Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2661CD0242D11F0A7E4407DDAE4EC9C.roa
File: D2661CD0242D11F0A7E4407DDAE4EC9C.roa (raw, json)
Hash identifier: pHYB4PK5o7b2uFUKeniS5MCWJXIG47a98JUFidtco0E=
Subject key identifier: 10:FD:9B:37:16:93:9E:0B:38:7B:29:0C:51:49:5D:A9:BB:35:1C:8A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BB2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2661CD0242D11F0A7E4407DDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 12:39:27 +0000
ROA not before: Mon 28 Apr 2025 12:39:23 +0000
ROA not after: Mon 23 Mar 2026 12:39:23 +0000
asID: 984
IP address blocks: 154.90.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97202 (0x17bb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 12:39:23 2025 GMT
Not After : Mar 23 12:39:23 2026 GMT
Subject: CN=680f76ff-1f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:59:68:ae:45:49:6e:a1:21:c6:74:d9:e3:15:
da:74:65:28:cf:1c:d2:07:2e:32:11:f0:11:de:eb:
f7:2c:dc:0a:60:88:d8:5b:e1:2d:56:b8:dd:74:2b:
b5:ce:b9:a4:03:e8:92:b2:5d:db:82:f3:ed:ee:6f:
b1:1b:58:30:cc:bc:dc:a0:af:b6:90:1f:79:d2:da:
37:67:a3:ed:40:1e:64:bd:36:97:bb:34:45:68:9e:
a9:42:39:1c:c3:c8:ed:4c:8f:d5:6f:7f:da:19:4d:
4e:59:53:50:1a:6d:5d:25:61:b7:02:f9:a8:46:f5:
f9:15:1a:c7:64:82:82:0f:b7:63:64:00:d2:56:51:
ef:35:fe:d5:60:36:18:60:8a:b9:2e:13:41:58:bf:
c7:42:fd:3b:cd:ab:2f:0c:15:de:74:fd:d7:8e:3b:
cb:0d:75:f5:64:f9:c0:6f:03:6b:ac:4e:7e:78:d6:
48:e4:3f:07:95:39:8d:ae:77:3f:74:9f:9a:1e:ee:
2c:d8:30:98:68:54:22:d1:15:55:26:98:43:b3:cf:
3c:ed:42:34:0e:d2:2a:5a:19:7b:03:52:56:e2:eb:
6b:1a:f6:7a:40:d8:dc:08:db:10:e9:91:be:77:9f:
0e:aa:b2:63:91:b0:64:c5:40:cc:f1:90:a9:49:bc:
7b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FD:9B:37:16:93:9E:0B:38:7B:29:0C:51:49:5D:A9:BB:35:1C:8A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2661CD0242D11F0A7E4407DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.17.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:9c:69:90:3b:c6:83:6e:73:35:78:6d:82:55:da:5f:32:72:
bb:d2:f2:21:52:b7:f2:6f:4c:4e:75:93:a3:21:32:1a:bc:8f:
df:2d:f2:b5:78:4d:f2:a9:8c:80:56:23:86:13:cf:19:ad:f3:
8a:ac:79:96:0c:b2:b8:01:2c:bd:66:83:7e:d3:c9:ce:86:4b:
73:7c:0e:5d:a1:7f:78:79:4f:a2:21:3e:65:9a:9b:a9:b9:31:
a4:4c:92:1a:50:86:cf:16:8d:72:10:83:c0:69:09:2d:f1:d2:
ca:c7:16:37:94:eb:a5:6a:a1:48:7b:eb:82:4c:b2:a4:ee:c2:
08:00:99:b3:bd:0f:6f:6e:95:6b:98:b4:99:34:72:72:94:65:
d2:b7:4d:21:d1:f9:0b:20:78:65:ea:de:fc:fa:15:2b:21:93:
eb:13:81:bc:35:49:3e:83:43:99:29:85:cf:76:33:05:a0:3f:
7c:09:0a:88:c4:cf:a6:71:a5:43:82:e7:20:63:29:b4:60:42:
50:94:cb:61:dd:c3:e2:60:f1:83:b8:dc:22:a0:32:f6:db:86:
ee:32:6b:2f:8d:c4:11:d5:76:e4:40:51:d5:af:93:93:df:1f:
cf:05:86:63:65:af:4b:ee:36:da:54:e8:13:06:1f:a1:a8:c4:
2a:f7:9c:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXuyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTIzOTIzWhcNMjYwMzIzMTIzOTIzWjAYMRYw
FAYDVQQDEw02ODBmNzZmZi0xZjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsllorkVJbqEhxnTZ4xXadGUozxzSBy4yEfAR3uv3LNwKYIjYW+EtVrjd
dCu1zrmkA+iSsl3bgvPt7m+xG1gwzLzcoK+2kB950to3Z6PtQB5kvTaXuzRFaJ6p
Qjkcw8jtTI/Vb3/aGU1OWVNQGm1dJWG3AvmoRvX5FRrHZIKCD7djZADSVlHvNf7V
YDYYYIq5LhNBWL/HQv07zasvDBXedP3XjjvLDXX1ZPnAbwNrrE5+eNZI5D8HlTmN
rnc/dJ+aHu4s2DCYaFQi0RVVJphDs8887UI0DtIqWhl7A1JW4utrGvZ6QNjcCNsQ
6ZG+d58OqrJjkbBkxUDM8ZCpSbx7YQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBD9
mzcWk54LOHspDFFJXam7NRyKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMjY2MUNEMDI0MkQxMUYwQTdFNDQwN0REQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmloRMA0GCSqGSIb3DQEB
CwUAA4IBAQCtnGmQO8aDbnM1eG2CVdpfMnK70vIhUrfyb0xOdZOjITIavI/fLfK1
eE3yqYyAViOGE88ZrfOKrHmWDLK4ASy9ZoN+08nOhktzfA5doX94eU+iIT5lmpup
uTGkTJIaUIbPFo1yEIPAaQkt8dLKxxY3lOulaqFIe+uCTLKk7sIIAJmzvQ9vbpVr
mLSZNHJylGXSt00h0fkLIHhl6t78+hUrIZPrE4G8NUk+g0OZKYXPdjMFoD98CQqI
xM+mcaVDgucgYym0YEJQlMth3cPiYPGDuNwioDL224buMmsvjcQR1XbkQFHVr5OT
3x/PBYZjZa9L7jbaVOgTBh+hqMQq95w/
-----END CERTIFICATE-----
Generated at Sun May 11 03:55:25 2025 by rpki-client