Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98157294300111F086895EA3DAE4EC9C.roa
File: 98157294300111F086895EA3DAE4EC9C.roa (raw, json)
Hash identifier: IZXA+dYrYr2QkKurEcVoSJMRKfmkv6FWQadah2/pUS8=
Subject key identifier: 33:02:D3:85:2A:27:33:C3:09:C4:E4:56:83:3B:9B:A1:E0:A6:EF:AC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018078
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98157294300111F086895EA3DAE4EC9C.roa
Signing time: Tue 13 May 2025 13:53:06 +0000
ROA not before: Tue 13 May 2025 13:53:01 +0000
ROA not after: Fri 12 Jun 2026 13:53:01 +0000
asID: 984
IP address blocks: 154.200.154.0/24 maxlen: 24
154.200.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98424 (0x18078)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 13 13:53:01 2025 GMT
Not After : Jun 12 13:53:01 2026 GMT
Subject: CN=68234ec2-f66e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b7:e3:67:bf:5c:d3:57:53:af:ac:64:f8:42:
37:71:c2:cf:33:60:bf:aa:58:f1:ab:16:b9:73:f4:
8b:cf:ad:ac:c4:59:a2:7a:04:01:bf:34:e1:85:9f:
1b:18:12:d0:cf:3d:8d:c9:b7:7e:89:c3:a5:c2:90:
23:49:cc:2b:be:9b:c4:90:e9:4f:2c:7f:ca:b6:ef:
05:ff:59:3f:66:1f:ce:01:c5:5d:e6:26:52:d7:59:
a0:b2:f1:c4:52:af:bd:1b:0b:e0:74:f0:a1:ec:43:
86:85:67:a6:1a:c0:4c:49:86:7b:f6:31:15:d5:f0:
5d:a8:2e:fb:9d:85:ad:c6:8e:84:a0:61:75:54:c6:
1b:29:03:cf:46:76:d5:ea:1f:e0:19:58:ea:51:4d:
8d:1a:8b:38:43:a2:a7:58:aa:96:07:8c:90:7c:a4:
9c:54:35:14:2c:af:b3:25:91:22:49:0d:55:bc:76:
fd:33:fc:36:71:bf:ea:e2:8a:6a:2a:58:bb:c3:7c:
b1:b6:08:ae:8a:93:28:c1:d2:c9:b7:a9:ea:40:b6:
ec:7f:eb:20:e9:70:fd:86:c7:0a:c3:88:94:0c:2b:
77:b1:b1:de:24:e5:fd:30:af:45:c5:ec:6d:23:87:
b1:85:7a:20:ab:60:64:fc:a1:d4:18:26:3b:d7:d1:
7a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:02:D3:85:2A:27:33:C3:09:C4:E4:56:83:3B:9B:A1:E0:A6:EF:AC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98157294300111F086895EA3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.154.0/24
154.200.161.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:47:2c:44:19:91:cd:32:1c:d1:1b:9e:67:6e:aa:e2:10:de:
b7:d2:ca:c7:52:6c:22:45:b2:82:6f:b4:ee:f7:16:70:79:f1:
08:56:10:f6:5a:bc:8e:23:68:e0:58:a3:bd:db:2d:58:c4:8d:
71:8a:b7:d9:96:08:e4:b1:9e:66:a6:ee:be:67:6d:7b:60:97:
09:e8:75:9a:10:6b:06:b4:7a:96:94:1f:18:e2:5a:a0:00:c2:
92:7c:3a:b3:3e:ab:b4:df:ec:9a:58:3c:d0:a7:28:be:9c:1a:
a8:a2:11:a2:d5:56:26:63:b1:06:13:db:ec:5c:a2:5c:a3:28:
5d:fb:ed:6d:26:02:46:ed:3f:c9:38:db:40:73:5a:44:2f:5c:
38:cd:64:da:20:a1:14:b0:de:78:28:40:f8:05:93:33:26:8a:
b3:7f:0c:f6:8e:c6:33:97:3c:00:ad:36:91:70:e6:f8:63:06:
57:2c:23:5c:42:b3:1d:ea:c3:6a:ea:12:7f:e8:27:14:9b:da:
df:e6:e8:71:24:87:b1:34:e9:2c:e6:4a:82:62:65:2c:ad:ab:
11:48:4f:85:fa:b1:ab:24:2d:bf:46:b5:46:30:f8:db:a7:5a:
8f:48:73:5d:fc:f4:29:38:94:d4:53:16:54:06:cc:33:34:c2:
c7:78:72:a8
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYB4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEzMTM1MzAxWhcNMjYwNjEyMTM1MzAxWjAYMRYw
FAYDVQQDEw02ODIzNGVjMi1mNjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx7fjZ79c01dTr6xk+EI3ccLPM2C/qljxqxa5c/SLz62sxFmiegQBvzTh
hZ8bGBLQzz2Nybd+icOlwpAjScwrvpvEkOlPLH/Ktu8F/1k/Zh/OAcVd5iZS11mg
svHEUq+9GwvgdPCh7EOGhWemGsBMSYZ79jEV1fBdqC77nYWtxo6EoGF1VMYbKQPP
RnbV6h/gGVjqUU2NGos4Q6KnWKqWB4yQfKScVDUULK+zJZEiSQ1VvHb9M/w2cb/q
4opqKli7w3yxtgiuipMowdLJt6nqQLbsf+sg6XD9hscKw4iUDCt3sbHeJOX9MK9F
xextI4exhXogq2Bk/KHUGCY719F6KQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDMC
04UqJzPDCcTkVoM7m6Hgpu+sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85ODE1NzI5NDMwMDExMUYwODY4OTVFQTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsiaAwQAmsihMA0GCSqG
SIb3DQEBCwUAA4IBAQAPRyxEGZHNMhzRG55nbqriEN630srHUmwiRbKCb7Tu9xZw
efEIVhD2WryOI2jgWKO92y1YxI1xirfZlgjksZ5mpu6+Z217YJcJ6HWaEGsGtHqW
lB8Y4lqgAMKSfDqzPqu03+yaWDzQpyi+nBqoohGi1VYmY7EGE9vsXKJcoyhd++1t
JgJG7T/JONtAc1pEL1w4zWTaIKEUsN54KED4BZMzJoqzfwz2jsYzlzwArTaRcOb4
YwZXLCNcQrMd6sNq6hJ/6CcUm9rf5uhxJIexNOks5kqCYmUsrasRSE+F+rGrJC2/
RrVGMPjbp1qPSHNd/PQpOJTUUxZUBswzNMLHeHKo
-----END CERTIFICATE-----
Generated at Thu May 15 23:53:47 2025 by rpki-client