Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A33C0D52242311F0B33ADFB9DAE4EC9C.roa
File: A33C0D52242311F0B33ADFB9DAE4EC9C.roa (raw, json)
Hash identifier: QSe5nvwwgZGVjUmbKoUZZMVSku/voPqUZ48Vw+JpRXQ=
Subject key identifier: A9:85:26:1E:71:B8:6A:4E:17:8E:DE:DC:7B:53:B0:87:CB:4D:5D:01
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B83
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A33C0D52242311F0B33ADFB9DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 11:26:33 +0000
ROA not before: Mon 28 Apr 2025 11:26:29 +0000
ROA not after: Wed 15 Mar 2028 11:26:29 +0000
asID: 17561
IP address blocks: 154.94.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 01:13:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97155 (0x17b83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 11:26:29 2025 GMT
Not After : Mar 15 11:26:29 2028 GMT
Subject: CN=680f65e9-894b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4e:e8:5b:73:84:d2:8e:f8:a8:bb:df:8a:ac:
60:45:e4:a7:a2:5d:fa:be:19:9d:82:a8:2d:3c:31:
ab:e2:75:d2:32:48:79:f5:e7:76:21:4a:e0:45:c7:
28:33:14:0b:b9:c6:cc:7b:86:f6:98:b6:26:84:22:
d5:5a:c0:6b:6a:99:b0:d3:76:a1:4b:a6:63:ab:3c:
df:1f:5e:11:4f:1e:16:b0:41:32:2b:0a:c5:5b:c9:
c2:36:e8:2e:25:c1:2b:6e:60:d1:12:15:fd:bc:7b:
7f:db:a7:b5:ed:97:98:c0:5d:3b:51:93:45:09:a1:
25:33:37:31:f4:44:89:b6:15:a5:a1:ab:b8:48:19:
9c:a5:7d:b5:29:38:27:fd:2d:0f:01:bb:cb:c7:76:
85:c3:a0:6e:0e:f7:d8:d6:cb:cc:de:40:3b:92:da:
ad:a4:0c:b7:5d:8e:bb:dd:46:b9:e5:af:5f:af:60:
d7:02:c2:b5:d8:f7:30:4e:7b:29:0d:de:aa:3c:29:
c9:0b:24:1e:42:82:fb:13:93:97:10:4f:14:b3:4d:
c4:95:6d:8b:6b:5e:e3:0b:f5:01:d8:eb:98:c8:5c:
fe:de:23:93:06:69:36:be:18:59:f2:2f:67:e3:34:
ae:db:e4:9d:2b:22:a1:5c:ca:ee:d9:0e:6d:12:e2:
96:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:85:26:1E:71:B8:6A:4E:17:8E:DE:DC:7B:53:B0:87:CB:4D:5D:01
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A33C0D52242311F0B33ADFB9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.28.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:e1:e1:2c:be:77:75:70:b8:6f:b5:72:e2:8c:f5:b0:59:2d:
1e:79:a4:3e:bc:e6:a1:52:23:61:37:f6:54:94:0a:5b:1d:c9:
61:de:17:4e:b6:2f:9c:54:8a:b5:05:8b:e2:03:f4:c3:6d:72:
c7:e8:05:0e:88:fb:3d:06:1b:5b:65:38:52:e4:07:9c:0c:19:
79:b1:79:c1:f0:db:b6:da:8a:60:cd:80:43:78:97:8e:e9:37:
3a:ad:12:ad:50:fd:b9:18:d5:c5:35:96:25:5e:ba:a7:90:bc:
f5:92:69:5a:84:52:9f:3c:1e:fb:18:16:5c:c0:31:e1:ac:f1:
55:c2:5d:d4:e7:79:e1:a5:fc:a1:c0:27:6f:b4:74:c8:4b:58:
3d:d2:46:9d:88:4a:8b:c5:9b:05:fd:6f:90:6b:00:9e:84:85:
32:9a:87:f8:39:66:67:d7:30:d9:a0:42:0f:c9:6d:41:37:56:
84:7f:ab:70:21:90:f2:e5:98:ef:66:9a:4a:39:90:5a:55:6d:
98:11:90:3f:48:77:cd:3f:7d:67:11:35:3f:4c:66:0f:52:a3:
3c:8a:c4:b1:95:b2:8c:d9:3c:37:17:08:3b:84:cc:a1:f1:f3:
6f:3f:83:51:ff:0e:de:cb:4b:a5:b4:20:96:1a:f3:fc:b7:aa:
e8:92:9c:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXuDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTEyNjI5WhcNMjgwMzE1MTEyNjI5WjAYMRYw
FAYDVQQDEw02ODBmNjVlOS04OTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1U7oW3OE0o74qLvfiqxgReSnol36vhmdgqgtPDGr4nXSMkh59ed2IUrg
RccoMxQLucbMe4b2mLYmhCLVWsBrapmw03ahS6ZjqzzfH14RTx4WsEEyKwrFW8nC
NuguJcErbmDREhX9vHt/26e17ZeYwF07UZNFCaElMzcx9ESJthWloau4SBmcpX21
KTgn/S0PAbvLx3aFw6BuDvfY1svM3kA7ktqtpAy3XY673Ua55a9fr2DXAsK12Pcw
TnspDd6qPCnJCyQeQoL7E5OXEE8Us03ElW2La17jC/UB2OuYyFz+3iOTBmk2vhhZ
8i9n4zSu2+SdKyKhXMru2Q5tEuKWnQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKmF
Jh5xuGpOF47e3HtTsIfLTV0BMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzNDMEQ1MjI0MjMxMUYwQjMzQURGQjlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4cMA0GCSqGSIb3DQEB
CwUAA4IBAQC44eEsvnd1cLhvtXLijPWwWS0eeaQ+vOahUiNhN/ZUlApbHclh3hdO
ti+cVIq1BYviA/TDbXLH6AUOiPs9BhtbZThS5AecDBl5sXnB8Nu22opgzYBDeJeO
6Tc6rRKtUP25GNXFNZYlXrqnkLz1kmlahFKfPB77GBZcwDHhrPFVwl3U53nhpfyh
wCdvtHTIS1g90kadiEqLxZsF/W+QawCehIUymof4OWZn1zDZoEIPyW1BN1aEf6tw
IZDy5ZjvZppKOZBaVW2YEZA/SHfNP31nETU/TGYPUqM8isSxlbKM2Tw3Fwg7hMyh
8fNvP4NR/w7ey0ultCCWGvP8t6rokpxv
-----END CERTIFICATE-----
Generated at Sun May 11 02:06:54 2025 by rpki-client