Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C976F441C5211F093AAADEEDAE4EC9C.roa
File: 7C976F441C5211F093AAADEEDAE4EC9C.roa (raw, json)
Hash identifier: xFmTZ8XYwGZwkaY66srjCrN19m6/ZSkfUyrubyQmNEo=
Subject key identifier: 10:0F:DD:DA:E4:5C:E6:5D:7E:DE:DD:DA:A5:32:35:25:2F:B0:3D:CE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01797D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C976F441C5211F093AAADEEDAE4EC9C.roa
Signing time: Fri 18 Apr 2025 12:41:45 +0000
ROA not before: Fri 18 Apr 2025 12:41:41 +0000
ROA not after: Thu 15 May 2025 12:41:41 +0000
asID: 133180
IP address blocks: 154.84.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96637 (0x1797d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 12:41:41 2025 GMT
Not After : May 15 12:41:41 2025 GMT
Subject: CN=68024889-120f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:91:a6:7b:a2:65:38:ea:39:74:d8:1f:71:
1c:cd:cb:82:1f:e4:d6:c5:bb:78:74:0a:f2:d8:4d:
d7:03:1b:29:16:99:d1:88:0b:de:c9:b3:e3:f7:65:
15:20:3b:92:bc:3a:42:af:18:0d:76:7d:da:28:1c:
99:76:a5:3f:7d:d5:3e:d1:3d:61:4c:cf:3b:ab:ca:
ba:91:5c:2a:e4:29:5b:9b:d7:f3:dc:fa:2d:93:f7:
4a:fb:4c:2d:05:4f:c5:28:57:86:8f:5e:7a:61:45:
ad:e8:0e:9c:30:9a:11:c4:60:8f:f7:46:37:b9:8f:
75:a7:0d:57:d7:57:5a:44:a0:49:9d:2f:a0:50:05:
3a:56:fb:27:1f:67:e5:82:a1:d1:b6:0d:78:e3:38:
d0:d6:0c:ea:18:e0:64:ba:2e:0f:5e:ff:fa:0f:0b:
41:b7:03:7c:47:f1:2f:e1:35:55:f1:69:81:6a:98:
6a:b4:26:c2:5d:cf:1e:26:8d:a4:36:f1:2f:77:a3:
97:ef:e7:34:59:0e:e5:90:3e:4c:f4:4e:8d:db:c1:
e8:9f:8b:d9:d0:f9:46:15:b8:d5:a9:d7:eb:6b:d0:
e4:97:c9:73:11:0c:8a:01:a8:c5:30:2d:25:61:b9:
c5:9d:7a:41:a0:e1:42:61:cf:8b:cb:cd:12:38:18:
62:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:0F:DD:DA:E4:5C:E6:5D:7E:DE:DD:DA:A5:32:35:25:2F:B0:3D:CE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C976F441C5211F093AAADEEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.135.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:ec:36:31:55:a6:84:cc:2a:48:5a:2d:3c:d4:5c:26:11:b5:
8b:ac:41:2c:07:c9:82:e1:29:00:5a:c0:02:14:2f:6b:48:88:
6c:6c:76:09:f8:c8:7b:06:84:bb:78:6d:7c:f1:2c:1c:10:20:
46:28:ee:2e:33:4f:bc:b2:5e:46:b5:a3:e4:b0:6d:3a:b6:a4:
21:17:2e:83:4d:ea:90:34:ed:c3:f0:45:4d:34:aa:86:8b:58:
bb:f7:b5:a7:cc:69:5d:ca:a7:f0:ea:1e:09:d0:f0:00:63:bf:
dd:32:ec:9e:14:fd:67:3f:b3:1b:c3:cb:b3:50:c6:4e:bd:d0:
ed:d6:7f:18:0e:e2:a5:51:9c:f5:98:c8:77:a6:aa:31:0e:84:
cf:28:f0:53:36:75:c0:bf:3c:dc:31:4f:70:d0:9e:11:a2:e2:
f3:e3:bc:41:4a:e7:11:77:c1:1d:dd:d0:81:e7:cc:83:66:94:
0a:21:7f:56:03:56:88:43:e8:1b:ff:44:1b:23:ee:e7:56:30:
47:79:a8:4a:0f:70:96:d0:0b:92:2b:d3:4c:59:bf:7a:06:0e:
85:0c:28:2b:9b:4a:52:4c:c8:8c:a8:e0:58:31:66:91:d5:b5:
b8:1e:6d:8a:46:ee:a5:44:df:d6:27:e7:9f:36:8f:dd:0f:8c:
e1:00:62:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXl9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE4MTI0MTQxWhcNMjUwNTE1MTI0MTQxWjAYMRYw
FAYDVQQDEw02ODAyNDg4OS0xMjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAziyRpnuiZTjqOXTYH3EczcuCH+TWxbt4dAry2E3XAxspFpnRiAveybPj
92UVIDuSvDpCrxgNdn3aKByZdqU/fdU+0T1hTM87q8q6kVwq5Clbm9fz3Potk/dK
+0wtBU/FKFeGj156YUWt6A6cMJoRxGCP90Y3uY91pw1X11daRKBJnS+gUAU6Vvsn
H2flgqHRtg144zjQ1gzqGOBkui4PXv/6DwtBtwN8R/Ev4TVV8WmBaphqtCbCXc8e
Jo2kNvEvd6OX7+c0WQ7lkD5M9E6N28Hon4vZ0PlGFbjVqdfra9Dkl8lzEQyKAajF
MC0lYbnFnXpBoOFCYc+Ly80SOBhikwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBAP
3drkXOZdft7d2qUyNSUvsD3OMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83Qzk3NkY0NDFDNTIxMUYwOTNBQUFERUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSHMA0GCSqGSIb3DQEB
CwUAA4IBAQA/7DYxVaaEzCpIWi081FwmEbWLrEEsB8mC4SkAWsACFC9rSIhsbHYJ
+Mh7BoS7eG188SwcECBGKO4uM0+8sl5GtaPksG06tqQhFy6DTeqQNO3D8EVNNKqG
i1i797WnzGldyqfw6h4J0PAAY7/dMuyeFP1nP7Mbw8uzUMZOvdDt1n8YDuKlUZz1
mMh3pqoxDoTPKPBTNnXAvzzcMU9w0J4RouLz47xBSucRd8Ed3dCB58yDZpQKIX9W
A1aIQ+gb/0QbI+7nVjBHeahKD3CW0AuSK9NMWb96Bg6FDCgrm0pSTMiMqOBYMWaR
1bW4Hm2KRu6lRN/WJ+efNo/dD4zhAGJ/
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:28:11 2025 by rpki-client