Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/16A0E46A332511F08D5169A5DAE4EC9C.roa
File: 16A0E46A332511F08D5169A5DAE4EC9C.roa (raw, json)
Hash identifier: SDTJTvG0WzzXwtGRMVz2gHF/MCJJ08J4SGvta2YCtmQ=
Subject key identifier: 79:90:6A:91:41:33:BE:E7:AF:9C:EC:31:1A:87:62:FE:75:AB:67:5A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018134
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/16A0E46A332511F08D5169A5DAE4EC9C.roa
Signing time: Sat 17 May 2025 13:44:45 +0000
ROA not before: Sat 17 May 2025 13:44:37 +0000
ROA not after: Fri 08 Aug 2025 13:44:37 +0000
asID: 137443
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98612 (0x18134)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 17 13:44:37 2025 GMT
Not After : Aug 8 13:44:37 2025 GMT
Subject: CN=682892cd-e859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0e:6a:73:0a:61:d4:85:a6:df:38:b6:69:a7:
49:1a:52:c7:13:25:6c:7c:8c:da:b8:0c:0a:8b:1c:
60:23:a1:8e:20:d2:9e:fe:e7:16:a1:b2:39:74:21:
e8:d8:cc:11:c2:c8:50:a7:49:69:22:d7:87:21:47:
57:e4:af:b0:d4:d1:28:b1:46:49:58:e2:e4:11:8b:
01:3e:ac:98:98:eb:45:61:51:62:10:8e:af:b0:94:
63:ba:ba:e7:3f:89:51:f7:57:fe:09:73:f1:98:bc:
03:eb:10:a7:c4:85:03:4d:cc:37:cc:da:e8:a7:28:
2e:26:90:52:af:49:8b:e7:bc:9a:64:32:ca:e3:b5:
fe:cf:84:bf:64:da:a5:b0:d0:47:12:de:f8:0a:08:
ad:17:ad:d7:4e:08:ed:fd:73:ad:8a:5e:82:98:ca:
7c:65:b3:a0:09:9f:3e:10:44:52:6f:83:b0:3f:cb:
36:9a:07:55:6f:f1:f6:3a:17:bf:52:36:c7:fd:27:
53:f4:30:53:49:9a:d9:fe:9d:c2:38:ba:02:18:e1:
18:f0:e7:dd:1d:01:8c:a4:90:b7:7a:14:2f:0d:cd:
db:06:09:3e:81:8e:38:a2:de:5b:57:8a:61:93:b6:
dc:a6:d3:eb:a6:49:2d:cf:ed:14:64:a1:89:e4:c7:
f4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:90:6A:91:41:33:BE:E7:AF:9C:EC:31:1A:87:62:FE:75:AB:67:5A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/16A0E46A332511F08D5169A5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:0e:b9:00:68:a9:c8:b7:20:e3:27:44:66:d1:db:6d:ab:a5:
94:2f:a9:87:8a:24:df:bd:57:e4:55:94:b0:98:cf:0b:57:a6:
7b:8a:23:c3:5e:51:c5:e4:db:9f:c6:52:db:9b:1b:1a:76:6b:
00:08:b4:db:73:ac:43:e2:71:86:54:cb:44:ec:a8:b0:fc:38:
c8:59:b7:da:6a:14:ff:a1:2b:f6:61:e8:07:bc:e3:49:87:6a:
24:ef:8e:44:2a:81:e2:b7:53:af:a8:79:6c:33:95:de:ed:04:
84:00:84:f1:49:25:d0:5e:74:7f:85:61:4e:67:77:bb:95:1e:
0a:22:4a:a8:2c:38:5e:98:4c:03:35:19:78:8f:42:36:29:f6:
72:b4:cf:94:f6:9c:5c:43:31:48:fe:8b:f6:a7:de:ec:43:11:
a7:a2:5d:97:d5:17:4a:dd:fd:1a:2e:f2:76:55:51:46:a7:82:
ea:36:ec:4f:91:93:bb:48:44:0c:c2:a1:7b:38:fe:5d:e2:cf:
cc:1a:23:f4:5f:0b:f3:45:62:1f:5c:d2:4d:2c:21:d5:b2:93:
2c:85:33:3d:17:72:61:64:4c:16:a7:d6:db:4a:45:31:4e:51:
9e:01:d9:93:21:b6:41:11:df:2a:3a:b1:db:1c:d1:b2:16:6c:
7f:84:f5:4b
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYE0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE3MTM0NDM3WhcNMjUwODA4MTM0NDM3WjAYMRYw
FAYDVQQDEw02ODI4OTJjZC1lODU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAww5qcwph1IWm3zi2aadJGlLHEyVsfIzauAwKixxgI6GOINKe/ucWobI5
dCHo2MwRwshQp0lpIteHIUdX5K+w1NEosUZJWOLkEYsBPqyYmOtFYVFiEI6vsJRj
urrnP4lR91f+CXPxmLwD6xCnxIUDTcw3zNropyguJpBSr0mL57yaZDLK47X+z4S/
ZNqlsNBHEt74CgitF63XTgjt/XOtil6CmMp8ZbOgCZ8+EERSb4OwP8s2mgdVb/H2
Ohe/UjbH/SdT9DBTSZrZ/p3COLoCGOEY8OfdHQGMpJC3ehQvDc3bBgk+gY44ot5b
V4phk7bcptPrpkktz+0UZKGJ5Mf0JQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFHmQ
apFBM77nr5zsMRqHYv51q2daMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNkEwRTQ2QTMzMjUxMUYwOEQ1MTY5QTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQBODrkAaKnItyDjJ0Rm0dttq6WUL6mHiiTfvVfk
VZSwmM8LV6Z7iiPDXlHF5NufxlLbmxsadmsACLTbc6xD4nGGVMtE7Kiw/DjIWbfa
ahT/oSv2YegHvONJh2ok745EKoHit1OvqHlsM5Xe7QSEAITxSSXQXnR/hWFOZ3e7
lR4KIkqoLDhemEwDNRl4j0I2KfZytM+U9pxcQzFI/ov2p97sQxGnol2X1RdK3f0a
LvJ2VVFGp4LqNuxPkZO7SEQMwqF7OP5d4s/MGiP0XwvzRWIfXNJNLCHVspMshTM9
F3JhZEwWp9bbSkUxTlGeAdmTIbZBEd8qOrHbHNGyFmx/hPVL
-----END CERTIFICATE-----
Generated at Thu Jun 5 07:16:43 2025 by rpki-client