Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BB6156C211911F0BE8A0DE3DAE4EC9C.roa
File: 9BB6156C211911F0BE8A0DE3DAE4EC9C.roa (raw, json)
Hash identifier: QOalmhkKFeRx/vRR/v6kJVhAoT5WuYM+WDDXOUue7yw=
Subject key identifier: FB:26:19:C6:1B:03:26:62:61:31:9E:76:BB:E5:BA:07:6B:9F:81:89
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AE5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BB6156C211911F0BE8A0DE3DAE4EC9C.roa
Signing time: Thu 24 Apr 2025 14:37:12 +0000
ROA not before: Thu 24 Apr 2025 14:37:08 +0000
ROA not after: Mon 21 Jul 2025 14:37:08 +0000
asID: 135377
IP address blocks: 154.82.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96997 (0x17ae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 14:37:08 2025 GMT
Not After : Jul 21 14:37:08 2025 GMT
Subject: CN=680a4c98-cb9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0b:f3:40:40:11:df:26:4f:b4:6a:e3:9b:66:
f8:56:d4:a0:c8:e6:80:8e:d1:43:7a:a9:06:c7:c7:
3d:21:8d:cd:ac:57:31:ca:e5:3c:81:bd:0e:65:91:
ee:60:3f:ff:3f:fd:ee:eb:31:82:ee:35:f5:e8:e7:
51:77:58:54:ef:f2:36:e0:8e:f3:4a:ef:c5:5f:54:
26:15:c6:34:3a:45:b7:44:12:c0:0a:b1:ea:88:43:
00:c5:1b:af:ba:13:97:57:15:db:85:72:a9:1e:70:
7f:ec:2e:99:47:9b:08:49:4c:f5:ad:e0:37:6e:ad:
f4:ab:c1:82:71:94:47:41:c0:db:92:b2:d4:f7:f5:
b5:d3:45:d7:92:c5:45:fe:fc:32:ce:74:6d:08:ff:
5d:44:a3:3e:4e:de:18:37:2f:40:cc:5b:34:11:10:
25:2e:56:37:63:ce:ee:85:8a:2e:74:6a:f7:e5:30:
92:58:fa:de:67:82:40:69:da:fb:e8:f1:1e:1b:68:
48:7b:45:0c:7f:30:ce:02:c4:b1:fc:dd:91:44:07:
23:d8:f2:b1:c8:85:75:66:e6:74:0c:d0:bd:16:97:
d4:91:70:c0:0b:03:31:45:e1:22:11:97:12:4a:1a:
9f:c6:d0:b4:1f:e2:b9:8f:0b:fe:05:f2:ce:9b:72:
a2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:26:19:C6:1B:03:26:62:61:31:9E:76:BB:E5:BA:07:6B:9F:81:89
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BB6156C211911F0BE8A0DE3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.23.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:30:3d:83:13:c1:fa:b4:7c:d3:2a:d8:f3:26:0e:48:c0:aa:
82:9c:02:18:d1:9a:e0:85:7b:6a:22:62:a2:8a:40:b8:03:d1:
0b:f6:58:9d:b0:eb:1b:ee:6b:37:9d:3e:cb:23:ea:c4:aa:c5:
da:98:a4:0e:81:a3:0f:6d:1c:21:b1:d1:53:6a:38:b3:8b:50:
34:8b:fe:46:b1:53:22:3b:74:fc:2c:55:80:b9:70:66:0e:7b:
bb:26:93:0c:c5:5d:94:c6:9e:ca:c8:41:e3:34:68:de:77:e0:
f4:a2:df:23:a6:0e:31:68:06:4c:f9:43:4f:4e:f5:8a:09:cd:
fd:37:5c:fc:6f:39:61:ce:b3:7c:6e:0c:36:db:ab:32:ee:f0:
f9:ba:76:ee:32:81:c7:60:bc:aa:87:9e:13:5c:06:be:94:2e:
e4:6f:cc:3e:6c:43:f0:cc:80:6b:c0:d0:83:e7:33:fa:26:3c:
e1:5a:4d:79:81:0e:c0:f1:1b:0d:59:77:47:c3:bf:83:f1:56:
9f:1e:8a:27:ca:f4:7d:57:4d:05:40:85:73:a1:32:5d:dd:0c:
07:27:32:9a:e1:18:e9:4c:d2:08:33:54:9b:27:60:08:da:6e:
49:c6:b0:f3:4e:a2:58:33:3e:17:da:b4:8c:e6:e7:aa:1a:04:
5a:d9:0c:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXrlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI0MTQzNzA4WhcNMjUwNzIxMTQzNzA4WjAYMRYw
FAYDVQQDEw02ODBhNGM5OC1jYjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7AvzQEAR3yZPtGrjm2b4VtSgyOaAjtFDeqkGx8c9IY3NrFcxyuU8gb0O
ZZHuYD//P/3u6zGC7jX16OdRd1hU7/I24I7zSu/FX1QmFcY0OkW3RBLACrHqiEMA
xRuvuhOXVxXbhXKpHnB/7C6ZR5sISUz1reA3bq30q8GCcZRHQcDbkrLU9/W100XX
ksVF/vwyznRtCP9dRKM+Tt4YNy9AzFs0ERAlLlY3Y87uhYoudGr35TCSWPreZ4JA
adr76PEeG2hIe0UMfzDOAsSx/N2RRAcj2PKxyIV1ZuZ0DNC9FpfUkXDACwMxReEi
EZcSShqfxtC0H+K5jwv+BfLOm3KitQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPsm
GcYbAyZiYTGedrvlugdrn4GJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QkI2MTU2QzIxMTkxMUYwQkU4QTBERTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlIXMA0GCSqGSIb3DQEB
CwUAA4IBAQDHMD2DE8H6tHzTKtjzJg5IwKqCnAIY0ZrghXtqImKiikC4A9EL9lid
sOsb7ms3nT7LI+rEqsXamKQOgaMPbRwhsdFTajizi1A0i/5GsVMiO3T8LFWAuXBm
Dnu7JpMMxV2Uxp7KyEHjNGjed+D0ot8jpg4xaAZM+UNPTvWKCc39N1z8bzlhzrN8
bgw226sy7vD5unbuMoHHYLyqh54TXAa+lC7kb8w+bEPwzIBrwNCD5zP6JjzhWk15
gQ7A8RsNWXdHw7+D8VafHoonyvR9V00FQIVzoTJd3QwHJzKa4RjpTNIIM1SbJ2AI
2m5JxrDzTqJYMz4X2rSM5ueqGgRa2Qxq
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:17:03 2025 by rpki-client