Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FFDEB908243511F08A4BB2B4DAE4EC9C.roa
File: FFDEB908243511F08A4BB2B4DAE4EC9C.roa (raw, json)
Hash identifier: FPQARpecRmDPVeLrkRMT3V7m32Lo0EfMWSENea9MMtA=
Subject key identifier: C3:71:77:15:1F:06:CF:84:EB:58:F2:E2:E7:A7:74:6E:9B:BB:93:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BF1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FFDEB908243511F08A4BB2B4DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:38:00 +0000
ROA not before: Mon 28 Apr 2025 13:37:55 +0000
ROA not after: Thu 23 Mar 2028 13:37:55 +0000
asID: 17561
IP address blocks: 154.207.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97265 (0x17bf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 13:37:55 2025 GMT
Not After : Mar 23 13:37:55 2028 GMT
Subject: CN=680f84b8-c92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fb:76:95:75:37:4a:5a:d9:f6:c6:e8:1b:35:
70:4b:2e:2f:5a:e9:bd:bc:08:53:28:cd:5a:94:d8:
76:27:b5:0c:53:51:7e:41:5e:de:93:28:9f:ec:9e:
8f:b8:f3:22:13:fb:1d:3e:c8:0e:18:eb:2e:8d:57:
e1:c3:b3:e2:69:2d:f9:57:9c:90:0e:2d:a8:12:54:
cb:00:b1:5e:e5:84:5b:fa:96:e9:23:f0:24:76:ba:
aa:08:b9:a3:8f:b6:54:67:bd:59:45:c1:b9:c3:d7:
72:c6:3b:15:21:54:c5:5f:f1:e6:07:6c:e5:e7:09:
c7:8c:f7:82:17:e9:d4:6d:d8:66:7d:97:83:05:1d:
97:83:bc:bf:0a:32:d9:b7:1a:ec:10:77:be:19:a0:
e7:0b:7d:46:d3:21:c1:d3:e8:85:93:55:ef:4b:11:
ed:5e:84:e2:8f:ab:24:5a:7b:9e:4a:c4:3e:fb:b1:
75:75:05:8e:5d:8c:17:ad:88:c2:9e:4b:44:c1:4f:
84:3c:52:2a:5f:35:7d:ec:7a:bf:f1:4f:c6:c9:e9:
19:d0:3f:de:80:94:53:ab:ea:92:c2:bd:10:af:58:
e2:f4:fd:cf:f8:0d:02:5d:f6:76:59:f7:b2:bc:b4:
5c:14:67:d6:72:80:9f:52:38:f0:ff:b7:19:c7:03:
5e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:71:77:15:1F:06:CF:84:EB:58:F2:E2:E7:A7:74:6E:9B:BB:93:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FFDEB908243511F08A4BB2B4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.238.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:59:a8:a1:ff:8c:86:90:5e:c8:9d:2a:43:3d:34:d5:0e:6d:
9c:52:bf:b4:17:88:4e:2b:85:2b:a3:d4:c3:a7:f0:af:84:1d:
7a:f3:49:17:6e:d4:74:a4:43:e9:b3:f5:ff:8c:4a:7e:a4:8a:
96:e7:67:28:a1:b8:74:9e:5f:fd:94:b2:a3:a5:c9:7b:a5:0a:
a6:ca:a7:d2:9a:1c:08:05:f6:41:20:e2:00:e5:3f:e2:74:18:
23:95:38:02:c1:d1:15:73:d4:2e:bc:88:27:47:91:c5:31:4f:
51:7b:04:15:20:44:aa:40:54:90:e3:ed:f8:54:14:56:39:78:
73:7d:2d:96:f5:68:46:41:9d:5e:98:7a:24:cb:6d:03:f9:4d:
33:a4:37:9c:c6:a2:5a:6b:ec:a2:9a:c8:2a:9a:41:0c:5e:06:
cd:2c:2d:b8:52:22:77:a9:eb:5e:37:0e:66:c4:61:1e:27:51:
a9:0e:ce:54:77:1c:41:de:59:c4:14:3d:53:f0:6c:c7:5e:69:
d3:b7:1a:e5:0a:73:fd:3a:22:9a:8f:94:0b:91:6f:d8:72:99:
72:a1:1f:79:45:e4:19:8b:14:95:ec:6a:fb:a7:93:8d:3f:e7:
9d:bf:d0:fe:a6:65:ce:af:64:74:b2:c3:2e:41:24:33:2f:84:
df:96:1f:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXvxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTMzNzU1WhcNMjgwMzIzMTMzNzU1WjAYMRYw
FAYDVQQDEw02ODBmODRiOC1jOTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwPt2lXU3SlrZ9sboGzVwSy4vWum9vAhTKM1alNh2J7UMU1F+QV7ekyif
7J6PuPMiE/sdPsgOGOsujVfhw7PiaS35V5yQDi2oElTLALFe5YRb+pbpI/Akdrqq
CLmjj7ZUZ71ZRcG5w9dyxjsVIVTFX/HmB2zl5wnHjPeCF+nUbdhmfZeDBR2Xg7y/
CjLZtxrsEHe+GaDnC31G0yHB0+iFk1XvSxHtXoTij6skWnueSsQ++7F1dQWOXYwX
rYjCnktEwU+EPFIqXzV97Hq/8U/GyekZ0D/egJRTq+qSwr0Qr1ji9P3P+A0CXfZ2
WfeyvLRcFGfWcoCfUjjw/7cZxwNeIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMNx
dxUfBs+E61jy4uendG6bu5NkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRkRFQjkwODI0MzUxMUYwOEE0QkIyQjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms/uMA0GCSqGSIb3DQEB
CwUAA4IBAQCpWaih/4yGkF7InSpDPTTVDm2cUr+0F4hOK4Uro9TDp/CvhB1680kX
btR0pEPps/X/jEp+pIqW52coobh0nl/9lLKjpcl7pQqmyqfSmhwIBfZBIOIA5T/i
dBgjlTgCwdEVc9QuvIgnR5HFMU9RewQVIESqQFSQ4+34VBRWOXhzfS2W9WhGQZ1e
mHoky20D+U0zpDecxqJaa+yimsgqmkEMXgbNLC24UiJ3qeteNw5mxGEeJ1GpDs5U
dxxB3lnEFD1T8GzHXmnTtxrlCnP9OiKaj5QLkW/YcplyoR95ReQZixSV7Gr7p5ON
P+edv9D+pmXOr2R0ssMuQSQzL4Tflh+V
-----END CERTIFICATE-----
Generated at Mon May 12 15:42:43 2025 by rpki-client