Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F8DBAFC211711F09A3FA8D5DAE4EC9C.roa
File: 9F8DBAFC211711F09A3FA8D5DAE4EC9C.roa (raw, json)
Hash identifier: TS+L0YXw8yLjqDQ3O+DBBNoZi9cEqJaz2sO5uKzIFS4=
Subject key identifier: F0:87:3A:72:55:1B:5A:DC:FF:39:8E:31:C0:D1:F1:9C:B2:0F:E8:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017ADD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F8DBAFC211711F09A3FA8D5DAE4EC9C.roa
Signing time: Thu 24 Apr 2025 14:23:00 +0000
ROA not before: Thu 24 Apr 2025 14:22:55 +0000
ROA not after: Sat 03 May 2025 14:22:55 +0000
asID: 7018
IP address blocks: 154.81.0.0/21 maxlen: 24
154.90.8.0/21 maxlen: 24
154.95.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96989 (0x17add)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 14:22:55 2025 GMT
Not After : May 3 14:22:55 2025 GMT
Subject: CN=680a4944-626b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:88:ac:c3:7f:3e:54:6b:f4:79:62:c4:be:95:
2e:c0:4d:08:e7:86:2d:c6:23:6e:fd:a7:6b:3d:d1:
98:6a:81:c7:87:74:da:05:2d:a3:27:0b:e7:41:2b:
d9:5a:44:a7:36:a2:8a:df:b6:83:67:4f:1d:80:53:
a1:b4:e5:ff:ed:7a:ef:74:8b:cc:56:1c:fa:eb:1d:
61:a9:05:4a:23:88:58:2c:2d:b8:0c:6a:3a:f3:d3:
a3:a3:73:90:e0:9d:c9:f7:6d:66:fb:3c:84:46:55:
f8:9a:7d:d7:de:57:55:31:d6:1a:48:1e:c2:be:63:
32:ba:d4:19:36:10:01:7f:35:b6:a1:15:10:61:92:
bb:8b:9f:a2:fe:97:a0:fd:22:42:cb:0b:f9:06:9f:
e1:23:a9:50:dc:40:83:99:4f:ef:44:2e:a7:be:fa:
c4:15:e5:70:81:04:c8:68:f4:d1:f9:00:5e:61:a0:
34:c4:e9:c2:7c:07:af:60:41:47:09:00:c9:db:d0:
a5:d0:3b:9e:e4:88:36:12:d5:e7:90:42:2e:cb:be:
20:7c:87:9d:f3:a7:8c:19:15:f6:03:65:e2:25:d3:
97:6b:52:19:20:4a:dc:e0:c9:0b:9c:59:3d:19:ef:
51:fe:91:6f:65:c7:7c:bc:2a:6b:78:a7:86:62:c8:
15:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:87:3A:72:55:1B:5A:DC:FF:39:8E:31:C0:D1:F1:9C:B2:0F:E8:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F8DBAFC211711F09A3FA8D5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.0.0/21
154.90.8.0/21
154.95.8.0/21
Signature Algorithm: sha256WithRSAEncryption
a8:03:9b:d1:5d:bb:9a:fb:5c:53:26:f1:43:ca:d3:01:3f:55:
51:49:b5:0e:f2:86:1a:3c:8d:ba:35:8b:e1:0d:31:dc:5d:18:
b1:71:d6:30:51:91:a4:68:a3:05:2a:cc:54:f7:17:41:bb:7b:
9c:9a:96:b8:f0:78:f8:09:01:63:e4:cb:fc:48:4d:e7:06:91:
df:f4:1a:a4:c2:ce:ed:85:85:b0:d6:f5:3b:1b:4e:37:8c:aa:
bf:b8:7c:17:a1:21:a8:cf:16:21:30:27:16:c1:9e:b8:48:6b:
dd:65:4e:cf:ba:f2:a8:2b:28:cc:32:2d:3b:32:a9:fe:cc:bb:
df:7e:5c:33:40:8b:7b:24:3f:2c:ba:45:6d:6d:96:aa:f3:70:
10:da:7c:86:2e:88:36:10:ad:ef:1b:9a:4a:c2:bc:7f:83:b3:
50:52:5b:37:c0:73:33:1d:1b:22:44:07:c5:61:b7:66:fb:22:
f5:6d:d3:21:cc:14:05:8b:0d:a0:29:03:d6:f7:fc:c0:9f:d9:
03:d3:92:b6:b7:1e:65:a5:bc:93:a3:22:8a:50:30:46:eb:a7:
af:0a:b0:b2:07:22:99:90:6f:9d:0d:f7:87:e9:a7:75:47:b8:
64:5c:75:26:c5:a9:40:d5:4b:50:92:01:72:1f:47:82:a3:4c:
ae:41:bc:2c
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAXrdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI0MTQyMjU1WhcNMjUwNTAzMTQyMjU1WjAYMRYw
FAYDVQQDEw02ODBhNDk0NC02MjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7oisw38+VGv0eWLEvpUuwE0I54YtxiNu/adrPdGYaoHHh3TaBS2jJwvn
QSvZWkSnNqKK37aDZ08dgFOhtOX/7XrvdIvMVhz66x1hqQVKI4hYLC24DGo689Oj
o3OQ4J3J921m+zyERlX4mn3X3ldVMdYaSB7CvmMyutQZNhABfzW2oRUQYZK7i5+i
/peg/SJCywv5Bp/hI6lQ3ECDmU/vRC6nvvrEFeVwgQTIaPTR+QBeYaA0xOnCfAev
YEFHCQDJ29Cl0Due5Ig2EtXnkEIuy74gfIed86eMGRX2A2XiJdOXa1IZIErc4MkL
nFk9Ge9R/pFvZcd8vCpreKeGYsgVFwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFPCH
OnJVG1rc/zmOMcDR8ZyyD+jSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RjhEQkFGQzIxMTcxMUYwOUEzRkE4RDVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDmlEAAwQDmloIAwQDml8I
MA0GCSqGSIb3DQEBCwUAA4IBAQCoA5vRXbua+1xTJvFDytMBP1VRSbUO8oYaPI26
NYvhDTHcXRixcdYwUZGkaKMFKsxU9xdBu3ucmpa48Hj4CQFj5Mv8SE3nBpHf9Bqk
ws7thYWw1vU7G043jKq/uHwXoSGozxYhMCcWwZ64SGvdZU7PuvKoKyjMMi07Mqn+
zLvfflwzQIt7JD8sukVtbZaq83AQ2nyGLog2EK3vG5pKwrx/g7NQUls3wHMzHRsi
RAfFYbdm+yL1bdMhzBQFiw2gKQPW9/zAn9kD05K2tx5lpbyToyKKUDBG66evCrCy
ByKZkG+dDfeH6ad1R7hkXHUmxalA1UtQkgFyH0eCo0yuQbws
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:20:40 2025 by rpki-client