Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4695F28242C11F088A0F9F4DAE4EC9C.roa
File: A4695F28242C11F088A0F9F4DAE4EC9C.roa (raw, json)
Hash identifier: iLaMouSxtLMD/3W8wK8eFb2HTk5QDd0o2G4hKXRd8ME=
Subject key identifier: F5:9D:00:B2:D9:CF:2A:5C:D9:27:21:62:04:A5:A5:0D:66:21:77:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BA8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4695F28242C11F088A0F9F4DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 12:31:01 +0000
ROA not before: Mon 28 Apr 2025 12:30:56 +0000
ROA not after: Sat 21 Mar 2026 12:30:56 +0000
asID: 984
IP address blocks: 154.89.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97192 (0x17ba8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 12:30:56 2025 GMT
Not After : Mar 21 12:30:56 2026 GMT
Subject: CN=680f7505-ed4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c6:81:28:23:74:34:a5:ec:e8:1a:19:f4:35:
ab:a2:c5:f5:29:92:49:bb:dc:05:b9:8a:ee:02:7f:
f1:d7:39:c9:69:3e:a4:32:d3:76:30:34:f3:87:3f:
a7:25:91:ab:c5:4b:39:9c:1e:2d:55:25:36:8e:07:
96:60:dc:d4:22:84:6d:66:0c:60:ad:74:c3:f6:7b:
cc:86:be:2d:ed:fc:df:f8:58:56:83:d7:be:8b:b3:
58:73:c1:78:bd:c9:15:9c:2d:f1:2c:5a:0e:a4:ea:
80:75:53:64:ff:18:ed:93:b5:41:63:0e:d8:1c:d7:
6a:0b:37:71:2d:14:36:01:97:82:93:43:1e:32:60:
22:0b:86:d1:56:07:bf:38:cd:1f:de:e3:14:54:fa:
e9:8b:88:51:b0:5b:9a:db:f9:4b:5e:16:2f:87:f9:
0d:8b:b1:01:09:a2:f7:e7:7f:ff:ff:cf:14:09:3b:
26:c1:6c:d1:e3:76:a1:f0:65:31:c9:68:01:06:ca:
d7:5c:8e:2f:9b:1e:46:a7:39:f5:5f:11:3b:4d:e7:
d6:cf:70:aa:91:6c:66:be:0f:75:a6:c8:8d:77:0e:
8c:2f:84:94:f1:1a:8d:43:f6:c1:61:bf:7a:fa:5c:
b2:df:95:3d:21:49:d1:1e:76:b6:4e:69:da:66:14:
65:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9D:00:B2:D9:CF:2A:5C:D9:27:21:62:04:A5:A5:0D:66:21:77:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4695F28242C11F088A0F9F4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.10.0/24
Signature Algorithm: sha256WithRSAEncryption
08:88:52:5c:68:9b:ae:99:2a:9c:ca:09:1e:de:0d:04:37:b4:
43:db:8e:06:e9:a9:f7:3a:d8:21:fa:23:e7:1c:af:cc:0e:2a:
f4:03:3f:b5:86:63:e3:f2:09:4d:12:ca:9c:b8:23:93:e6:c3:
cd:8c:68:89:a2:3b:04:4a:1a:91:44:4d:bf:fa:0d:c7:f0:69:
02:af:ff:39:eb:cb:88:9d:43:b7:5d:07:ba:20:83:ca:f5:56:
94:d9:f8:09:2a:9c:e7:14:b5:ea:0a:95:5b:f7:4c:62:69:0c:
9d:9b:fc:1a:93:a8:0c:9c:d8:53:74:66:51:5a:48:00:6e:73:
74:f2:2f:89:7e:28:ec:bb:c5:21:3d:86:8b:75:ff:7a:17:8d:
cd:c7:8b:31:4c:20:a7:c2:73:d2:47:22:c2:c8:e7:4d:3d:2d:
a0:b0:43:ee:ef:1a:3d:0b:a5:bc:b5:1a:19:96:90:99:c2:4a:
b7:23:ab:cb:65:ef:8c:9b:b9:86:20:32:71:c2:ce:33:e4:49:
a6:13:61:cc:3e:6e:07:d8:54:1f:bf:2b:18:30:c3:44:a7:12:
d2:ee:ce:a3:98:fb:70:04:e4:73:e1:84:d9:36:f9:d3:67:43:
a6:1d:e0:1b:a6:c6:38:4b:2b:7e:13:e9:99:b2:e4:b8:86:5b:
fc:4f:1e:98
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXuoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTIzMDU2WhcNMjYwMzIxMTIzMDU2WjAYMRYw
FAYDVQQDEw02ODBmNzUwNS1lZDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4MaBKCN0NKXs6BoZ9DWrosX1KZJJu9wFuYruAn/x1znJaT6kMtN2MDTz
hz+nJZGrxUs5nB4tVSU2jgeWYNzUIoRtZgxgrXTD9nvMhr4t7fzf+FhWg9e+i7NY
c8F4vckVnC3xLFoOpOqAdVNk/xjtk7VBYw7YHNdqCzdxLRQ2AZeCk0MeMmAiC4bR
Vge/OM0f3uMUVPrpi4hRsFua2/lLXhYvh/kNi7EBCaL353///88UCTsmwWzR43ah
8GUxyWgBBsrXXI4vmx5Gpzn1XxE7TefWz3CqkWxmvg91psiNdw6ML4SU8RqNQ/bB
Yb96+lyy35U9IUnRHna2TmnaZhRlFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPWd
ALLZzypc2SchYgSlpQ1mIXcbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNDY5NUYyODI0MkMxMUYwODhBMEY5RjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkKMA0GCSqGSIb3DQEB
CwUAA4IBAQAIiFJcaJuumSqcygke3g0EN7RD244G6an3Otgh+iPnHK/MDir0Az+1
hmPj8glNEsqcuCOT5sPNjGiJojsEShqRRE2/+g3H8GkCr/8568uInUO3XQe6IIPK
9VaU2fgJKpznFLXqCpVb90xiaQydm/wak6gMnNhTdGZRWkgAbnN08i+Jfijsu8Uh
PYaLdf96F43Nx4sxTCCnwnPSRyLCyOdNPS2gsEPu7xo9C6W8tRoZlpCZwkq3I6vL
Ze+Mm7mGIDJxws4z5EmmE2HMPm4H2FQfvysYMMNEpxLS7s6jmPtwBORz4YTZNvnT
Z0OmHeAbpsY4Syt+E+mZsuS4hlv8Tx6Y
-----END CERTIFICATE-----
Generated at Sun May 11 15:46:23 2025 by rpki-client