Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E0DD49B43AE911F080BBE4E8DAE4EC9C.roa
File: E0DD49B43AE911F080BBE4E8DAE4EC9C.roa (raw, json)
Hash identifier: AT9nkvJK3yyZo05FVma2muWNL6e85IABJrrEEAIusNE=
Subject key identifier: C3:5D:EC:3D:E6:DD:5F:BD:90:A0:9F:44:31:DC:17:DA:58:E4:A8:CF
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1AF4
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E0DD49B43AE911F080BBE4E8DAE4EC9C.roa
Signing time: Tue 27 May 2025 11:01:03 +0000
ROA not before: Tue 27 May 2025 11:00:57 +0000
ROA not after: Thu 27 May 2027 11:00:57 +0000
asID: 38001
IP address blocks: 154.16.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Jun 2025 00:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6900 (0x1af4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 27 11:00:57 2025 GMT
Not After : May 27 11:00:57 2027 GMT
Subject: CN=68359b6f-3127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9b:fd:aa:6f:4c:11:3a:ba:40:80:32:33:e7:
97:a6:1c:cb:0a:f1:95:5c:6d:db:03:7e:72:45:30:
84:ef:d9:bc:80:dd:fb:9f:d4:05:57:06:86:99:57:
17:57:d3:04:f3:5a:4a:78:68:1f:69:55:bf:39:aa:
fd:21:30:67:d7:99:69:d4:c6:73:b3:95:f4:5d:10:
bc:08:48:95:f2:e6:46:89:ea:23:c5:a0:e2:93:03:
85:da:73:1e:13:11:1c:73:56:a2:4f:93:be:e9:77:
f6:ef:5f:9a:ad:54:03:50:72:70:fe:7e:31:00:20:
98:a2:77:8d:71:e7:07:05:9c:1a:7f:04:bf:68:37:
fd:2b:15:f3:4e:d2:f3:00:88:2a:9e:b7:e3:52:90:
bd:21:51:71:00:94:62:26:b0:a8:37:dc:06:90:bb:
42:91:60:04:bb:1c:21:fa:b8:8a:99:d5:e7:90:3c:
a2:0b:c5:68:59:b3:62:8c:2e:dd:9b:30:25:38:ce:
3c:43:66:c0:ea:fd:13:c8:51:91:d0:6e:11:59:19:
83:2c:74:38:86:24:54:71:7a:cd:84:ac:18:7a:ca:
a7:97:36:e4:f7:db:3d:6a:f4:fd:3f:54:96:7a:05:
e8:8c:9f:9e:49:88:6e:f3:12:c5:80:3b:1b:19:80:
14:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:5D:EC:3D:E6:DD:5F:BD:90:A0:9F:44:31:DC:17:DA:58:E4:A8:CF
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E0DD49B43AE911F080BBE4E8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.19.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:f4:64:16:c1:65:d8:92:f6:a6:9c:5c:de:b9:26:8d:9c:31:
3f:55:ab:0e:d1:98:cc:c9:98:fc:aa:bc:e7:76:d2:6c:a3:5c:
ac:ba:16:21:86:bc:41:b4:b2:5c:82:43:6f:54:da:30:77:25:
21:c9:4d:b0:bc:47:8a:59:ba:23:52:03:cb:72:40:fa:ec:cb:
62:60:49:79:75:e7:aa:17:84:99:84:fa:67:a8:d5:65:10:90:
2f:8a:06:c8:d8:8c:ca:74:cb:36:ea:e3:11:c9:42:cc:69:ea:
1c:b5:10:dd:09:df:12:48:64:4c:58:96:f2:df:94:30:a6:33:
d0:77:78:59:a3:e2:2b:7d:2d:7e:63:e2:ba:35:cf:53:08:b0:
2e:aa:06:49:7a:ed:28:64:ef:78:f3:b8:8e:fa:ab:61:f0:ba:
c4:84:7c:a1:e0:c7:c2:08:43:15:9e:50:dc:d9:78:f6:d9:8c:
8b:11:33:5f:29:f2:4b:46:2a:8e:ff:a0:db:be:f8:09:84:f2:
66:78:62:6d:10:e1:07:09:2e:4a:04:64:52:a1:32:8c:cc:20:
20:cb:ea:7c:ee:3b:a0:19:b9:0c:53:e0:6a:c9:c6:6a:4a:7f:
ef:8f:d4:50:1c:0a:eb:7d:e1:c7:86:39:bc:a5:1e:4a:75:93:
2d:57:8a:5f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGvQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA1MjcxMTAwNTdaFw0yNzA1MjcxMTAwNTdaMBgxFjAU
BgNVBAMTDTY4MzU5YjZmLTMxMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDTm/2qb0wROrpAgDIz55emHMsK8ZVcbdsDfnJFMITv2byA3fuf1AVXBoaZ
VxdX0wTzWkp4aB9pVb85qv0hMGfXmWnUxnOzlfRdELwISJXy5kaJ6iPFoOKTA4Xa
cx4TERxzVqJPk77pd/bvX5qtVANQcnD+fjEAIJiid41x5wcFnBp/BL9oN/0rFfNO
0vMAiCqet+NSkL0hUXEAlGImsKg33AaQu0KRYAS7HCH6uIqZ1eeQPKILxWhZs2KM
Lt2bMCU4zjxDZsDq/RPIUZHQbhFZGYMsdDiGJFRxes2ErBh6yqeXNuT32z1q9P0/
VJZ6BeiMn55JiG7zEsWAOxsZgBQNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUw13s
PebdX72QoJ9EMdwX2ljkqM8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0UwREQ0OUI0M0FFOTExRjA4MEJCRTRFOERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBMwDQYJKoZIhvcNAQEL
BQADggEBAD30ZBbBZdiS9qacXN65Jo2cMT9Vqw7RmMzJmPyqvOd20myjXKy6FiGG
vEG0slyCQ29U2jB3JSHJTbC8R4pZuiNSA8tyQPrsy2JgSXl156oXhJmE+meo1WUQ
kC+KBsjYjMp0yzbq4xHJQsxp6hy1EN0J3xJIZExYlvLflDCmM9B3eFmj4it9LX5j
4ro1z1MIsC6qBkl67Shk73jzuI76q2HwusSEfKHgx8IIQxWeUNzZePbZjIsRM18p
8ktGKo7/oNu++AmE8mZ4Ym0Q4QcJLkoEZFKhMozMICDL6nzuO6AZuQxT4GrJxmpK
f++P1FAcCut94ceGObylHkp1ky1Xil8=
-----END CERTIFICATE-----
Generated at Mon Jun 2 17:03:19 2025 by rpki-client