Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D06DF84C21B411F0835FBFF5DAE4EC9C.roa
File: D06DF84C21B411F0835FBFF5DAE4EC9C.roa (raw, json)
Hash identifier: JaMDLSKQiEwUrZltV5CWuaRtEjm0kEmYtr39ItLGjbs=
Subject key identifier: D8:22:A7:46:8B:6B:B6:47:00:8C:8A:12:77:F9:85:E7:BD:60:18:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B07
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D06DF84C21B411F0835FBFF5DAE4EC9C.roa
Signing time: Fri 25 Apr 2025 09:08:13 +0000
ROA not before: Fri 25 Apr 2025 09:08:08 +0000
ROA not after: Fri 02 May 2025 09:08:08 +0000
asID: 142267
IP address blocks: 154.91.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97031 (0x17b07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 09:08:08 2025 GMT
Not After : May 2 09:08:08 2025 GMT
Subject: CN=680b50fd-d9d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:eb:b1:18:35:82:5e:cb:e6:62:1e:4c:70:c8:
7c:6c:5e:a6:6f:04:d6:ba:ea:6f:f8:16:4d:8b:ed:
e0:a2:d6:56:27:cc:95:90:c1:e6:a7:50:75:70:32:
e2:de:b0:b8:65:74:e0:13:c5:a7:5f:9c:3d:7b:2e:
5e:30:11:59:ac:55:79:0c:92:95:47:52:1f:40:29:
e6:14:af:9c:df:f9:0f:0a:b7:db:54:51:61:87:29:
46:c6:fe:fd:c6:56:df:d2:4c:e0:0a:20:16:31:a5:
12:b0:97:37:73:73:b0:61:59:40:6c:87:6c:84:10:
fc:82:99:d5:b4:52:91:fd:ad:f5:5e:0f:91:19:56:
87:29:47:34:ca:23:52:fa:2e:32:8b:20:28:ec:c9:
e4:d5:7f:12:06:aa:f5:1a:a1:e5:48:f6:4b:67:d1:
d3:db:0e:e4:62:db:f2:c1:06:0b:99:ef:83:d6:db:
7f:74:6f:2f:90:77:ba:72:df:67:69:7d:6c:d1:05:
44:3f:06:42:a8:e4:62:bc:4a:3a:6e:0a:9f:48:d9:
72:6f:b6:26:3a:9c:68:95:e3:8f:96:7c:44:a5:6b:
e2:c3:0a:48:87:41:d7:f9:ff:6a:f3:ab:39:f8:3b:
6a:3e:ff:23:a3:23:de:ec:a1:e6:b4:17:fd:91:ec:
73:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:22:A7:46:8B:6B:B6:47:00:8C:8A:12:77:F9:85:E7:BD:60:18:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D06DF84C21B411F0835FBFF5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.4.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:08:4c:3d:fb:17:e8:26:cb:75:e0:35:cf:63:ee:26:9e:9b:
32:a6:ae:59:94:a8:55:51:50:42:2f:56:4d:a3:34:31:4a:d3:
b8:14:9f:3d:a2:62:a7:48:ad:52:f1:9b:0c:44:5a:b2:3a:08:
f7:e4:10:39:7c:f2:4a:4c:c0:fd:17:72:0a:a9:0a:d9:e8:91:
17:83:15:00:28:f7:f1:61:ae:9c:44:3a:fb:98:38:62:64:08:
e4:e4:d6:75:e8:2c:d3:f1:29:1d:33:74:b3:7d:99:c6:a3:bd:
4a:97:80:7b:30:8a:27:2d:40:b9:e2:10:42:b5:8e:16:12:9e:
da:9c:8e:15:ee:e9:ec:36:2b:3d:a3:aa:66:1e:04:e4:94:a5:
67:a9:94:fa:aa:4e:f1:89:38:c4:ee:0b:e9:85:4e:24:4d:f3:
96:83:75:5c:26:ad:f4:81:24:7b:b9:97:23:26:f1:82:8a:c6:
3d:95:59:5f:0c:2e:e7:24:56:f9:3f:58:97:5b:13:14:af:2f:
6f:35:d5:4a:73:3b:7e:75:80:9b:c7:cb:06:9a:d5:61:14:48:
e2:98:1f:a9:c1:fe:17:75:c7:8f:6a:1f:be:d0:93:fb:1a:df:
43:1c:e5:d8:02:b3:2e:f8:33:68:20:49:6f:77:b2:12:88:7a:
8a:1d:07:18
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXsHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDkwODA4WhcNMjUwNTAyMDkwODA4WjAYMRYw
FAYDVQQDEw02ODBiNTBmZC1kOWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0+uxGDWCXsvmYh5McMh8bF6mbwTWuupv+BZNi+3gotZWJ8yVkMHmp1B1
cDLi3rC4ZXTgE8WnX5w9ey5eMBFZrFV5DJKVR1IfQCnmFK+c3/kPCrfbVFFhhylG
xv79xlbf0kzgCiAWMaUSsJc3c3OwYVlAbIdshBD8gpnVtFKR/a31Xg+RGVaHKUc0
yiNS+i4yiyAo7Mnk1X8SBqr1GqHlSPZLZ9HT2w7kYtvywQYLme+D1tt/dG8vkHe6
ct9naX1s0QVEPwZCqORivEo6bgqfSNlyb7YmOpxoleOPlnxEpWviwwpIh0HX+f9q
86s5+DtqPv8joyPe7KHmtBf9kexzYQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNgi
p0aLa7ZHAIyKEnf5hee9YBhNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMDZERjg0QzIxQjQxMUYwODM1RkJGRjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlsEMA0GCSqGSIb3DQEB
CwUAA4IBAQAbCEw9+xfoJst14DXPY+4mnpsypq5ZlKhVUVBCL1ZNozQxStO4FJ89
omKnSK1S8ZsMRFqyOgj35BA5fPJKTMD9F3IKqQrZ6JEXgxUAKPfxYa6cRDr7mDhi
ZAjk5NZ16CzT8SkdM3SzfZnGo71Kl4B7MIonLUC54hBCtY4WEp7anI4V7unsNis9
o6pmHgTklKVnqZT6qk7xiTjE7gvphU4kTfOWg3VcJq30gSR7uZcjJvGCisY9lVlf
DC7nJFb5P1iXWxMUry9vNdVKczt+dYCbx8sGmtVhFEjimB+pwf4XdcePah++0JP7
Gt9DHOXYArMu+DNoIElvd7ISiHqKHQcY
-----END CERTIFICATE-----
Generated at Sun Apr 27 00:58:34 2025 by rpki-client