Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/345B2F7437D511F0B771D0D6DAE4EC9C.roa
File: 345B2F7437D511F0B771D0D6DAE4EC9C.roa (raw, json)
Hash identifier: 6sL/HRvyAzpGtPffXKTprCJvQmWUM49kmT5zGTjDXEA=
Subject key identifier: 8E:83:A5:A4:0B:36:91:74:E5:53:44:AC:04:7B:0D:09:E5:C8:B2:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018209
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/345B2F7437D511F0B771D0D6DAE4EC9C.roa
Signing time: Fri 23 May 2025 12:55:30 +0000
ROA not before: Fri 23 May 2025 12:55:25 +0000
ROA not after: Fri 27 Jun 2025 12:55:25 +0000
asID: 137899
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98825 (0x18209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 12:55:25 2025 GMT
Not After : Jun 27 12:55:25 2025 GMT
Subject: CN=68307042-da36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d8:c6:e7:fd:b7:fb:b8:dc:bf:fa:83:27:c8:
f0:f6:68:3a:88:79:4c:d6:a4:08:46:7d:43:c5:ca:
2d:6f:41:8a:8b:6e:c1:37:29:b7:a3:2f:fc:78:0d:
28:29:66:c3:d2:79:71:73:31:e1:7e:46:59:ce:63:
3d:a6:be:04:63:22:c8:d3:b2:ba:b4:d4:06:22:51:
a5:b2:a1:6c:ae:08:62:0f:25:15:83:5e:e1:79:56:
a5:5a:23:5a:4b:f2:c8:11:b9:68:f6:6d:d2:c6:49:
42:55:6e:b0:5b:e7:46:55:4a:96:32:4b:89:06:63:
92:80:dd:6c:26:4c:43:3e:86:ce:e3:d8:a1:e2:54:
a7:ae:5f:17:ce:d4:52:ab:cd:f4:7e:05:57:14:2b:
1a:1e:96:c8:51:1a:93:e9:24:09:43:43:76:b9:31:
f4:80:f3:eb:ac:ee:cb:c0:45:14:ba:3e:8c:38:7f:
5e:6f:7d:dd:dc:2a:85:d0:a8:21:93:fb:7d:52:f3:
70:d3:b8:ad:ce:1f:e7:c8:ca:fa:71:ee:5a:dc:86:
ba:63:67:5d:4c:2a:0e:21:de:e3:7b:ec:a8:d5:3b:
ce:fb:00:29:61:fd:36:d8:6e:ad:66:84:f4:fe:86:
88:65:5d:fa:9d:43:25:fc:16:6f:56:76:be:fc:6e:
8e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:83:A5:A4:0B:36:91:74:E5:53:44:AC:04:7B:0D:09:E5:C8:B2:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/345B2F7437D511F0B771D0D6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
9f:3d:b5:4a:66:14:68:39:56:64:12:a2:1d:93:d8:ef:35:d9:
6a:a9:66:b9:7d:a7:06:19:ee:4b:13:07:b4:fc:68:c1:43:7f:
b1:79:d2:c5:a9:fa:fe:52:3d:09:d5:47:03:7f:a4:c6:0c:00:
a2:0e:33:e9:24:fc:25:5b:ac:15:9b:1a:46:0e:d4:d1:21:8e:
88:ed:c6:33:c4:1a:b0:5d:43:58:78:7c:b5:e0:73:81:06:fd:
78:a1:77:7c:9d:75:4a:30:39:a8:6e:50:f9:82:4a:eb:3d:e0:
e2:43:fd:7b:53:13:ed:08:9a:ce:fd:bd:f2:9b:4f:5e:a8:76:
a6:8f:2f:0a:ec:46:59:97:96:e5:f8:41:51:64:77:1a:07:e5:
b3:35:82:ce:e5:e5:5f:91:b9:1d:b4:09:5a:cb:3c:25:35:24:
b5:77:a6:4d:d9:86:02:e7:de:96:62:74:e5:ba:fa:14:05:0a:
50:c1:80:ec:30:9e:e0:30:2d:f4:56:e8:9e:16:fa:7d:1a:40:
12:80:93:3a:7d:36:75:d5:24:c6:91:6a:26:16:36:00:3f:82:
96:5a:cb:5d:57:0f:8f:54:f9:c9:be:cf:7c:f7:a5:e2:3d:c6:
01:f3:6f:ba:00:06:7a:eb:5f:df:f5:f0:81:ea:c3:a4:20:03:
f4:1d:89:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYIJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMTI1NTI1WhcNMjUwNjI3MTI1NTI1WjAYMRYw
FAYDVQQDEw02ODMwNzA0Mi1kYTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2djG5/23+7jcv/qDJ8jw9mg6iHlM1qQIRn1Dxcotb0GKi27BNym3oy/8
eA0oKWbD0nlxczHhfkZZzmM9pr4EYyLI07K6tNQGIlGlsqFsrghiDyUVg17heVal
WiNaS/LIEblo9m3SxklCVW6wW+dGVUqWMkuJBmOSgN1sJkxDPobO49ih4lSnrl8X
ztRSq830fgVXFCsaHpbIURqT6SQJQ0N2uTH0gPPrrO7LwEUUuj6MOH9eb33d3CqF
0Kghk/t9UvNw07itzh/nyMr6ce5a3Ia6Y2ddTCoOId7je+yo1TvO+wApYf022G6t
ZoT0/oaIZV36nUMl/BZvVna+/G6OQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI6D
paQLNpF05VNErAR7DQnlyLJrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNDVCMkY3NDM3RDUxMUYwQjc3MUQwRDZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQCfPbVKZhRoOVZkEqIdk9jvNdlqqWa5facGGe5LEwe0/GjBQ3+xedLF
qfr+Uj0J1UcDf6TGDACiDjPpJPwlW6wVmxpGDtTRIY6I7cYzxBqwXUNYeHy14HOB
Bv14oXd8nXVKMDmoblD5gkrrPeDiQ/17UxPtCJrO/b3ym09eqHamjy8K7EZZl5bl
+EFRZHcaB+WzNYLO5eVfkbkdtAlayzwlNSS1d6ZN2YYC596WYnTluvoUBQpQwYDs
MJ7gMC30VuieFvp9GkASgJM6fTZ11STGkWomFjYAP4KWWstdVw+PVPnJvs9896Xi
PcYB82+6AAZ661/f9fCB6sOkIAP0HYka
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:31:41 2025 by rpki-client