Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F677A886242E11F0A1AF4886DAE4EC9C.roa
File: F677A886242E11F0A1AF4886DAE4EC9C.roa (raw, json)
Hash identifier: XiaCfX4tufFAffHrNWtS38G3Xsd/8JqHVHwDSDu5HRw=
Subject key identifier: 58:F9:60:80:BC:0C:54:4E:CD:84:D1:D7:9E:06:1C:47:42:0D:77:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BBA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F677A886242E11F0A1AF4886DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 12:47:37 +0000
ROA not before: Mon 28 Apr 2025 12:47:33 +0000
ROA not after: Mon 23 Mar 2026 12:47:33 +0000
asID: 984
IP address blocks: 154.90.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97210 (0x17bba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 12:47:33 2025 GMT
Not After : Mar 23 12:47:33 2026 GMT
Subject: CN=680f78e9-80ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5d:d5:2a:d2:6b:4b:9c:1e:1d:cb:fc:58:fe:
61:de:de:5a:aa:68:03:ae:c4:b3:e6:88:f5:bf:85:
ff:e7:a5:cb:de:9b:34:94:4e:3b:9a:0a:46:ab:7d:
f2:59:2a:57:e5:1f:03:e1:aa:dc:2c:0a:b0:5a:ee:
3f:69:b2:6e:7d:f9:1e:cf:31:a4:f2:4f:80:70:8f:
44:9b:59:27:c9:50:48:b3:55:0e:e6:77:19:b5:d7:
6e:c0:29:51:63:eb:bd:cb:8a:10:39:26:7e:48:a2:
de:c7:fb:09:b4:b8:de:1e:a1:8f:da:50:d9:e5:87:
42:24:ad:d4:23:e0:b5:aa:ee:17:29:ed:31:d2:3a:
6f:2b:5e:21:a8:22:9f:e8:36:80:ee:5e:ac:61:90:
32:ae:bf:d1:20:ac:ad:d8:f8:62:3f:36:b4:71:3d:
35:8d:6c:1b:0a:bc:6a:bf:0d:e0:6b:4b:f4:f4:ef:
eb:e1:e8:d0:4b:1b:d0:09:8f:0b:6f:f1:97:16:a0:
9d:4f:f6:23:46:f8:73:f0:af:eb:d1:4a:3c:0e:e6:
60:05:51:3f:7e:b0:c7:c9:4d:8b:47:6c:0e:31:d4:
41:37:f3:f9:5e:1d:05:2a:09:6f:2b:cd:30:00:92:
52:4f:a9:0a:9b:f4:19:55:ec:0e:84:28:36:0e:b5:
ed:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F9:60:80:BC:0C:54:4E:CD:84:D1:D7:9E:06:1C:47:42:0D:77:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F677A886242E11F0A1AF4886DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.21.0/24
Signature Algorithm: sha256WithRSAEncryption
24:73:4a:e6:e1:b6:f2:ff:03:ce:94:35:0c:67:e0:e8:2c:bf:
2c:c0:6f:a1:1e:a4:78:6b:c0:49:d9:5c:ce:5d:86:2d:04:23:
a5:1c:a9:07:bd:3a:b0:cc:e4:95:61:8b:a1:90:55:7e:fc:c6:
8e:35:9a:d3:aa:f3:42:11:43:0a:3c:f8:95:92:b0:57:8d:b0:
bb:76:51:46:c1:68:9f:0e:82:e9:bf:78:6e:a2:98:a3:74:f0:
f8:58:80:69:ff:c1:5b:ab:86:84:26:2e:62:76:41:4e:a8:a3:
f2:2b:da:0a:39:73:d9:a7:64:df:37:13:19:12:3c:56:ad:cf:
d7:62:32:f5:7b:ae:6d:2a:7d:c3:ef:67:20:eb:49:d4:c5:36:
d2:df:54:69:99:0a:0f:bf:ef:5f:58:20:e6:57:58:30:25:84:
90:8d:3c:d0:34:ac:69:a9:11:26:7c:9e:51:11:bd:60:59:75:
e8:c7:e6:e2:4e:ae:b2:70:56:bf:89:82:ee:38:57:cf:5f:8d:
7d:7c:88:f8:e1:fd:be:85:eb:e1:4d:e8:29:2c:f9:ba:2f:95:
a8:49:f5:fb:ef:b9:e9:79:07:d9:e7:2d:75:a8:a3:75:57:fd:
32:b1:ba:4b:e3:7a:12:e0:d1:7a:29:48:b8:72:98:38:51:75:
50:6d:51:52
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXu6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTI0NzMzWhcNMjYwMzIzMTI0NzMzWjAYMRYw
FAYDVQQDEw02ODBmNzhlOS04MGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwl3VKtJrS5weHcv8WP5h3t5aqmgDrsSz5oj1v4X/56XL3ps0lE47mgpG
q33yWSpX5R8D4arcLAqwWu4/abJuffkezzGk8k+AcI9Em1knyVBIs1UO5ncZtddu
wClRY+u9y4oQOSZ+SKLex/sJtLjeHqGP2lDZ5YdCJK3UI+C1qu4XKe0x0jpvK14h
qCKf6DaA7l6sYZAyrr/RIKyt2PhiPza0cT01jWwbCrxqvw3ga0v09O/r4ejQSxvQ
CY8Lb/GXFqCdT/YjRvhz8K/r0Uo8DuZgBVE/frDHyU2LR2wOMdRBN/P5Xh0FKglv
K80wAJJST6kKm/QZVewOhCg2DrXt5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFj5
YIC8DFROzYTR154GHEdCDXd7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNjc3QTg4NjI0MkUxMUYwQTFBRjQ4ODZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmloVMA0GCSqGSIb3DQEB
CwUAA4IBAQAkc0rm4bby/wPOlDUMZ+DoLL8swG+hHqR4a8BJ2VzOXYYtBCOlHKkH
vTqwzOSVYYuhkFV+/MaONZrTqvNCEUMKPPiVkrBXjbC7dlFGwWifDoLpv3huopij
dPD4WIBp/8Fbq4aEJi5idkFOqKPyK9oKOXPZp2TfNxMZEjxWrc/XYjL1e65tKn3D
72cg60nUxTbS31RpmQoPv+9fWCDmV1gwJYSQjTzQNKxpqREmfJ5REb1gWXXox+bi
Tq6ycFa/iYLuOFfPX419fIj44f2+hevhTegpLPm6L5WoSfX777npeQfZ5y11qKN1
V/0ysbpL43oS4NF6KUi4cpg4UXVQbVFS
-----END CERTIFICATE-----
Generated at Sun May 11 01:04:09 2025 by rpki-client