Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C11A153C243F11F0A8B381F4DAE4EC9C.roa
File: C11A153C243F11F0A8B381F4DAE4EC9C.roa (raw, json)
Hash identifier: n7TBBmq2PDZ1FbKRwXVrOcqevkd4De9Xduf499IK2RA=
Subject key identifier: 1D:2B:D4:4B:1D:BD:65:BA:F3:28:7B:3C:80:BC:41:6D:65:D0:EF:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C11A153C243F11F0A8B381F4DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 14:47:49 +0000
ROA not before: Mon 28 Apr 2025 14:47:45 +0000
ROA not after: Fri 27 Mar 2026 14:47:45 +0000
asID: 984
IP address blocks: 154.220.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97308 (0x17c1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 14:47:45 2025 GMT
Not After : Mar 27 14:47:45 2026 GMT
Subject: CN=680f9515-0404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:29:42:ec:fe:1d:47:75:9b:30:8e:87:61:60:
ad:0a:93:10:8e:e0:57:c2:d6:dd:f3:52:6f:7e:27:
ea:3b:04:9b:52:75:b9:84:20:c4:95:b2:fb:57:52:
c5:e0:52:ee:37:d8:db:02:65:43:3f:59:98:c9:9d:
63:e2:11:fc:22:3f:9b:41:38:1c:95:3d:b0:3b:33:
ca:98:78:4c:11:85:13:94:dc:f1:75:ec:4a:b5:e9:
f2:a7:5b:b9:e4:31:08:e0:85:83:45:b8:16:8f:f2:
cf:68:94:7e:98:a7:35:03:2b:c3:69:1d:dc:2c:f1:
e2:49:37:7e:43:04:00:aa:23:c7:cc:f4:57:b4:67:
11:d7:10:5b:28:e9:d1:64:14:37:e3:86:31:3c:ef:
ce:76:20:a5:e6:ee:04:68:50:25:de:1d:9c:f0:68:
b5:bc:37:45:7c:b3:e0:ca:fc:96:36:fd:2f:ba:34:
6c:2d:29:6c:0a:3e:8b:99:7f:30:c7:8b:80:83:c3:
ee:34:9f:39:ba:1b:34:a8:c0:ad:ec:00:61:e7:93:
4a:d0:03:74:93:44:35:ef:f8:3d:68:df:d4:7a:c1:
69:25:4c:50:a4:e6:a2:f7:2a:59:2e:66:6e:17:13:
0c:49:91:89:b4:fd:18:a3:90:8b:5b:a5:03:45:d1:
1f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2B:D4:4B:1D:BD:65:BA:F3:28:7B:3C:80:BC:41:6D:65:D0:EF:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C11A153C243F11F0A8B381F4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.238.0/24
Signature Algorithm: sha256WithRSAEncryption
43:d3:cc:bd:a2:c7:ae:36:74:79:a2:db:50:53:e2:28:83:f6:
f3:1d:d6:2f:28:15:32:f0:bd:7c:a5:cf:63:b9:5f:fe:37:ac:
3d:8e:6c:53:6a:dd:b7:7d:41:bc:53:a2:81:a3:10:4d:7b:f6:
1b:6e:a5:66:be:02:89:f9:f7:0c:5b:c1:df:d6:09:ab:24:a5:
d9:5c:93:34:48:d0:bc:7b:5d:33:96:0c:41:67:04:20:64:3a:
db:31:fc:31:c1:06:26:3b:8f:d0:02:a6:0c:2b:dc:c4:e2:7b:
b3:ce:41:2f:bd:eb:e8:de:f4:18:ef:0d:11:52:f5:a6:3f:bb:
16:ac:4b:04:89:76:b4:8b:b7:6f:cd:36:b2:2f:be:1f:f5:bd:
ba:49:8d:24:6b:c9:ab:c8:ef:c5:fa:d3:84:d0:04:8f:6d:79:
02:08:7e:44:9c:f8:ec:a0:41:20:2c:a6:68:e9:d6:75:a1:49:
61:d1:6f:a5:be:e6:23:f3:83:22:1b:7a:b3:62:2c:a4:10:bb:
10:3b:2a:52:78:1b:e2:5a:34:fa:0b:24:80:c6:4c:32:65:1b:
00:d3:cb:b1:c8:be:87:7d:a3:0b:38:94:05:73:4a:aa:0b:34:
cb:a1:43:03:ba:59:f2:73:74:8a:d2:18:92:71:b4:d5:dc:da:
35:fc:9b:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXwcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTQ0NzQ1WhcNMjYwMzI3MTQ0NzQ1WjAYMRYw
FAYDVQQDEw02ODBmOTUxNS0wNDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxClC7P4dR3WbMI6HYWCtCpMQjuBXwtbd81JvfifqOwSbUnW5hCDElbL7
V1LF4FLuN9jbAmVDP1mYyZ1j4hH8Ij+bQTgclT2wOzPKmHhMEYUTlNzxdexKteny
p1u55DEI4IWDRbgWj/LPaJR+mKc1AyvDaR3cLPHiSTd+QwQAqiPHzPRXtGcR1xBb
KOnRZBQ344YxPO/OdiCl5u4EaFAl3h2c8Gi1vDdFfLPgyvyWNv0vujRsLSlsCj6L
mX8wx4uAg8PuNJ85uhs0qMCt7ABh55NK0AN0k0Q17/g9aN/UesFpJUxQpOai9ypZ
LmZuFxMMSZGJtP0Yo5CLW6UDRdEf1wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB0r
1EsdvWW68yh7PIC8QW1l0O+gMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMTFBMTUzQzI0M0YxMUYwQThCMzgxRjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtzuMA0GCSqGSIb3DQEB
CwUAA4IBAQBD08y9oseuNnR5ottQU+Iog/bzHdYvKBUy8L18pc9juV/+N6w9jmxT
at23fUG8U6KBoxBNe/YbbqVmvgKJ+fcMW8Hf1gmrJKXZXJM0SNC8e10zlgxBZwQg
ZDrbMfwxwQYmO4/QAqYMK9zE4nuzzkEvvevo3vQY7w0RUvWmP7sWrEsEiXa0i7dv
zTayL74f9b26SY0ka8mryO/F+tOE0ASPbXkCCH5EnPjsoEEgLKZo6dZ1oUlh0W+l
vuYj84MiG3qzYiykELsQOypSeBviWjT6CySAxkwyZRsA08uxyL6HfaMLOJQFc0qq
CzTLoUMDulnyc3SK0hiScbTV3No1/JvS
-----END CERTIFICATE-----
Generated at Sat May 10 13:50:12 2025 by rpki-client