Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BFF2FCC21B111F0A9905FDFDAE4EC9C.roa
File: 7BFF2FCC21B111F0A9905FDFDAE4EC9C.roa (raw, json)
Hash identifier: WoV1UrpsbkEhK/0NaF0n6YuvfZ35TmG/wVvm9lPKK9I=
Subject key identifier: 73:8A:ED:93:D6:BF:E5:DB:2C:59:C7:DD:C0:76:F0:4E:4B:0C:F3:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AFF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BFF2FCC21B111F0A9905FDFDAE4EC9C.roa
Signing time: Fri 25 Apr 2025 08:44:23 +0000
ROA not before: Fri 25 Apr 2025 08:44:18 +0000
ROA not after: Mon 05 May 2025 08:44:18 +0000
asID: 142267
IP address blocks: 154.91.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97023 (0x17aff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 08:44:18 2025 GMT
Not After : May 5 08:44:18 2025 GMT
Subject: CN=680b4b66-6751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:91:68:fc:bd:b5:d7:74:ca:62:72:dd:96:2b:
1c:3a:27:67:38:12:06:e5:44:9a:d7:fd:fd:3a:d8:
ee:88:2f:20:32:1e:5b:5d:f3:d2:6f:0e:fb:3d:14:
8f:ca:93:d8:59:7c:a8:99:96:b6:4e:8a:ff:18:1d:
24:2c:b6:7b:6b:5e:4b:ab:46:e8:bc:f6:43:f5:c0:
d2:80:8d:68:49:36:69:ce:28:da:1a:60:9c:95:2b:
1b:4b:27:81:fb:49:a5:09:7a:90:86:8a:af:50:8f:
58:2b:74:74:54:8d:b6:e5:ee:12:62:b9:e3:88:1e:
0d:d6:78:52:f7:c0:85:23:96:51:f2:f6:d0:48:cf:
2f:b2:ef:51:b3:20:49:16:ad:b1:90:43:27:e5:fa:
1f:39:99:80:a8:81:e6:d2:bd:df:ac:30:3b:9f:ad:
f4:e2:4f:97:f0:81:b4:65:6f:b2:15:0b:63:47:b9:
04:c0:56:b4:1a:0a:62:4e:f7:56:73:3a:29:63:43:
a1:55:7b:56:ed:59:8c:28:fb:6b:73:b7:fd:7d:4d:
aa:6d:e8:ef:15:ab:49:fa:71:4a:50:f7:3f:c7:bc:
f1:92:e8:2a:68:a7:eb:fe:85:14:81:54:26:33:91:
f0:e5:31:e3:fc:d4:1f:2f:ef:c2:6b:e2:0e:d4:58:
24:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8A:ED:93:D6:BF:E5:DB:2C:59:C7:DD:C0:76:F0:4E:4B:0C:F3:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BFF2FCC21B111F0A9905FDFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.4.0/24
Signature Algorithm: sha256WithRSAEncryption
47:74:25:1d:16:03:53:0e:15:56:ef:23:c7:3d:43:ad:2e:75:
7d:59:32:d3:14:15:d9:3f:34:96:fb:19:43:cd:0a:0f:12:22:
39:f5:74:96:f9:c0:d9:14:45:49:be:e5:51:a8:4f:1c:45:f1:
af:56:10:02:64:8d:0d:f5:84:7f:95:74:59:fc:96:83:01:5c:
94:fd:25:38:66:b4:c4:7b:4f:c0:20:7e:9c:42:97:34:b1:7a:
76:cc:c9:16:b0:6e:c5:5e:68:f8:73:ba:25:a8:8a:cf:58:97:
f7:2b:83:08:18:8e:b6:ec:2b:d8:5f:eb:5d:2c:9c:6a:4e:e1:
9f:23:a7:ee:fb:0f:09:12:0b:4f:93:fc:3c:9b:4b:05:9e:5e:
e4:36:cf:aa:78:1f:66:db:3b:5f:f3:f5:cb:bc:41:46:d3:73:
94:39:74:fa:ab:71:d9:45:e1:cc:17:f9:50:14:a9:ba:e3:a2:
03:08:dc:9e:af:bf:57:ba:fa:cc:df:e2:47:6a:94:6f:ec:6b:
3a:07:28:d6:d2:37:12:66:89:4f:8c:29:c1:1c:c7:98:dd:9f:
17:28:ce:74:e4:6d:53:c6:fb:2d:17:d3:31:ab:bc:91:56:4b:
89:11:52:99:95:9b:7e:a2:51:ce:91:07:05:bf:9f:04:0e:e6:
6b:6a:61:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXr/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDg0NDE4WhcNMjUwNTA1MDg0NDE4WjAYMRYw
FAYDVQQDEw02ODBiNGI2Ni02NzUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzZFo/L2113TKYnLdliscOidnOBIG5USa1/39OtjuiC8gMh5bXfPSbw77
PRSPypPYWXyomZa2Tor/GB0kLLZ7a15Lq0bovPZD9cDSgI1oSTZpzijaGmCclSsb
SyeB+0mlCXqQhoqvUI9YK3R0VI225e4SYrnjiB4N1nhS98CFI5ZR8vbQSM8vsu9R
syBJFq2xkEMn5fofOZmAqIHm0r3frDA7n6304k+X8IG0ZW+yFQtjR7kEwFa0Ggpi
TvdWczopY0OhVXtW7VmMKPtrc7f9fU2qbejvFatJ+nFKUPc/x7zxkugqaKfr/oUU
gVQmM5Hw5THj/NQfL+/Ca+IO1Fgk/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHOK
7ZPWv+XbLFnH3cB28E5LDPNHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QkZGMkZDQzIxQjExMUYwQTk5MDVGREZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlsEMA0GCSqGSIb3DQEB
CwUAA4IBAQBHdCUdFgNTDhVW7yPHPUOtLnV9WTLTFBXZPzSW+xlDzQoPEiI59XSW
+cDZFEVJvuVRqE8cRfGvVhACZI0N9YR/lXRZ/JaDAVyU/SU4ZrTEe0/AIH6cQpc0
sXp2zMkWsG7FXmj4c7olqIrPWJf3K4MIGI627CvYX+tdLJxqTuGfI6fu+w8JEgtP
k/w8m0sFnl7kNs+qeB9m2ztf8/XLvEFG03OUOXT6q3HZReHMF/lQFKm646IDCNye
r79XuvrM3+JHapRv7Gs6ByjW0jcSZolPjCnBHMeY3Z8XKM505G1TxvstF9Mxq7yR
VkuJEVKZlZt+olHOkQcFv58EDuZramHA
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:10:29 2025 by rpki-client