Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF7F7EAA2CD911F093EF7888DAE4EC9C.roa
File: AF7F7EAA2CD911F093EF7888DAE4EC9C.roa (raw, json)
Hash identifier: xDp+GdXPu0YxWqPiFbmlEQp7RdKi2kwAo2jKs+sZN8Q=
Subject key identifier: F1:1A:CB:52:8B:A8:3F:1E:7A:CA:41:24:80:08:D0:F3:71:0D:D7:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FB6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF7F7EAA2CD911F093EF7888DAE4EC9C.roa
Signing time: Fri 09 May 2025 13:29:52 +0000
ROA not before: Fri 09 May 2025 13:29:47 +0000
ROA not after: Sat 14 Jun 2025 13:29:47 +0000
asID: 397630
IP address blocks: 154.201.32.0/24 maxlen: 24
154.201.35.0/24 maxlen: 24
154.202.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98230 (0x17fb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 13:29:47 2025 GMT
Not After : Jun 14 13:29:47 2025 GMT
Subject: CN=681e034f-3862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:08:f4:b9:e8:ff:4c:ef:bf:e1:9a:5a:32:db:
2a:06:ec:ce:34:85:b8:d4:47:39:fd:e2:87:8c:d4:
ee:3b:fa:f1:5b:5d:ae:a4:cd:ab:dc:86:66:c0:f6:
8d:d9:a8:98:c5:7c:2a:2e:bd:bd:2e:1f:cd:23:cf:
6d:fe:c7:3c:c9:ef:10:bf:3a:72:10:d1:0a:4e:ac:
f0:76:00:15:c6:a8:cb:70:57:81:9f:c1:75:c8:62:
5c:32:d0:fa:21:7d:47:43:77:a9:d2:db:e1:35:c7:
d2:c3:73:a4:99:5d:b8:28:dd:d2:d3:b0:c1:d8:4a:
b6:fa:fa:a9:48:45:40:39:b7:a5:46:f1:84:20:63:
5f:1f:01:78:7c:ca:d3:f4:cb:ce:af:23:e9:d3:d2:
ee:42:9b:32:17:89:e1:f5:2e:2f:4e:fc:63:ce:47:
49:53:e7:55:24:4d:3e:c8:b3:53:57:1d:d8:ab:68:
42:a9:b2:f2:56:a1:8c:62:04:db:90:a4:eb:50:c3:
6a:b7:85:04:2e:50:87:1b:56:1c:4f:5b:4b:34:06:
88:15:5d:38:d6:a5:ed:39:39:69:aa:b1:11:d5:6e:
76:39:24:2c:bc:81:51:e6:eb:57:2b:97:7c:63:6d:
10:27:e2:30:1c:49:db:82:7c:83:24:12:93:a9:ea:
10:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1A:CB:52:8B:A8:3F:1E:7A:CA:41:24:80:08:D0:F3:71:0D:D7:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF7F7EAA2CD911F093EF7888DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.32.0/24
154.201.35.0/24
154.202.64.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:c2:1a:d5:39:09:28:64:f1:03:90:eb:32:20:da:f9:c4:1d:
5b:da:68:33:76:7b:60:7e:50:f1:b8:ff:55:ec:37:1b:25:ac:
d4:05:9f:bf:fc:92:6b:3b:b5:0c:f0:1d:13:76:2a:e1:b9:2f:
b1:d3:70:cc:16:45:0b:3c:8e:2b:c0:36:04:fb:3a:e3:fe:49:
a3:b3:d5:87:61:c0:f9:fa:17:a1:b5:68:6b:ee:4a:b5:c2:de:
73:61:7a:47:56:c7:f4:fe:91:e3:c5:9f:e8:6c:4d:30:38:bd:
de:2c:85:c9:eb:5b:5f:13:bc:32:fb:be:d9:3b:3a:60:93:6e:
1a:7b:42:61:5c:e0:77:17:2e:82:d7:76:6b:c0:1b:95:3a:1d:
8c:f8:6f:9d:24:98:d2:7e:8e:51:0c:16:02:b9:71:31:01:74:
e7:4f:f5:fd:5c:3a:47:7c:73:ca:92:1e:a3:0d:32:d4:41:1b:
fd:0e:7c:65:9f:56:f1:78:b5:83:a4:7e:75:22:b6:4b:13:ab:
e6:36:4f:0d:a0:80:37:13:18:04:ff:f9:15:88:65:ec:1a:fa:
92:5f:88:aa:9f:81:fd:ca:71:28:d9:82:74:43:ed:62:49:dc:
4b:df:e3:86:ff:06:06:3e:59:28:be:3a:43:a8:08:e9:8b:bf:
e9:69:4a:fc
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAX+2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA5MTMyOTQ3WhcNMjUwNjE0MTMyOTQ3WjAYMRYw
FAYDVQQDEw02ODFlMDM0Zi0zODYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Aj0uej/TO+/4ZpaMtsqBuzONIW41Ec5/eKHjNTuO/rxW12upM2r3IZm
wPaN2aiYxXwqLr29Lh/NI89t/sc8ye8QvzpyENEKTqzwdgAVxqjLcFeBn8F1yGJc
MtD6IX1HQ3ep0tvhNcfSw3OkmV24KN3S07DB2Eq2+vqpSEVAObelRvGEIGNfHwF4
fMrT9MvOryPp09LuQpsyF4nh9S4vTvxjzkdJU+dVJE0+yLNTVx3Yq2hCqbLyVqGM
YgTbkKTrUMNqt4UELlCHG1YcT1tLNAaIFV041qXtOTlpqrER1W52OSQsvIFR5utX
K5d8Y20QJ+IwHEnbgnyDJBKTqeoQJwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFPEa
y1KLqD8eespBJIAI0PNxDdeeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjdGN0VBQTJDRDkxMUYwOTNFRjc4ODhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmskgAwQAmskjAwQAmspA
MA0GCSqGSIb3DQEBCwUAA4IBAQAvwhrVOQkoZPEDkOsyINr5xB1b2mgzdntgflDx
uP9V7DcbJazUBZ+//JJrO7UM8B0TdirhuS+x03DMFkULPI4rwDYE+zrj/kmjs9WH
YcD5+hehtWhr7kq1wt5zYXpHVsf0/pHjxZ/obE0wOL3eLIXJ61tfE7wy+77ZOzpg
k24ae0JhXOB3Fy6C13ZrwBuVOh2M+G+dJJjSfo5RDBYCuXExAXTnT/X9XDpHfHPK
kh6jDTLUQRv9Dnxln1bxeLWDpH51IrZLE6vmNk8NoIA3ExgE//kViGXsGvqSX4iq
n4H9ynEo2YJ0Q+1iSdxL3+OG/wYGPlkovjpDqAjpi7/paUr8
-----END CERTIFICATE-----
Generated at Thu May 15 23:43:56 2025 by rpki-client