Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB3A437C243A11F0B71CABD2DAE4EC9C.roa
File: AB3A437C243A11F0B71CABD2DAE4EC9C.roa (raw, json)
Hash identifier: 3CFXqP4M/5L0BT+qfFZl2TBTncUKBi0aaGrV9vWJpqQ=
Subject key identifier: CB:F7:58:5D:35:76:A6:D0:19:F4:A1:AD:8D:D6:21:9C:97:70:3F:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BFF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB3A437C243A11F0B71CABD2DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 14:11:25 +0000
ROA not before: Mon 28 Apr 2025 14:11:21 +0000
ROA not after: Mon 02 Jun 2025 14:11:21 +0000
asID: 209242
IP address blocks: 154.206.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97279 (0x17bff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 14:11:21 2025 GMT
Not After : Jun 2 14:11:21 2025 GMT
Subject: CN=680f8c8d-0d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a1:cb:0c:f2:77:c0:e6:e9:93:2c:09:4c:c6:
90:1e:7f:95:3c:6b:6f:a4:40:da:53:f6:00:cd:35:
d0:e5:8d:f8:6b:b2:4a:56:03:fe:a1:27:72:2b:9e:
36:99:d5:02:d6:fb:a5:e3:d1:18:95:34:cf:9f:ae:
c4:fb:7c:e4:93:9f:5c:53:39:db:58:c1:a3:1c:5f:
40:ab:3c:ca:cd:49:1f:26:3e:b2:93:14:aa:fb:63:
2e:3d:bd:f0:39:3f:48:fa:80:a4:c4:34:9d:15:89:
1c:21:bc:20:a9:e6:fa:38:d3:95:24:df:cf:f7:0a:
16:28:d7:f9:42:0b:2d:b7:da:7f:ed:aa:66:c5:46:
a1:c6:92:c6:42:a9:fb:03:16:f4:99:43:37:67:7a:
09:0d:68:f4:9f:e2:43:91:8c:1a:e4:c6:20:b5:79:
8f:34:94:a4:93:e8:2a:b6:97:ef:84:47:80:27:7a:
fb:26:08:da:0d:03:9e:d1:24:dc:4e:ea:f2:ab:97:
3e:c7:2e:49:10:a2:04:20:e7:8e:3b:f1:3d:cb:e1:
30:e9:7d:26:41:19:92:db:81:18:d2:0b:d4:76:8a:
62:94:96:c6:51:ea:0c:27:97:df:33:2f:f2:75:78:
99:26:b0:b8:0f:ae:bf:23:68:a3:bf:64:73:9a:74:
a0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F7:58:5D:35:76:A6:D0:19:F4:A1:AD:8D:D6:21:9C:97:70:3F:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB3A437C243A11F0B71CABD2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.12.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:05:ee:5f:e2:ba:46:e2:e6:48:a3:2f:69:78:3f:a6:8f:60:
c8:25:3b:e0:ab:27:35:7b:ba:8b:98:41:35:ca:3d:60:ec:bd:
d8:57:d7:d3:59:c8:b0:db:b4:eb:88:41:21:59:fe:b3:8e:a9:
10:53:7c:d0:c4:3d:4a:3b:34:cb:d7:11:27:f7:cc:f5:89:8a:
3e:00:34:c9:03:d1:c8:d7:db:d2:14:f2:99:24:0c:e3:25:94:
53:c5:23:38:59:ca:0c:91:dd:58:c6:85:a3:13:f6:8a:21:c3:
88:46:96:fb:63:4e:80:44:65:e7:80:c5:b8:79:21:f5:82:04:
02:76:48:e1:12:5b:2f:89:29:17:8b:a8:25:3e:10:81:86:a3:
1a:ed:9b:68:d4:7b:54:7c:fb:76:74:48:0a:af:d4:b5:e9:d3:
5e:98:3b:40:0c:2d:3c:11:15:a4:30:d8:91:59:39:81:b7:af:
cd:00:11:fb:b4:3d:a6:fa:24:68:b1:6e:ac:8e:c2:73:27:a3:
58:6d:ec:be:a1:db:8f:bd:ff:2e:40:23:65:44:da:70:d5:d9:
7a:e5:f4:47:e1:e7:50:13:57:0b:0c:5f:17:19:de:35:91:40:
6c:04:9b:5a:93:a9:8c:8e:2d:eb:57:e6:eb:fd:48:29:23:fd:
ec:ee:4b:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXv/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTQxMTIxWhcNMjUwNjAyMTQxMTIxWjAYMRYw
FAYDVQQDEw02ODBmOGM4ZC0wZDcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA06HLDPJ3wObpkywJTMaQHn+VPGtvpEDaU/YAzTXQ5Y34a7JKVgP+oSdy
K542mdUC1vul49EYlTTPn67E+3zkk59cUznbWMGjHF9AqzzKzUkfJj6ykxSq+2Mu
Pb3wOT9I+oCkxDSdFYkcIbwgqeb6ONOVJN/P9woWKNf5Qgstt9p/7apmxUahxpLG
Qqn7Axb0mUM3Z3oJDWj0n+JDkYwa5MYgtXmPNJSkk+gqtpfvhEeAJ3r7JgjaDQOe
0STcTuryq5c+xy5JEKIEIOeOO/E9y+Ew6X0mQRmS24EY0gvUdopilJbGUeoMJ5ff
My/ydXiZJrC4D66/I2ijv2RzmnSgnwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMv3
WF01dqbQGfShrY3WIZyXcD/hMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQjNBNDM3QzI0M0ExMUYwQjcxQ0FCRDJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4MMA0GCSqGSIb3DQEB
CwUAA4IBAQCNBe5f4rpG4uZIoy9peD+mj2DIJTvgqyc1e7qLmEE1yj1g7L3YV9fT
Wciw27TriEEhWf6zjqkQU3zQxD1KOzTL1xEn98z1iYo+ADTJA9HI19vSFPKZJAzj
JZRTxSM4WcoMkd1YxoWjE/aKIcOIRpb7Y06ARGXngMW4eSH1ggQCdkjhElsviSkX
i6glPhCBhqMa7Zto1HtUfPt2dEgKr9S16dNemDtADC08ERWkMNiRWTmBt6/NABH7
tD2m+iRosW6sjsJzJ6NYbey+oduPvf8uQCNlRNpw1dl65fRH4edQE1cLDF8XGd41
kUBsBJtak6mMji3rV+br/UgpI/3s7ksc
-----END CERTIFICATE-----
Generated at Sat May 10 04:55:57 2025 by rpki-client