Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7617598A241E11F09CE68D96DAE4EC9C.roa
File: 7617598A241E11F09CE68D96DAE4EC9C.roa (raw, json)
Hash identifier: ycvrI78+OhK+cwZOqUFPxeFK79vGH18IFKOW3WoPtno=
Subject key identifier: 28:24:B0:14:8D:1B:C4:FC:2A:57:CB:D4:9F:D7:44:1C:B8:03:4C:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B6E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7617598A241E11F09CE68D96DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 10:49:30 +0000
ROA not before: Mon 28 Apr 2025 10:49:25 +0000
ROA not after: Mon 13 Mar 2028 10:49:25 +0000
asID: 17561
IP address blocks: 154.193.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97134 (0x17b6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 10:49:25 2025 GMT
Not After : Mar 13 10:49:25 2028 GMT
Subject: CN=680f5d3a-65d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:54:8d:a8:0a:90:de:bc:d1:98:59:7a:f4:51:
34:6c:65:69:6c:93:56:da:b8:d9:80:b6:7b:a9:01:
86:f9:18:f1:1c:a5:aa:87:d2:d4:a5:21:93:5b:df:
66:0c:e9:d9:9d:15:b0:48:17:b4:65:ca:53:99:18:
0c:11:c5:ce:fc:0f:8b:71:f0:d9:51:ea:01:67:dc:
63:ca:b4:f2:68:42:95:15:81:ce:23:2c:df:34:18:
9b:86:d3:61:68:c8:06:03:8c:8a:d1:a9:79:48:f2:
37:22:00:5f:98:6c:8a:dd:3e:40:26:c7:cb:09:af:
59:14:4e:9f:26:bb:ca:ea:ab:08:f0:6f:02:81:67:
1f:87:37:24:0e:15:9b:64:31:0c:f3:d1:b0:cf:97:
0e:3a:c9:d5:52:8c:5d:7d:e2:a4:d9:ae:26:0b:cd:
16:4b:c2:ca:10:ef:af:7e:7c:37:92:38:ba:32:fb:
d1:58:4c:48:d9:e4:9d:49:c7:84:8a:42:1c:43:17:
ce:41:94:60:80:d8:42:57:2b:0e:39:7c:8e:48:21:
6e:c1:e9:ef:92:35:85:df:1b:58:4e:4e:79:6e:49:
3d:be:14:56:70:97:10:f4:f1:58:e6:72:f4:14:a1:
42:13:d0:5b:bb:0a:a5:77:02:93:a9:36:ac:78:7b:
e7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:24:B0:14:8D:1B:C4:FC:2A:57:CB:D4:9F:D7:44:1C:B8:03:4C:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7617598A241E11F09CE68D96DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.90.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:59:46:9e:9f:28:e2:c1:03:50:8c:bf:af:0d:e2:27:1d:5c:
00:e6:1c:11:4f:03:bd:f5:58:c1:be:2a:08:f4:45:3b:d1:06:
1d:71:3c:88:8f:77:4f:5a:ba:77:9e:b0:92:88:fb:51:47:ec:
2b:cd:31:7d:d6:d5:5b:69:2a:64:40:ef:65:f3:06:a5:f1:eb:
8e:07:9b:d2:5e:22:1d:14:fe:fa:f8:fa:e5:ba:5c:86:23:12:
a2:f5:f6:11:f2:8f:93:85:f2:48:ad:a8:63:c1:74:86:15:01:
43:3f:19:d4:62:22:72:30:ec:b0:a8:52:88:f8:41:fa:19:ae:
81:de:7f:f4:d8:80:fe:c5:7f:db:c5:e6:49:87:c1:5e:70:52:
a6:f8:7d:5a:57:5b:70:e6:e9:08:ff:b5:c6:aa:c5:4e:1a:ae:
bf:aa:4e:8a:71:d3:70:61:17:a2:26:e7:27:28:09:1e:0e:31:
b1:01:a0:b7:a2:2a:04:fc:25:42:12:46:67:54:09:98:54:a0:
97:5c:5a:d8:33:ff:af:cb:90:11:d8:fa:ec:1e:40:fa:c5:02:
d6:db:2b:bc:8e:bc:ac:8e:36:68:28:32:4b:e5:d1:a0:49:f2:
38:99:e0:83:40:bc:d9:5d:6e:a3:eb:01:c3:aa:3b:a6:eb:2a:
78:ea:ad:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXtuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTA0OTI1WhcNMjgwMzEzMTA0OTI1WjAYMRYw
FAYDVQQDEw02ODBmNWQzYS02NWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoVSNqAqQ3rzRmFl69FE0bGVpbJNW2rjZgLZ7qQGG+RjxHKWqh9LUpSGT
W99mDOnZnRWwSBe0ZcpTmRgMEcXO/A+LcfDZUeoBZ9xjyrTyaEKVFYHOIyzfNBib
htNhaMgGA4yK0al5SPI3IgBfmGyK3T5AJsfLCa9ZFE6fJrvK6qsI8G8CgWcfhzck
DhWbZDEM89Gwz5cOOsnVUoxdfeKk2a4mC80WS8LKEO+vfnw3kji6MvvRWExI2eSd
SceEikIcQxfOQZRggNhCVysOOXyOSCFuwenvkjWF3xtYTk55bkk9vhRWcJcQ9PFY
5nL0FKFCE9BbuwqldwKTqTaseHvnFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCgk
sBSNG8T8KlfL1J/XRBy4A0yBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NjE3NTk4QTI0MUUxMUYwOUNFNjhEOTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsFaMA0GCSqGSIb3DQEB
CwUAA4IBAQA7WUaenyjiwQNQjL+vDeInHVwA5hwRTwO99VjBvioI9EU70QYdcTyI
j3dPWrp3nrCSiPtRR+wrzTF91tVbaSpkQO9l8wal8euOB5vSXiIdFP76+PrlulyG
IxKi9fYR8o+ThfJIrahjwXSGFQFDPxnUYiJyMOywqFKI+EH6Ga6B3n/02ID+xX/b
xeZJh8FecFKm+H1aV1tw5ukI/7XGqsVOGq6/qk6KcdNwYReiJucnKAkeDjGxAaC3
oioE/CVCEkZnVAmYVKCXXFrYM/+vy5AR2PrsHkD6xQLW2yu8jrysjjZoKDJL5dGg
SfI4meCDQLzZXW6j6wHDqjum6yp46q1A
-----END CERTIFICATE-----
Generated at Mon Jun 16 16:55:19 2025 by rpki-client