Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/FACAD9883BCD11F0B6605CB3DAE4EC9C.roa
File: FACAD9883BCD11F0B6605CB3DAE4EC9C.roa (raw, json)
Hash identifier: dP2wxzdL+Mv6hC2VyEDiD2GektX+aPyV3i8xOTvVXKs=
Subject key identifier: 71:E6:35:80:62:4F:B7:03:B1:CC:39:63:47:07:07:3D:71:A4:71:F1
Certificate issuer: /CN=F36312D2AF/serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Certificate serial: 05C5
Authority key identifier: 31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/FACAD9883BCD11F0B6605CB3DAE4EC9C.roa
Signing time: Wed 28 May 2025 14:13:51 +0000
ROA not before: Wed 28 May 2025 14:13:47 +0000
ROA not after: Mon 31 Dec 2035 14:13:47 +0000
asID: 37236
IP address blocks: 154.119.224.0/19 maxlen: 19
154.119.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.crl
rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.mft
rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1477 (0x5c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36312D2AF, serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Validity
Not Before: May 28 14:13:47 2025 GMT
Not After : Dec 31 14:13:47 2035 GMT
Subject: CN=68371a1f-40b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ff:3e:f3:35:90:16:5d:b0:0d:8f:6a:0f:7e:
dc:e1:09:2e:ee:e7:c4:3a:78:18:57:a2:af:6c:16:
9b:0c:84:e8:51:de:7f:a3:2a:2e:31:d8:99:24:d6:
fe:7f:41:e9:86:e8:96:87:4c:fb:2a:a9:bd:e8:ab:
b2:dc:b0:70:a0:4a:10:b9:32:fb:f0:8f:50:ce:d7:
d5:e9:43:6d:b3:35:94:ef:fd:18:91:ed:67:c1:23:
fe:da:a4:52:a9:35:38:7f:3e:94:fa:21:76:8b:8d:
e3:7f:33:2b:d5:33:9a:fe:89:70:ab:24:78:9b:b2:
2b:93:41:e5:1c:16:3c:5e:fc:54:d5:f1:29:5f:a9:
d6:f6:39:57:3b:7c:31:a4:29:72:00:db:8e:1a:59:
0c:fa:6b:77:2b:45:c7:b9:c3:73:a6:a5:c3:08:e1:
6f:2c:c3:b2:c9:87:b1:02:0a:cd:a5:0e:56:3a:4e:
be:4c:bf:79:5f:51:ca:c0:6b:d4:bb:35:0a:df:50:
6e:70:68:43:30:03:57:a1:bc:67:c2:ea:51:20:fa:
b1:55:c5:ac:60:68:77:ad:99:51:c9:2f:e1:15:04:
b1:13:d5:ad:e3:dd:87:46:ac:4c:58:77:26:8c:be:
46:3e:3f:b0:81:bd:59:b0:ba:d0:95:7b:73:23:e4:
73:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E6:35:80:62:4F:B7:03:B1:CC:39:63:47:07:07:3D:71:A4:71:F1
X509v3 Authority Key Identifier:
keyid:31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/FACAD9883BCD11F0B6605CB3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.119.224.0/19
Signature Algorithm: sha256WithRSAEncryption
21:60:c6:e9:bc:99:d4:89:86:bc:f7:a7:f9:43:b4:6d:a1:a1:
6f:04:8d:f4:69:bc:ac:10:d9:a1:81:22:81:64:98:a4:99:e0:
b8:a9:99:ec:b3:ae:09:99:12:5f:f0:4e:3e:96:d9:db:41:d8:
1e:e0:0c:1d:05:75:4d:c4:8d:f5:5a:23:65:06:ea:78:8b:5b:
65:26:cb:94:d1:00:ac:b8:2d:6f:71:90:1b:37:6b:50:d6:7f:
0d:f3:8b:70:c3:2f:e4:90:43:0c:4b:82:b3:d4:24:93:5e:b5:
71:90:69:24:d5:ff:0a:8d:d2:fd:9a:9c:40:af:d5:25:e3:9c:
7d:46:c6:ee:a4:81:06:f2:59:26:32:d0:fa:d0:4a:dd:7b:78:
3f:f1:c9:a5:43:8a:cd:a9:15:c1:39:fd:c5:31:2d:6a:5a:58:
4a:89:24:e5:4b:e2:b3:ac:b2:08:79:a4:64:52:18:9c:b1:86:
52:9c:b5:0b:f5:e7:cc:65:f4:54:e4:cd:ac:65:6b:ad:a6:56:
45:8b:47:93:e8:31:2e:20:dd:2c:5f:1a:ba:25:ca:63:19:08:
0b:11:07:4e:35:ee:8e:8a:e0:15:4c:66:ac:66:be:32:66:64:
59:d7:8e:4e:e2:c3:6d:df:2e:c5:19:a0:f1:d1:a5:5b:f0:a0:
4a:01:d0:aa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBcUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzEyRDJBRjExMC8GA1UEBRMoMzFCQTVBQ0U1N0JGMURBRkJBODhEREFFRjQyRUM4
RjE1MTVFMTNDMjAeFw0yNTA1MjgxNDEzNDdaFw0zNTEyMzExNDEzNDdaMBgxFjAU
BgNVBAMTDTY4MzcxYTFmLTQwYjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2/z7zNZAWXbANj2oPftzhCS7u58Q6eBhXoq9sFpsMhOhR3n+jKi4x2Jkk
1v5/QemG6JaHTPsqqb3oq7LcsHCgShC5Mvvwj1DO19XpQ22zNZTv/RiR7WfBI/7a
pFKpNTh/PpT6IXaLjeN/MyvVM5r+iXCrJHibsiuTQeUcFjxe/FTV8Slfqdb2OVc7
fDGkKXIA244aWQz6a3crRce5w3OmpcMI4W8sw7LJh7ECCs2lDlY6Tr5Mv3lfUcrA
a9S7NQrfUG5waEMwA1ehvGfC6lEg+rFVxaxgaHetmVHJL+EVBLET1a3j3YdGrExY
dyaMvkY+P7CBvVmwutCVe3Mj5HNnAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUceY1
gGJPtwOxzDljRwcHPXGkcfEwHwYDVR0jBBgwFoAUMbpazle/Ha+6iN2u9C7I8VFe
E8IwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMxMkQyL0ZGQTI1MTQ0RjBGRDExRUJBODVCNjQzRUQ4QTAxNENFL01icGF6
bGVfSGEtNmlOMnU5QzdJOFZGZUU4SS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL01icGF6bGVfSGEtNmlOMnU5QzdJOFZGZUU4SS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjMxMkQyL0ZGQTI1MTQ0RjBGRDExRUJBODVCNjQzRUQ4
QTAxNENFL0ZBQ0FEOTg4M0JDRDExRjBCNjYwNUNCM0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAWad+AwDQYJKoZIhvcNAQEL
BQADggEBACFgxum8mdSJhrz3p/lDtG2hoW8EjfRpvKwQ2aGBIoFkmKSZ4Lipmeyz
rgmZEl/wTj6W2dtB2B7gDB0FdU3EjfVaI2UG6niLW2Umy5TRAKy4LW9xkBs3a1DW
fw3zi3DDL+SQQwxLgrPUJJNetXGQaSTV/wqN0v2anECv1SXjnH1Gxu6kgQbyWSYy
0PrQSt17eD/xyaVDis2pFcE5/cUxLWpaWEqJJOVL4rOssgh5pGRSGJyxhlKctQv1
58xl9FTkzaxla62mVkWLR5PoMS4g3SxfGrolymMZCAsRB0417o6K4BVMZqxmvjJm
ZFnXjk7iw23fLsUZoPHRpVvwoEoB0Ko=
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:22:21 2025 by rpki-client