6a:ea:c4:ae:bc:
dd:08:13:3d:01:52:85:e8:d4:1c:ef:04:88:52:ab:
eb:9c:17:a3:44:e7:49:b7:d1:b6:b2:e2:b3:40:71:
ac:4f:f3:4f:b0:f7:71:ec:97:f9:fa:9c:73:da:01:
a0:92:0b:62:6f:cb:10:72:99:ec:b4:d1:1f:dc:d8:
30:d3:81:28:2b:03:06:02:08:16:d2:32:a5:ee:6a:
4d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:27:25:07:E3:06:97:C5:1E:28:42:FE:10:CC:74:89:1C:2B:91:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86B1EAA8243711F0B134CFBDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.128.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:40:d0:b2:42:e1:00:e0:a2:ef:a3:6a:39:14:a9:ea:b2:56:
08:4c:36:a2:0e:06:93:b3:73:bd:11:56:f0:bc:d4:a2:75:ae:
ee:c3:b2:0a:57:6c:43:ff:92:50:03:fc:45:91:8c:e4:d9:c3:
9b:f2:73:8d:98:01:59:82:a9:d0:fd:af:32:9b:f3:5e:0e:08:
6d:3a:01:84:05:e4:51:f2:b7:0e:cd:77:85:0e:b7:ac:00:c2:
00:fa:5f:af:97:57:1d:88:19:5a:92:f9:d8:77:d9:f5:31:7b:
a1:ac:30:ee:fd:ef:69:80:8a:ac:a0:c8:8d:13:d0:aa:26:99:
03:5f:0c:b0:9b:a4:28:ad:45:4e:9f:82:7d:b7:97:fd:64:c6:
49:97:74:10:07:8d:a4:e3:32:08:d1:b5:84:00:43:6c:bc:a5:
c3:f0:8c:a1:73:11:99:ed:69:16:e3:0e:03:00:f7:a8:7a:1d:
73:91:0d:ea:08:9e:c3:73:aa:75:03:2f:bc:ba:b9:d0:e4:14:
5e:ec:48:4b:c8:78:b1:8a:3a:a5:d2:ea:23:19:16:2d:9f:3c:
e8:6c:81:10:c1:4f:3c:37:1c:d6:d5:0a:12:c7:f9:42:c1:6e:
4f:96:f8:8a:4b:e4:17:12:b5:d7:68:06:74:78:67:c4:ee:d8:
d3:16:82:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXv5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTM0ODUxWhcNMjgwMzI2MTM0ODUxWjAYMRYw
FAYDVQQDEw02ODBmODc0Ny0xN2IzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA898VNaTEUaBUoWHA6LoObE20t4dHYBvom3UU2ybKkpiDf8zRFZ/Ewtxw
XjLvfrWbv2D0wcNwg5dVTIj+yuGQBapRtCnbEOdHcoznwLsZ0qSLVDlocb4hcvgg
56blAeePhk0MwsmhnaDw+Pxs28ffSK5BCB2eKihCFtsLWGShe040lWrH/Xczl+97
k5MVJjj4UMbfoCUc95xhIEoEymk0TKYkZkYSF6LGeZFrtQoTaurErrzdCBM9AVKF
6NQc7wSIUqvrnBejROdJt9G2suKzQHGsT/NPsPdx7Jf5+pxz2gGgkgtib8sQcpns
tNEf3Ngw04EoKwMGAggW0jKl7mpN3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCAn
JQfjBpfFHihC/hDMdIkcK5HdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NkIxRUFBODI0MzcxMUYwQjEzNENGQkREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmAMA0GCSqGSIb3DQEB
CwUAA4IBAQBrQNCyQuEA4KLvo2o5FKnqslYITDaiDgaTs3O9EVbwvNSida7uw7IK
V2xD/5JQA/xFkYzk2cOb8nONmAFZgqnQ/a8ym/NeDghtOgGEBeRR8rcOzXeFDres
AMIA+l+vl1cdiBlakvnYd9n1MXuhrDDu/e9pgIqsoMiNE9CqJpkDXwywm6QorUVO
n4J9t5f9ZMZJl3QQB42k4zII0bWEAENsvKXD8IyhcxGZ7WkW4w4DAPeoeh1zkQ3q
CJ7Dc6p1Ay+8urnQ5BRe7EhLyHixijql0uojGRYtnzzobIEQwU88NxzW1QoSx/lC
wW5PlviKS+QXErXXaAZ0eGfE7tjTFoLV
-----END CERTIFICATE-----
Generated at Mon May 12 18:58:48 2025 by rpki-client