Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/398C2B5E3E3511F085C6E0D1DAE4EC9C.roa
File: 398C2B5E3E3511F085C6E0D1DAE4EC9C.roa (raw, json)
Hash identifier: S6x7e5c1Nz8RHzgKVa7vlHdlIgk7CsxX+ncymXAQ0Sg=
Subject key identifier: 9F:6F:35:EA:DE:81:B0:55:43:ED:DE:CB:FB:9B:31:80:F5:2D:60:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018424
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/398C2B5E3E3511F085C6E0D1DAE4EC9C.roa
Signing time: Sat 31 May 2025 15:37:57 +0000
ROA not before: Sat 31 May 2025 15:37:52 +0000
ROA not after: Thu 10 Jul 2025 15:37:52 +0000
asID: 137899
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99364 (0x18424)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 31 15:37:52 2025 GMT
Not After : Jul 10 15:37:52 2025 GMT
Subject: CN=683b2255-6ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f6:b5:39:2d:58:ca:88:12:9f:e5:fe:9e:21:
b4:a3:e9:f5:74:61:9a:e2:04:ff:91:d6:ba:c1:ab:
dc:2a:3c:61:f1:85:1b:04:cc:3e:de:6b:7c:1a:44:
f7:9a:06:18:c9:49:ce:20:ff:e3:87:5a:90:7c:73:
53:8b:ed:de:e1:ef:f1:8f:7d:6f:4b:03:31:77:fb:
f5:bf:8f:d4:4f:88:75:6e:3f:75:b5:a8:45:82:ab:
72:50:93:bf:62:81:17:ae:aa:36:8a:25:7e:68:91:
fb:e5:2c:67:bf:5c:98:98:bc:5a:9f:96:78:58:56:
3c:c3:47:04:ca:3d:7e:cd:d7:83:05:97:2b:58:32:
1d:e3:6f:9b:b0:66:66:6b:61:0b:c2:88:8c:ba:ec:
a8:69:2f:97:84:63:44:b7:2d:da:d1:9f:1a:b5:08:
55:d3:2a:b3:ce:53:97:af:ee:9d:9c:76:c7:01:c7:
a7:2b:a1:b0:9c:a6:fb:cc:53:23:44:72:d4:2a:d7:
7e:9d:81:ea:93:08:5c:82:0c:b7:d0:bc:6a:4e:84:
5f:66:94:85:eb:42:2e:c2:b4:23:a9:17:af:43:53:
7f:6a:bd:d8:03:15:9e:d8:b3:e0:3c:62:aa:ce:49:
b4:9e:5d:91:8b:86:1b:1b:07:08:f1:69:34:a2:ac:
29:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6F:35:EA:DE:81:B0:55:43:ED:DE:CB:FB:9B:31:80:F5:2D:60:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/398C2B5E3E3511F085C6E0D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
d1:3b:c2:0e:6c:9f:04:23:de:6e:f2:6c:28:36:a2:d5:ba:23:
ab:34:67:fd:7b:b8:bb:a9:41:c4:04:1a:87:40:88:28:bf:9e:
f4:37:23:cb:93:d2:cd:44:4f:d3:88:d7:97:31:08:86:d7:ab:
50:b4:0f:93:3b:51:11:4f:f4:ce:4b:ba:70:2d:4b:01:3c:41:
f9:74:e5:94:66:da:47:2e:17:ab:26:7e:b3:be:22:fb:d8:39:
3a:a0:a7:c1:a2:47:92:b4:4e:88:89:e5:ac:48:db:42:50:51:
bb:71:c5:ee:ee:3e:30:2c:79:8f:be:58:c3:50:aa:a6:24:24:
8f:64:2d:71:0a:95:0e:97:5a:7d:48:78:8f:a2:43:69:9e:9b:
a1:49:09:19:12:04:8e:91:c1:0b:4a:8a:46:d3:05:a0:bd:fc:
db:a0:3e:6d:f4:3d:89:cd:cd:c4:87:56:85:99:6d:6f:01:f8:
f3:ea:cf:6c:c8:dd:ac:e1:a8:77:b5:7d:a3:17:7c:eb:f9:1c:
04:72:d9:32:07:7e:19:f1:4b:8a:fc:07:31:ed:fa:a1:1a:45:
78:22:4c:09:68:45:3a:30:66:9d:08:42:d8:6f:03:b9:9e:89:
e8:eb:73:b3:bb:ef:92:6d:11:84:77:3d:87:35:05:c9:ca:2c:
cc:d2:7a:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYQkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMxMTUzNzUyWhcNMjUwNzEwMTUzNzUyWjAYMRYw
FAYDVQQDEw02ODNiMjI1NS02ZWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnfa1OS1YyogSn+X+niG0o+n1dGGa4gT/kda6wavcKjxh8YUbBMw+3mt8
GkT3mgYYyUnOIP/jh1qQfHNTi+3e4e/xj31vSwMxd/v1v4/UT4h1bj91tahFgqty
UJO/YoEXrqo2iiV+aJH75Sxnv1yYmLxan5Z4WFY8w0cEyj1+zdeDBZcrWDId42+b
sGZma2ELwoiMuuyoaS+XhGNEty3a0Z8atQhV0yqzzlOXr+6dnHbHAcenK6GwnKb7
zFMjRHLUKtd+nYHqkwhcggy30LxqToRfZpSF60IuwrQjqRevQ1N/ar3YAxWe2LPg
PGKqzkm0nl2Ri4YbGwcI8Wk0oqwp0QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ9v
NeregbBVQ+3ey/ubMYD1LWCEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOThDMkI1RTNFMzUxMUYwODVDNkUwRDFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQDRO8IObJ8EI95u8mwoNqLVuiOrNGf9e7i7qUHEBBqHQIgov570NyPL
k9LNRE/TiNeXMQiG16tQtA+TO1ERT/TOS7pwLUsBPEH5dOWUZtpHLherJn6zviL7
2Dk6oKfBokeStE6IieWsSNtCUFG7ccXu7j4wLHmPvljDUKqmJCSPZC1xCpUOl1p9
SHiPokNpnpuhSQkZEgSOkcELSopG0wWgvfzboD5t9D2Jzc3Eh1aFmW1vAfjz6s9s
yN2s4ah3tX2jF3zr+RwEctkyB34Z8UuK/Acx7fqhGkV4IkwJaEU6MGadCELYbwO5
nono63Ozu++SbRGEdz2HNQXJyizM0nq2
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:13:43 2025 by rpki-client