Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/108FAC7C37D611F095DD60DBDAE4EC9C.roa
File: 108FAC7C37D611F095DD60DBDAE4EC9C.roa (raw, json)
Hash identifier: d/pej62gtajJLLcVIm2hnlUxqwvV7XUdpdCFxIDWtj4=
Subject key identifier: 3C:A9:03:B0:3C:66:CE:B0:AF:6C:CF:32:08:77:08:F9:91:8A:FC:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01820B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/108FAC7C37D611F095DD60DBDAE4EC9C.roa
Signing time: Fri 23 May 2025 13:01:39 +0000
ROA not before: Fri 23 May 2025 13:01:34 +0000
ROA not after: Fri 27 Jun 2025 13:01:34 +0000
asID: 142032
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98827 (0x1820b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 13:01:34 2025 GMT
Not After : Jun 27 13:01:34 2025 GMT
Subject: CN=683071b3-059a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fd:ce:92:83:a1:51:69:2e:53:e6:86:1e:78:
e8:24:2f:48:04:04:85:0e:7d:62:5c:2c:36:61:44:
5b:b8:39:e3:92:ed:b5:cb:0d:d8:b5:d3:fe:c6:42:
ee:73:d5:74:9b:af:38:a5:2c:18:bc:9f:0d:36:c2:
e3:5e:93:30:92:9c:21:ac:76:5e:a8:29:14:0e:a7:
a4:4b:ed:71:df:20:e0:ad:fb:72:89:eb:60:17:20:
75:3f:92:8e:fc:dd:65:e0:f7:9b:da:87:d4:97:38:
8b:90:38:ec:ca:c3:ac:17:7b:ed:9a:29:a3:a2:01:
4a:a3:85:12:cb:c0:80:34:3e:93:f9:b8:8a:db:0e:
eb:5f:e8:25:e5:09:43:0f:b4:77:f0:55:1b:32:07:
7a:64:f2:c7:cd:e2:69:74:36:34:db:7b:3c:fe:1a:
b0:8a:c4:4e:39:26:5d:a0:f8:e6:38:2d:4e:0e:66:
ec:2c:c6:1f:d5:87:89:08:66:eb:c6:e5:96:45:0d:
9a:b5:48:c7:d0:19:f3:be:9c:81:87:ab:e0:9a:64:
2d:1a:e9:5c:a1:4e:8c:00:b2:44:a9:83:db:20:d7:
d1:3a:a9:41:52:56:d2:c1:7f:91:db:9e:b1:fc:72:
2d:78:63:7a:4c:0b:40:37:95:26:73:d9:96:bd:37:
5e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A9:03:B0:3C:66:CE:B0:AF:6C:CF:32:08:77:08:F9:91:8A:FC:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/108FAC7C37D611F095DD60DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
64:59:dd:d1:1b:62:f7:08:69:50:ea:fe:f9:c7:62:9e:f2:3f:
f6:dc:44:45:ec:59:54:ba:09:25:57:b1:c9:e7:3b:61:c6:f4:
20:0a:dc:b2:ee:95:53:50:09:2a:5a:56:84:25:fc:ed:c6:3c:
c7:bf:6d:e9:00:4d:b1:de:24:a8:0c:cb:29:1e:f1:cb:b4:72:
1d:d1:62:8f:e8:90:d3:2f:d0:f9:cf:0a:76:66:33:71:43:b0:
00:29:5f:d0:33:dd:5a:35:ee:50:2d:fc:92:7e:4c:ca:ce:89:
43:1c:69:4e:cb:21:93:f1:a2:26:f7:cf:cf:f4:e0:55:c5:50:
30:12:7f:46:8a:38:e5:58:3b:23:0c:0a:a2:3b:fc:b6:7b:05:
c3:b5:15:01:dc:d0:f4:2a:b2:0d:13:24:60:92:6a:5d:4b:a1:
12:c3:4b:72:24:0a:f6:e4:64:9a:44:62:a6:52:1b:76:f7:75:
c3:80:d3:d6:c1:b2:d3:5e:9c:d0:c5:3c:14:07:89:fb:61:b2:
7c:e4:ed:8d:d9:57:1b:50:4f:fc:6b:19:63:4b:ec:d8:54:8b:
eb:33:a5:8e:97:7f:a8:0e:c7:9a:b9:e5:5e:82:0d:c7:4d:fa:
26:f5:f0:a3:c2:db:5e:86:bd:9a:98:5c:d5:77:14:82:74:ac:
7c:0f:2c:b2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYILMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMTMwMTM0WhcNMjUwNjI3MTMwMTM0WjAYMRYw
FAYDVQQDEw02ODMwNzFiMy0wNTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxv3OkoOhUWkuU+aGHnjoJC9IBASFDn1iXCw2YURbuDnjku21yw3YtdP+
xkLuc9V0m684pSwYvJ8NNsLjXpMwkpwhrHZeqCkUDqekS+1x3yDgrftyietgFyB1
P5KO/N1l4Peb2ofUlziLkDjsysOsF3vtmimjogFKo4USy8CAND6T+biK2w7rX+gl
5QlDD7R38FUbMgd6ZPLHzeJpdDY023s8/hqwisROOSZdoPjmOC1ODmbsLMYf1YeJ
CGbrxuWWRQ2atUjH0BnzvpyBh6vgmmQtGulcoU6MALJEqYPbINfROqlBUlbSwX+R
256x/HIteGN6TAtAN5Umc9mWvTdenQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDyp
A7A8Zs6wr2zPMgh3CPmRivzkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMDhGQUM3QzM3RDYxMUYwOTVERDYwREJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQBkWd3RG2L3CGlQ6v75x2Ke8j/23ERF7FlUugklV7HJ5zthxvQgCtyy
7pVTUAkqWlaEJfztxjzHv23pAE2x3iSoDMspHvHLtHId0WKP6JDTL9D5zwp2ZjNx
Q7AAKV/QM91aNe5QLfySfkzKzolDHGlOyyGT8aIm98/P9OBVxVAwEn9GijjlWDsj
DAqiO/y2ewXDtRUB3ND0KrINEyRgkmpdS6ESw0tyJAr25GSaRGKmUht293XDgNPW
wbLTXpzQxTwUB4n7YbJ85O2N2VcbUE/8axljS+zYVIvrM6WOl3+oDseaueVegg3H
Tfom9fCjwttehr2amFzVdxSCdKx8Dyyy
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:25:29 2025 by rpki-client