Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F46A4248244111F089431584DAE4EC9C.roa
File: F46A4248244111F089431584DAE4EC9C.roa (raw, json)
Hash identifier: 4oHBKOQs2zHeTVVOpKhGwGDa4q7U/Qf5Nl1HXUmYekA=
Subject key identifier: 87:09:85:D5:1D:58:E5:38:D1:A8:6E:23:A1:CF:2C:33:7F:63:CA:08
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C23
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F46A4248244111F089431584DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 15:03:34 +0000
ROA not before: Mon 28 Apr 2025 15:03:30 +0000
ROA not after: Tue 28 Mar 2028 15:03:30 +0000
asID: 17561
IP address blocks: 154.81.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97315 (0x17c23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 15:03:30 2025 GMT
Not After : Mar 28 15:03:30 2028 GMT
Subject: CN=680f98c6-4438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0d:52:1a:89:a9:9c:57:61:1c:8a:11:b3:fc:
2c:f1:e9:43:ff:7f:7f:1c:74:ae:2c:e8:a7:61:b5:
b8:bd:e4:75:45:5d:0d:c6:b2:53:ae:6f:d0:eb:7a:
05:2e:1b:56:92:8c:33:ae:25:7f:ff:fb:37:aa:08:
d8:8e:77:95:97:98:61:e7:0c:99:b2:60:55:69:fb:
df:12:ba:44:92:43:b0:a8:4a:1a:aa:ca:24:5f:94:
e1:ad:29:e7:52:ae:46:f5:0c:cf:72:0d:db:5f:7a:
f3:e8:3b:f8:2c:80:f7:7d:e3:86:b7:c1:e2:3e:b6:
a7:ae:86:2c:15:28:05:48:67:30:e3:b2:7b:23:c8:
52:f7:ff:f9:61:cf:d3:a7:ba:0d:98:ba:59:fe:5e:
25:6d:94:5e:6d:50:36:2e:15:41:12:25:92:78:b7:
af:d8:e8:5b:ab:b4:2e:37:d8:47:71:ca:1a:cd:f7:
b2:57:e1:aa:39:53:14:96:df:81:38:a5:76:3b:25:
06:bb:03:88:27:f3:9a:97:d8:77:be:62:50:5d:68:
12:34:cb:82:d5:a3:30:8f:96:96:5a:e3:12:16:e0:
df:a7:c7:f9:4c:ff:ac:5b:44:88:6c:35:a0:0c:55:
0f:f4:31:7c:f9:28:a8:50:08:d3:b3:4d:95:24:5d:
56:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:09:85:D5:1D:58:E5:38:D1:A8:6E:23:A1:CF:2C:33:7F:63:CA:08
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F46A4248244111F089431584DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.157.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:8a:06:83:5e:db:0f:83:ff:90:b7:5e:51:dd:a0:71:e1:a3:
18:92:d0:6f:0e:11:26:ef:1b:a3:66:07:d5:26:3e:04:85:43:
3e:6d:87:9d:e9:dc:1e:30:f5:2d:7c:e4:f1:e1:ef:ba:e1:d0:
eb:2d:f4:90:c4:d2:0e:d8:7a:04:6c:ca:32:73:d6:c0:4c:ae:
b7:79:7e:47:84:18:a0:16:ad:66:0b:59:41:0f:fb:8e:7f:33:
70:6a:80:d5:40:f2:9a:2a:20:dc:e4:16:69:eb:83:2b:f8:31:
c7:41:03:f6:89:21:2c:f2:6c:9a:05:32:9d:e0:a4:1f:24:14:
4b:e2:dc:50:73:ae:10:1e:03:97:64:21:c3:e1:cf:50:78:76:
c4:c5:89:0c:eb:4b:d7:9e:18:cc:e7:09:5e:45:62:ff:cc:20:
2d:f6:f4:cb:95:6e:ca:bb:87:9e:a7:06:5b:29:cd:e1:23:f8:
41:5c:a2:76:67:ca:c3:d9:b8:fd:9b:69:2d:e0:9d:bf:a9:a0:
32:8b:73:f5:1b:84:9e:77:54:b0:d1:08:99:65:e2:2c:27:cb:
f1:d4:9d:33:43:a5:44:76:3c:e8:3b:9b:2f:73:8d:4e:97:26:
94:01:61:c8:81:f6:b5:d8:32:97:37:ac:40:75:e9:f3:75:56:
d9:33:bb:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXwjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTUwMzMwWhcNMjgwMzI4MTUwMzMwWjAYMRYw
FAYDVQQDEw02ODBmOThjNi00NDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvA1SGompnFdhHIoRs/ws8elD/39/HHSuLOinYbW4veR1RV0NxrJTrm/Q
63oFLhtWkowzriV///s3qgjYjneVl5hh5wyZsmBVafvfErpEkkOwqEoaqsokX5Th
rSnnUq5G9QzPcg3bX3rz6Dv4LID3feOGt8HiPranroYsFSgFSGcw47J7I8hS9//5
Yc/Tp7oNmLpZ/l4lbZRebVA2LhVBEiWSeLev2Ohbq7QuN9hHccoazfeyV+GqOVMU
lt+BOKV2OyUGuwOIJ/Oal9h3vmJQXWgSNMuC1aMwj5aWWuMSFuDfp8f5TP+sW0SI
bDWgDFUP9DF8+SioUAjTs02VJF1WgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIcJ
hdUdWOU40ahuI6HPLDN/Y8oIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNDZBNDI0ODI0NDExMUYwODk0MzE1ODREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlGdMA0GCSqGSIb3DQEB
CwUAA4IBAQDKigaDXtsPg/+Qt15R3aBx4aMYktBvDhEm7xujZgfVJj4EhUM+bYed
6dweMPUtfOTx4e+64dDrLfSQxNIO2HoEbMoyc9bATK63eX5HhBigFq1mC1lBD/uO
fzNwaoDVQPKaKiDc5BZp64Mr+DHHQQP2iSEs8myaBTKd4KQfJBRL4txQc64QHgOX
ZCHD4c9QeHbExYkM60vXnhjM5wleRWL/zCAt9vTLlW7Ku4eepwZbKc3hI/hBXKJ2
Z8rD2bj9m2kt4J2/qaAyi3P1G4Sed1Sw0QiZZeIsJ8vx1J0zQ6VEdjzoO5svc41O
lyaUAWHIgfa12DKXN6xAdenzdVbZM7tw
-----END CERTIFICATE-----
Generated at Sun May 11 22:20:43 2025 by rpki-client