Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D94E148243311F08FAC22A4DAE4EC9C.roa
File: 9D94E148243311F08FAC22A4DAE4EC9C.roa (raw, json)
Hash identifier: H806UHK+U5+pIg7DQ3wbxGc8ZKpHhHr02rShkZ/qzrM=
Subject key identifier: CF:7E:66:A6:22:C2:4F:B3:3A:F6:3A:C4:93:4E:A8:0B:5D:AC:60:D0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BE1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D94E148243311F08FAC22A4DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:20:56 +0000
ROA not before: Mon 28 Apr 2025 13:20:50 +0000
ROA not after: Thu 23 Mar 2028 13:20:50 +0000
asID: 17561
IP address blocks: 154.205.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97249 (0x17be1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 13:20:50 2025 GMT
Not After : Mar 23 13:20:50 2028 GMT
Subject: CN=680f80b8-4c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3c:da:08:59:cd:cb:13:cb:be:f1:bc:54:ef:
64:46:6c:4f:11:3a:ef:a1:4d:b1:3f:4e:24:01:02:
f7:76:7a:b1:87:5e:6e:39:43:a5:b2:01:b7:45:e4:
d0:f6:17:bd:08:e4:43:ed:6e:92:34:1a:c4:a3:25:
5c:f3:fb:72:c8:63:1d:c1:37:59:23:19:a7:2b:e7:
c8:f2:34:ed:c4:6e:d0:88:cf:e2:68:b1:9f:f6:d0:
52:24:da:29:56:da:f6:bd:ca:e8:f9:2b:82:28:79:
27:8c:8a:52:ba:d1:b5:10:b9:22:15:05:8b:ac:ef:
e2:18:83:35:4a:aa:29:28:d8:94:7a:43:20:d1:91:
73:97:47:6c:61:f9:f5:c0:d0:88:cb:cd:48:20:d9:
75:2e:34:09:6a:97:54:f9:d0:f3:c8:31:e5:02:ba:
cc:d7:95:42:cc:40:88:07:88:ec:c7:4e:3c:12:9f:
03:c5:a0:56:87:32:71:ba:22:ee:e1:f1:e3:cd:20:
e0:4b:48:23:9b:57:02:ef:36:34:17:4c:63:8b:ea:
eb:48:b5:c1:97:41:53:d5:a4:5d:1f:e5:f0:f0:05:
b9:58:b2:eb:d5:6b:24:78:d4:79:c6:31:e7:85:dc:
0c:4f:48:fc:31:da:79:eb:0d:2c:be:10:34:e2:79:
c2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7E:66:A6:22:C2:4F:B3:3A:F6:3A:C4:93:4E:A8:0B:5D:AC:60:D0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D94E148243311F08FAC22A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.166.0/24
Signature Algorithm: sha256WithRSAEncryption
67:45:82:f3:14:51:0e:cf:9b:bf:a7:03:4f:cd:9b:a4:ed:d9:
67:01:0b:a7:dc:29:33:8b:b5:29:ad:ff:a0:3f:95:ce:39:b3:
c5:e4:90:42:b7:99:cd:2a:54:6a:e1:f9:8c:07:8d:92:3e:40:
28:bc:78:09:c1:aa:1e:a9:38:8b:d0:86:3f:77:48:bf:a3:3e:
88:4f:fd:2f:48:7f:ca:07:6b:24:c8:5f:ee:4c:e6:73:2d:21:
7b:08:06:61:65:90:04:ba:dd:f3:15:d5:00:c1:47:f0:1d:8b:
39:53:ce:98:b9:51:85:0e:28:cc:fa:b5:ed:70:bb:8b:a6:84:
cd:b1:7b:4e:e4:e2:6a:b4:ce:bd:0f:cf:c1:df:19:06:56:6c:
c5:5c:e7:53:d2:25:9f:0d:a9:4f:1c:c0:86:a6:39:a8:32:34:
b7:6c:18:36:b6:9a:d4:ef:89:eb:19:7d:58:3c:22:bc:e6:70:
ce:df:09:4b:a7:22:67:61:e7:76:64:2a:1f:9c:14:7a:2f:14:
81:cf:36:58:1b:8c:cc:eb:eb:52:30:de:bf:60:5f:aa:99:d0:
03:d9:5a:b9:cb:d8:8f:bf:2f:61:a4:ba:82:fd:8d:1f:80:1f:
05:af:27:61:ba:b7:f7:33:ee:64:84:9b:a1:12:c0:d7:3c:6f:
1e:66:01:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXvhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTMyMDUwWhcNMjgwMzIzMTMyMDUwWjAYMRYw
FAYDVQQDEw02ODBmODBiOC00YzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAljzaCFnNyxPLvvG8VO9kRmxPETrvoU2xP04kAQL3dnqxh15uOUOlsgG3
ReTQ9he9CORD7W6SNBrEoyVc8/tyyGMdwTdZIxmnK+fI8jTtxG7QiM/iaLGf9tBS
JNopVtr2vcro+SuCKHknjIpSutG1ELkiFQWLrO/iGIM1SqopKNiUekMg0ZFzl0ds
Yfn1wNCIy81IINl1LjQJapdU+dDzyDHlArrM15VCzECIB4jsx048Ep8DxaBWhzJx
uiLu4fHjzSDgS0gjm1cC7zY0F0xji+rrSLXBl0FT1aRdH+Xw8AW5WLLr1WskeNR5
xjHnhdwMT0j8Mdp56w0svhA04nnCNwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM9+
ZqYiwk+zOvY6xJNOqAtdrGDQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RDk0RTE0ODI0MzMxMUYwOEZBQzIyQTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2mMA0GCSqGSIb3DQEB
CwUAA4IBAQBnRYLzFFEOz5u/pwNPzZuk7dlnAQun3Ckzi7Uprf+gP5XOObPF5JBC
t5nNKlRq4fmMB42SPkAovHgJwaoeqTiL0IY/d0i/oz6IT/0vSH/KB2skyF/uTOZz
LSF7CAZhZZAEut3zFdUAwUfwHYs5U86YuVGFDijM+rXtcLuLpoTNsXtO5OJqtM69
D8/B3xkGVmzFXOdT0iWfDalPHMCGpjmoMjS3bBg2tprU74nrGX1YPCK85nDO3wlL
pyJnYed2ZCofnBR6LxSBzzZYG4zM6+tSMN6/YF+qmdAD2Vq5y9iPvy9hpLqC/Y0f
gB8Frydhurf3M+5khJuhEsDXPG8eZgFv
-----END CERTIFICATE-----
Generated at Sun May 11 10:28:57 2025 by rpki-client