Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/881A3F7A242411F0A35739C0DAE4EC9C.roa
File: 881A3F7A242411F0A35739C0DAE4EC9C.roa (raw, json)
Hash identifier: +5pQzl6X9BvkjOppIr/hzIvUfegQtF3/3XSEXEp5iWg=
Subject key identifier: 2A:22:A1:EE:FE:4E:56:14:C3:12:61:AE:9D:D0:27:6C:0F:FF:43:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B8A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/881A3F7A242411F0A35739C0DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 11:32:57 +0000
ROA not before: Mon 28 Apr 2025 11:32:53 +0000
ROA not after: Wed 15 Mar 2028 11:32:53 +0000
asID: 17561
IP address blocks: 154.94.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97162 (0x17b8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 11:32:53 2025 GMT
Not After : Mar 15 11:32:53 2028 GMT
Subject: CN=680f6769-70d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cd:21:f9:cd:2b:5e:4d:d5:b9:de:9c:9e:24:
76:6f:14:55:43:87:e1:11:9e:6d:d3:10:b6:d8:08:
ec:96:3d:d6:9d:1e:56:80:f7:8f:7c:e6:28:fa:3b:
35:41:3d:91:80:41:96:1b:4e:45:3d:bc:12:b2:af:
70:fa:43:33:fb:9c:04:7b:13:1c:94:71:8e:5a:e2:
1d:56:53:a7:cc:15:8a:bb:a0:1c:19:e2:66:4e:da:
4b:28:da:c3:e5:ac:b9:f0:91:f3:9f:3b:2e:f2:1c:
23:50:4d:7b:36:b7:4b:72:ce:f3:d8:62:5b:ba:ff:
d3:a5:b6:ca:e4:b9:83:93:c8:89:8f:a4:84:fe:c0:
af:3a:ef:db:7e:5c:4d:e6:ee:90:a2:c3:5e:77:e4:
13:3b:38:82:ca:32:ca:09:91:5d:b8:7f:b0:79:7e:
b3:68:86:64:13:3a:3d:3f:94:41:49:bd:45:3e:89:
e5:76:96:cd:1b:94:0c:aa:e5:a7:a1:13:f1:47:5a:
7f:74:30:e2:1d:6b:df:98:8c:13:fc:ce:8e:d2:25:
90:86:9a:33:af:14:99:16:56:c1:2e:dd:f2:7f:1c:
4c:b3:8b:bd:a8:21:f0:6b:81:04:7f:c1:54:49:a1:
11:e7:7d:ac:6a:7b:ac:9d:84:09:dc:07:9b:0e:f2:
1e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:22:A1:EE:FE:4E:56:14:C3:12:61:AE:9D:D0:27:6C:0F:FF:43:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/881A3F7A242411F0A35739C0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.31.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:e7:92:1f:9b:ff:6c:b9:cf:30:df:8e:36:1e:c4:77:7f:4c:
ad:0c:99:4b:fa:dd:15:ba:0d:32:3d:01:fb:b3:06:c3:1f:b6:
ff:9c:f3:ba:8e:0e:0c:55:2e:69:b4:dc:a4:e9:af:70:c3:84:
56:98:1f:8c:01:6e:6d:0a:2b:af:13:4e:28:29:f6:63:af:4b:
1e:7d:fa:fa:cf:35:cc:f4:04:45:46:df:ee:cf:cc:e5:2c:7d:
0c:99:79:e4:2b:20:10:11:40:ab:45:52:87:0e:d8:ab:e8:0a:
8c:24:9f:92:25:39:da:44:0b:1f:ac:c0:87:a1:23:a8:a3:5b:
96:78:6e:14:89:ce:2e:4b:0d:76:40:03:18:85:1d:2b:f3:0a:
2b:10:5e:e1:bc:75:ae:49:8b:86:21:9d:a0:7e:29:e0:0c:61:
d4:31:74:42:ba:22:f1:14:fe:16:de:8c:13:2b:7e:c3:1d:e2:
1b:dc:90:82:6d:b8:0c:b5:a3:e3:77:2a:4f:05:cb:5d:2f:2d:
5e:34:b4:6b:01:cb:d9:1e:0d:e8:7d:cf:f4:4e:c7:3a:56:cf:
17:79:04:89:48:56:bb:1a:94:22:f9:25:2a:7a:18:53:db:cb:
13:11:8f:7b:e9:cc:6c:17:df:ba:21:8d:a3:ce:70:28:f0:ca:
6f:19:a6:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXuKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTEzMjUzWhcNMjgwMzE1MTEzMjUzWjAYMRYw
FAYDVQQDEw02ODBmNjc2OS03MGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAms0h+c0rXk3Vud6cniR2bxRVQ4fhEZ5t0xC22Ajslj3WnR5WgPePfOYo
+js1QT2RgEGWG05FPbwSsq9w+kMz+5wEexMclHGOWuIdVlOnzBWKu6AcGeJmTtpL
KNrD5ay58JHznzsu8hwjUE17NrdLcs7z2GJbuv/TpbbK5LmDk8iJj6SE/sCvOu/b
flxN5u6QosNed+QTOziCyjLKCZFduH+weX6zaIZkEzo9P5RBSb1FPonldpbNG5QM
quWnoRPxR1p/dDDiHWvfmIwT/M6O0iWQhpozrxSZFlbBLt3yfxxMs4u9qCHwa4EE
f8FUSaER532sanusnYQJ3AebDvIe/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCoi
oe7+TlYUwxJhrp3QJ2wP/0O/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODFBM0Y3QTI0MjQxMUYwQTM1NzM5QzBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4fMA0GCSqGSIb3DQEB
CwUAA4IBAQCk55Ifm/9suc8w3442HsR3f0ytDJlL+t0Vug0yPQH7swbDH7b/nPO6
jg4MVS5ptNyk6a9ww4RWmB+MAW5tCiuvE04oKfZjr0seffr6zzXM9ARFRt/uz8zl
LH0MmXnkKyAQEUCrRVKHDtir6AqMJJ+SJTnaRAsfrMCHoSOoo1uWeG4Uic4uSw12
QAMYhR0r8worEF7hvHWuSYuGIZ2gfingDGHUMXRCuiLxFP4W3owTK37DHeIb3JCC
bbgMtaPjdypPBctdLy1eNLRrAcvZHg3ofc/0Tsc6Vs8XeQSJSFa7GpQi+SUqehhT
28sTEY976cxsF9+6IY2jznAo8MpvGaa9
-----END CERTIFICATE-----
Generated at Mon May 12 19:26:09 2025 by rpki-client