Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21D8C7B63E3911F0A07B3EEADAE4EC9C.roa
File: 21D8C7B63E3911F0A07B3EEADAE4EC9C.roa (raw, json)
Hash identifier: 54gsu+YCdwOxPQnvYCo8+wLosZA5OTQK9Ncy2r2FAn8=
Subject key identifier: 76:FE:9C:D9:7F:25:AD:FC:04:B0:A6:56:16:6A:4F:E8:F2:E2:6E:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01842A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21D8C7B63E3911F0A07B3EEADAE4EC9C.roa
Signing time: Sat 31 May 2025 16:05:55 +0000
ROA not before: Sat 31 May 2025 16:05:51 +0000
ROA not after: Thu 10 Jul 2025 16:05:51 +0000
asID: 141159
IP address blocks: 154.94.224.0/24 maxlen: 24
154.94.225.0/24 maxlen: 24
154.94.228.0/22 maxlen: 24
154.94.238.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99370 (0x1842a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 31 16:05:51 2025 GMT
Not After : Jul 10 16:05:51 2025 GMT
Subject: CN=683b28e3-5bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:29:13:85:cb:13:53:50:f2:c4:52:a9:29:cf:
ce:99:49:f9:51:7e:ae:c5:83:7c:f7:9d:e6:0b:40:
43:aa:4b:0f:b1:4e:91:0d:d1:ab:58:a0:b2:5b:50:
37:c6:34:f8:1d:61:a6:ae:07:99:22:74:8b:5d:ca:
4f:82:8c:c7:17:ce:48:ae:d8:42:3a:4b:97:c7:5b:
68:7b:31:8f:da:15:25:0c:ce:da:f7:15:45:00:6d:
83:0f:98:01:37:c4:cf:55:6c:59:40:8f:f3:2e:03:
3e:01:00:8c:cd:bb:e4:06:a3:a6:55:56:8e:b8:cc:
0b:49:8b:a1:43:62:97:e4:6b:3e:28:15:48:12:85:
d7:0f:22:ce:00:f6:9e:33:82:65:32:ee:a7:8b:9e:
7f:c0:e6:8d:4e:c0:c4:20:6c:fd:30:64:f6:79:0f:
c7:a9:8d:91:85:8a:fa:56:35:e9:8f:0d:7c:49:63:
52:a2:e5:fc:58:0c:ab:c3:c2:68:2c:1e:7d:01:93:
f3:bb:ac:18:30:b8:0b:45:53:27:fe:60:83:23:8a:
55:a8:84:5e:17:b3:ee:a1:28:63:b8:5d:d0:4f:9a:
45:0f:7f:17:b5:56:8a:3b:e7:e9:d4:0a:91:d3:b7:
89:df:a3:ad:66:ae:c6:7f:17:22:1c:44:74:97:43:
f3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FE:9C:D9:7F:25:AD:FC:04:B0:A6:56:16:6A:4F:E8:F2:E2:6E:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21D8C7B63E3911F0A07B3EEADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/23
154.94.228.0/22
154.94.238.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:66:ec:08:aa:c1:0c:7f:91:03:91:d2:d3:3c:e0:95:1d:b0:
9a:d9:8b:27:59:cd:cd:c8:83:91:bd:a4:3b:d1:f0:06:35:ff:
94:15:8b:02:92:ce:68:2f:0e:35:55:14:9f:0f:be:72:9b:6a:
3e:e1:f0:d4:fa:d5:cb:83:2e:7d:9d:ca:6f:42:76:00:f8:b1:
9f:a6:86:6f:70:d4:71:b7:29:fa:2a:28:e7:d7:7f:c1:eb:70:
1d:e3:16:5c:26:0f:23:40:b1:ad:0f:e9:b7:55:9d:51:0e:cb:
da:26:1a:2d:47:73:69:be:6d:f2:4a:f5:8d:c7:ea:b7:b5:1e:
5d:37:ae:a2:c7:93:95:29:3c:7f:08:57:4b:47:fe:4f:1f:be:
b7:33:b3:fd:a8:22:09:2a:a5:46:04:fc:01:ea:33:3a:79:b2:
86:9b:e0:1e:3b:f1:4d:47:6f:4a:4c:7f:4b:fa:00:79:a8:e1:
cc:36:e4:3c:bd:8a:89:c5:e8:34:8e:0d:87:54:a4:41:4b:39:
0a:22:cd:29:32:f8:71:76:c9:e7:f8:f5:07:62:7f:41:eb:5b:
f3:8a:63:90:89:48:b9:92:27:57:9d:7b:0b:2a:6f:0e:95:60:
5a:cd:a3:0b:7d:cf:20:df:fa:cd:b9:ac:ff:4d:57:b1:22:02:
4e:37:1f:8b
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYQqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMxMTYwNTUxWhcNMjUwNzEwMTYwNTUxWjAYMRYw
FAYDVQQDEw02ODNiMjhlMy01YmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5CkThcsTU1DyxFKpKc/OmUn5UX6uxYN8953mC0BDqksPsU6RDdGrWKCy
W1A3xjT4HWGmrgeZInSLXcpPgozHF85IrthCOkuXx1toezGP2hUlDM7a9xVFAG2D
D5gBN8TPVWxZQI/zLgM+AQCMzbvkBqOmVVaOuMwLSYuhQ2KX5Gs+KBVIEoXXDyLO
APaeM4JlMu6ni55/wOaNTsDEIGz9MGT2eQ/HqY2RhYr6VjXpjw18SWNSouX8WAyr
w8JoLB59AZPzu6wYMLgLRVMn/mCDI4pVqIReF7PuoShjuF3QT5pFD38XtVaKO+fp
1AqR07eJ36OtZq7GfxciHER0l0PzcQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFHb+
nNl/Ja38BLCmVhZqT+jy4m5lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMUQ4QzdCNjNFMzkxMUYwQTA3QjNFRUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBml7gAwQCml7kAwQBml7u
MA0GCSqGSIb3DQEBCwUAA4IBAQCpZuwIqsEMf5EDkdLTPOCVHbCa2YsnWc3NyIOR
vaQ70fAGNf+UFYsCks5oLw41VRSfD75ym2o+4fDU+tXLgy59ncpvQnYA+LGfpoZv
cNRxtyn6Kijn13/B63Ad4xZcJg8jQLGtD+m3VZ1RDsvaJhotR3Npvm3ySvWNx+q3
tR5dN66ix5OVKTx/CFdLR/5PH763M7P9qCIJKqVGBPwB6jM6ebKGm+AeO/FNR29K
TH9L+gB5qOHMNuQ8vYqJxeg0jg2HVKRBSzkKIs0pMvhxdsnn+PUHYn9B61vzimOQ
iUi5kidXnXsLKm8OlWBazaMLfc8g3/rNuaz/TVexIgJONx+L
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:55:53 2025 by rpki-client