Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9DA7602C258F11F083DBA7C8DAE4EC9C.roa
File: 9DA7602C258F11F083DBA7C8DAE4EC9C.roa (raw, json)
Hash identifier: KoAANFPRbrZdeD4wiXtFAs0f4V2ZS3e29EJKRuTTpWw=
Subject key identifier: B7:CF:9A:4E:15:64:68:3D:63:74:4D:F0:EA:C6:39:22:E9:51:38:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017D06
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9DA7602C258F11F083DBA7C8DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 06:52:01 +0000
ROA not before: Wed 30 Apr 2025 06:51:56 +0000
ROA not after: Fri 16 May 2025 06:51:56 +0000
asID: 141167
IP address blocks: 154.212.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97542 (0x17d06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 06:51:56 2025 GMT
Not After : May 16 06:51:56 2025 GMT
Subject: CN=6811c891-6486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5a:28:53:56:d0:c3:3e:b2:13:52:cb:a0:36:
a3:e4:f0:bd:20:59:b0:1c:0b:09:8f:90:20:b7:86:
bb:82:bb:98:d5:5f:a7:5d:70:0c:ce:02:be:70:5b:
e9:86:0f:f8:e3:86:44:5f:28:1c:bf:fb:7f:ff:2b:
7d:19:4c:0b:b5:25:01:0f:bb:86:cc:b0:c5:8d:4a:
62:13:a8:d0:58:1e:4e:f9:2b:26:f6:30:ef:a9:62:
9f:5a:0f:3a:f0:62:1f:4c:7c:4e:40:5c:2c:7f:a8:
75:5e:e6:c0:3b:1d:d2:4c:84:60:81:73:72:5d:34:
e2:78:ee:84:b5:51:1c:13:55:84:f9:8b:38:18:50:
bc:92:00:4b:b0:99:a7:b6:c8:91:41:1b:f0:5e:28:
f9:e0:d1:ff:36:f6:bf:4d:fb:62:e9:be:47:31:0e:
f0:fb:46:f5:13:e6:fe:62:f0:c1:72:73:66:cd:45:
0e:30:8e:c1:a1:9a:de:96:97:ff:9a:2c:73:84:5c:
b2:61:e6:44:73:2f:49:5e:6f:f0:95:db:3d:a3:b0:
33:0f:71:ea:4c:12:b8:73:5f:d2:ee:8d:7c:0b:2b:
2d:01:62:95:34:05:fb:b7:26:a4:88:c9:00:98:dd:
35:d4:d0:d7:93:8f:3b:3f:15:03:51:f9:33:22:75:
b9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CF:9A:4E:15:64:68:3D:63:74:4D:F0:EA:C6:39:22:E9:51:38:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9DA7602C258F11F083DBA7C8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.140.0/23
Signature Algorithm: sha256WithRSAEncryption
97:59:16:ac:77:be:93:9d:46:de:ab:27:35:3b:de:a6:35:44:
6f:3d:88:9f:91:ae:54:f0:b2:0b:77:d1:40:4c:7d:ae:71:d8:
03:b0:f8:f0:64:9f:c8:21:5c:7d:11:ba:df:9d:25:5d:ba:34:
21:c8:d9:69:4a:73:ad:f8:4a:df:68:1b:e8:6c:6d:0d:18:29:
1b:1b:d6:b9:39:4b:ef:2c:4d:13:a0:1f:08:a5:0e:28:3b:75:
d7:99:1d:7c:bc:f3:af:a9:77:56:82:10:20:0e:b1:44:96:a4:
04:af:2b:86:6e:a2:4c:00:da:c3:ab:d6:9e:d1:05:ec:30:74:
66:e2:0e:3b:f8:8d:0b:74:47:3b:09:44:1c:b4:b4:ef:c2:ca:
62:cf:23:e5:ca:65:83:ff:b0:1b:13:49:d3:64:1b:a8:86:30:
3a:d4:ac:e3:f9:17:1e:d0:c9:2a:5e:35:17:c4:c6:b1:cd:0c:
e7:44:1a:1c:62:78:ab:fd:5a:91:24:95:b1:55:34:0b:9e:aa:
62:e7:1b:86:40:66:63:13:e5:d8:6c:52:09:c0:3f:6a:5c:94:
5d:b2:b0:9d:8e:2a:80:97:ea:6e:cf:82:df:4b:74:3d:74:97:
0d:c7:73:e1:4c:9d:62:d3:12:35:51:ee:bb:c4:24:ad:1e:52:
22:30:25:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX0GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDMwMDY1MTU2WhcNMjUwNTE2MDY1MTU2WjAYMRYw
FAYDVQQDEw02ODExYzg5MS02NDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3VooU1bQwz6yE1LLoDaj5PC9IFmwHAsJj5Agt4a7gruY1V+nXXAMzgK+
cFvphg/444ZEXygcv/t//yt9GUwLtSUBD7uGzLDFjUpiE6jQWB5O+Ssm9jDvqWKf
Wg868GIfTHxOQFwsf6h1XubAOx3STIRggXNyXTTieO6EtVEcE1WE+Ys4GFC8kgBL
sJmntsiRQRvwXij54NH/Nva/Tfti6b5HMQ7w+0b1E+b+YvDBcnNmzUUOMI7BoZre
lpf/mixzhFyyYeZEcy9JXm/wlds9o7AzD3HqTBK4c1/S7o18CystAWKVNAX7tyak
iMkAmN011NDXk487PxUDUfkzInW5mwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLfP
mk4VZGg9Y3RN8OrGOSLpUTgOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85REE3NjAyQzI1OEYxMUYwODNEQkE3QzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtSMMA0GCSqGSIb3DQEB
CwUAA4IBAQCXWRasd76TnUbeqyc1O96mNURvPYifka5U8LILd9FATH2ucdgDsPjw
ZJ/IIVx9EbrfnSVdujQhyNlpSnOt+ErfaBvobG0NGCkbG9a5OUvvLE0ToB8IpQ4o
O3XXmR18vPOvqXdWghAgDrFElqQEryuGbqJMANrDq9ae0QXsMHRm4g47+I0LdEc7
CUQctLTvwspizyPlymWD/7AbE0nTZBuohjA61Kzj+Rce0MkqXjUXxMaxzQznRBoc
Ynir/VqRJJWxVTQLnqpi5xuGQGZjE+XYbFIJwD9qXJRdsrCdjiqAl+puz4LfS3Q9
dJcNx3PhTJ1i0xI1Ue67xCStHlIiMCWi
-----END CERTIFICATE-----
Generated at Mon May 12 05:19:24 2025 by rpki-client