Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7FEF0DE248B11F08C1F67E8DAE4EC9C.roa
File: B7FEF0DE248B11F08C1F67E8DAE4EC9C.roa (raw, json)
Hash identifier: UDrpbeaGraWJ3sjsePZGiw5+snWm5lpor16zhcib2iY=
Subject key identifier: 6A:C7:0E:C6:66:B9:7B:F9:E5:5B:20:5E:67:6B:DD:85:FB:10:3F:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017CA3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7FEF0DE248B11F08C1F67E8DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 23:51:36 +0000
ROA not before: Mon 28 Apr 2025 23:51:31 +0000
ROA not after: Fri 30 May 2025 23:51:31 +0000
asID: 133180
IP address blocks: 154.206.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97443 (0x17ca3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 23:51:31 2025 GMT
Not After : May 30 23:51:31 2025 GMT
Subject: CN=68101488-5fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:62:e5:22:59:23:67:cb:4b:4c:21:a8:01:d2:
dd:24:62:d1:e4:bc:26:cd:6d:34:51:99:c5:b6:49:
8c:e5:89:50:b4:43:5d:24:05:4d:1a:d4:f4:24:49:
5b:68:f7:35:c0:5c:6b:aa:fd:08:6a:39:d5:f6:5b:
cc:55:32:dc:d9:b6:51:64:03:60:7a:d5:69:d6:6a:
04:bb:af:e5:fe:4f:2e:2a:79:a5:07:de:46:37:8a:
07:f7:58:f2:69:c9:67:38:07:96:03:45:7a:fc:32:
d1:50:88:2f:c2:af:b3:19:ef:6d:de:f8:bf:7c:57:
a1:47:bd:49:9c:9e:27:03:6b:4e:dc:1f:ae:ac:42:
35:6c:df:56:a2:48:55:61:07:98:6e:fe:36:54:07:
35:0d:30:2a:ad:bb:54:df:07:8e:e1:f1:10:ed:97:
4a:64:5f:42:5e:f3:c4:41:ac:49:20:c1:2b:2e:2b:
a3:d9:0d:c7:85:a8:ae:2f:0c:2c:b0:65:aa:95:b5:
d6:73:ef:8c:97:7c:1f:97:9d:76:3e:4f:12:17:ba:
a4:31:15:7e:c4:1a:ea:f6:b6:a1:29:a8:42:06:92:
33:d5:e8:23:85:7f:4c:98:94:3c:60:63:2b:42:ab:
b8:4b:d5:4b:38:b9:bd:3b:f7:ee:77:87:b4:16:76:
77:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C7:0E:C6:66:B9:7B:F9:E5:5B:20:5E:67:6B:DD:85:FB:10:3F:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B7FEF0DE248B11F08C1F67E8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.128.0/18
Signature Algorithm: sha256WithRSAEncryption
57:b9:b3:86:a5:46:44:21:64:21:f5:df:fe:8f:31:ad:cf:a5:
e3:20:64:cd:9a:0a:b1:92:29:9b:bb:ec:00:50:2a:02:f8:04:
08:ce:a7:ae:11:e7:68:c9:4c:4d:90:5b:2e:2e:e4:9c:6a:3c:
d3:8b:da:16:5b:70:28:16:cd:04:5f:e4:70:3b:b6:bd:8e:a0:
70:60:2b:8e:7f:91:5e:85:4d:95:20:46:cb:af:06:9a:1a:dc:
36:75:71:cc:f9:57:1d:e4:c6:a2:b2:01:0d:c4:31:c7:ad:71:
19:5c:03:e1:87:ab:d3:c9:4b:ba:23:c2:79:3c:e7:2b:03:b8:
1a:f6:2d:bc:99:6b:77:ad:94:17:e3:ae:a2:18:97:51:b4:95:
ef:71:3a:6c:7f:0b:86:fb:1a:05:53:31:53:bb:dd:db:0e:c2:
2c:de:93:ab:f4:67:ce:4c:d6:7d:49:4b:b8:5d:40:15:0c:de:
96:97:a5:0f:29:32:da:c0:7f:eb:e0:7b:0d:6e:b5:56:f0:0a:
20:46:55:77:eb:fa:ce:38:bc:f7:ff:17:bb:0e:28:7f:ba:fa:
a3:53:46:70:82:25:a8:5c:56:3b:74:db:97:5b:50:3e:dc:26:
dd:58:57:20:67:06:0a:f9:f0:fc:55:81:03:38:f5:d5:bd:17:
59:4a:3d:01
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXyjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MjM1MTMxWhcNMjUwNTMwMjM1MTMxWjAYMRYw
FAYDVQQDEw02ODEwMTQ4OC01ZmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9mLlIlkjZ8tLTCGoAdLdJGLR5LwmzW00UZnFtkmM5YlQtENdJAVNGtT0
JElbaPc1wFxrqv0IajnV9lvMVTLc2bZRZANgetVp1moEu6/l/k8uKnmlB95GN4oH
91jyaclnOAeWA0V6/DLRUIgvwq+zGe9t3vi/fFehR71JnJ4nA2tO3B+urEI1bN9W
okhVYQeYbv42VAc1DTAqrbtU3weO4fEQ7ZdKZF9CXvPEQaxJIMErLiuj2Q3Hhaiu
LwwssGWqlbXWc++Ml3wfl512Pk8SF7qkMRV+xBrq9rahKahCBpIz1egjhX9MmJQ8
YGMrQqu4S9VLOLm9O/fud4e0FnZ3BQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGrH
DsZmuXv55VsgXmdr3YX7ED9lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CN0ZFRjBERTI0OEIxMUYwOEMxRjY3RThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGms6AMA0GCSqGSIb3DQEB
CwUAA4IBAQBXubOGpUZEIWQh9d/+jzGtz6XjIGTNmgqxkimbu+wAUCoC+AQIzqeu
EedoyUxNkFsuLuScajzTi9oWW3AoFs0EX+RwO7a9jqBwYCuOf5FehU2VIEbLrwaa
Gtw2dXHM+Vcd5MaisgENxDHHrXEZXAPhh6vTyUu6I8J5POcrA7ga9i28mWt3rZQX
466iGJdRtJXvcTpsfwuG+xoFUzFTu93bDsIs3pOr9GfOTNZ9SUu4XUAVDN6Wl6UP
KTLawH/r4HsNbrVW8AogRlV36/rOOLz3/xe7Dih/uvqjU0ZwgiWoXFY7dNuXW1A+
3CbdWFcgZwYK+fD8VYEDOPXVvRdZSj0B
-----END CERTIFICATE-----
Generated at Sun May 11 06:37:14 2025 by rpki-client