Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AC38684241211F0BB7D84C8DAE4EC9C.roa
File: 9AC38684241211F0BB7D84C8DAE4EC9C.roa (raw, json)
Hash identifier: JdQF3vbCNRbKJCTzZBAjvr2ZymZMvjwPgkUke+UA+Ig=
Subject key identifier: C2:AE:3B:C8:CC:DC:F4:5A:C9:75:A3:CE:D7:F0:9E:C0:2E:02:F4:B9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B52
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AC38684241211F0BB7D84C8DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 09:24:38 +0000
ROA not before: Mon 28 Apr 2025 09:24:33 +0000
ROA not after: Fri 30 May 2025 09:24:33 +0000
asID: 149513
IP address blocks: 154.201.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97106 (0x17b52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 09:24:33 2025 GMT
Not After : May 30 09:24:33 2025 GMT
Subject: CN=680f4956-15d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:10:71:65:a7:be:d2:0e:02:b7:77:d5:7b:1f:
f8:3b:6a:73:56:66:3c:1c:3f:56:5e:4a:4b:db:19:
55:3d:f1:40:4c:e1:a5:a2:e8:2a:ae:c3:9a:f2:4a:
e1:a0:cf:ed:68:1d:e0:6b:97:e8:ad:09:47:47:9d:
ee:7f:3c:ed:d2:20:28:33:dd:03:ed:58:36:81:0b:
0c:b4:aa:f0:32:f4:e3:f9:cb:86:c1:3c:ca:cd:e6:
9c:9a:9d:8d:a7:36:6a:fb:2f:2f:63:7a:7d:d9:e9:
d4:13:94:50:5c:54:ca:d7:55:c8:0c:a2:b6:f8:d2:
bc:98:9b:13:be:00:f7:f0:0c:54:21:cd:4e:c0:0a:
45:60:5e:c0:7e:0b:5d:7a:3a:4a:80:15:bf:d3:b9:
df:f4:ba:69:03:af:56:f9:81:11:36:01:e9:d5:70:
21:aa:d1:72:88:cd:4d:9d:4e:73:de:97:ea:bd:27:
bf:c8:95:97:47:29:ad:72:c6:a6:8e:05:5b:a7:64:
e8:ea:a1:2d:4f:7b:02:aa:3f:4d:fe:ff:fc:b4:a9:
fa:a8:d7:f7:82:2e:9b:67:52:b4:9b:6e:39:c4:69:
41:8d:72:45:08:ff:9b:4d:30:d8:b3:e8:5e:c3:dd:
fe:80:53:07:1d:bc:e4:f0:7a:e6:fa:45:a0:42:ac:
4a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:AE:3B:C8:CC:DC:F4:5A:C9:75:A3:CE:D7:F0:9E:C0:2E:02:F4:B9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AC38684241211F0BB7D84C8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.94.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:6c:b4:23:14:c0:e2:75:8c:d3:52:38:ba:6a:ca:0a:c4:2e:
8f:65:c8:5f:fa:e8:f5:29:4a:ca:93:33:38:68:af:4b:b9:33:
30:82:5f:fd:c8:da:45:5d:96:eb:84:1f:7f:88:d5:fd:2c:a6:
9f:07:f4:14:11:e5:26:eb:c2:10:b1:1d:9b:3a:89:e9:76:cc:
17:6e:d9:4e:1b:58:ec:56:c0:1f:ff:24:a0:de:bc:d1:f2:e1:
3c:e5:83:6a:c0:ad:39:f2:5a:56:d8:d0:9c:88:01:a6:72:4b:
9a:ae:69:37:fb:d7:de:9a:8b:e0:ec:cd:37:ea:00:5e:91:e2:
1e:2b:79:5c:b0:6a:14:54:72:f2:9d:96:11:d1:11:15:86:bd:
fd:64:91:96:44:8e:71:53:10:19:59:c1:5e:bd:3b:30:7e:9f:
c2:a8:8f:c4:02:76:2f:d5:62:eb:02:8d:2b:f0:56:da:71:9e:
73:48:4e:4c:cf:87:31:cc:25:a6:40:6d:88:81:b0:33:f2:60:
0b:d7:23:a9:35:30:f0:90:a3:3d:29:05:e3:ac:6e:1e:3d:4d:
46:89:15:75:14:69:9a:df:0d:f6:66:20:ab:b6:ed:24:05:de:
97:16:01:09:4f:00:7a:c3:5d:b9:44:9a:6a:14:34:d7:9b:b5:
03:fc:63:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXtSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MDkyNDMzWhcNMjUwNTMwMDkyNDMzWjAYMRYw
FAYDVQQDEw02ODBmNDk1Ni0xNWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3BBxZae+0g4Ct3fVex/4O2pzVmY8HD9WXkpL2xlVPfFATOGlougqrsOa
8krhoM/taB3ga5forQlHR53ufzzt0iAoM90D7Vg2gQsMtKrwMvTj+cuGwTzKzeac
mp2NpzZq+y8vY3p92enUE5RQXFTK11XIDKK2+NK8mJsTvgD38AxUIc1OwApFYF7A
fgtdejpKgBW/07nf9LppA69W+YERNgHp1XAhqtFyiM1NnU5z3pfqvSe/yJWXRymt
csamjgVbp2To6qEtT3sCqj9N/v/8tKn6qNf3gi6bZ1K0m245xGlBjXJFCP+bTTDY
s+hew93+gFMHHbzk8Hrm+kWgQqxKPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMKu
O8jM3PRayXWjztfwnsAuAvS5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QUMzODY4NDI0MTIxMUYwQkI3RDg0QzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsleMA0GCSqGSIb3DQEB
CwUAA4IBAQC0bLQjFMDidYzTUji6asoKxC6PZchf+uj1KUrKkzM4aK9LuTMwgl/9
yNpFXZbrhB9/iNX9LKafB/QUEeUm68IQsR2bOonpdswXbtlOG1jsVsAf/ySg3rzR
8uE85YNqwK058lpW2NCciAGmckuarmk3+9femovg7M036gBekeIeK3lcsGoUVHLy
nZYR0REVhr39ZJGWRI5xUxAZWcFevTswfp/CqI/EAnYv1WLrAo0r8FbacZ5zSE5M
z4cxzCWmQG2IgbAz8mAL1yOpNTDwkKM9KQXjrG4ePU1GiRV1FGma3w32ZiCrtu0k
Bd6XFgEJTwB6w125RJpqFDTXm7UD/GPx
-----END CERTIFICATE-----
Generated at Thu May 15 23:48:09 2025 by rpki-client