Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EF0B4723BDB11F086F52789DAE4EC9C.roa
File: 3EF0B4723BDB11F086F52789DAE4EC9C.roa (raw, json)
Hash identifier: W0CheAIVzccqpBufyZVZnFcrRqpyhwmeRkrPB/RmvRA=
Subject key identifier: 12:75:FD:70:E3:84:6D:5F:F4:32:D0:28:D0:F3:88:39:4C:4B:06:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018392
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EF0B4723BDB11F086F52789DAE4EC9C.roa
Signing time: Wed 28 May 2025 15:48:49 +0000
ROA not before: Wed 28 May 2025 15:48:44 +0000
ROA not after: Sun 08 Jun 2025 15:48:44 +0000
asID: 399077
IP address blocks: 154.91.97.0/24 maxlen: 24
154.91.98.0/24 maxlen: 24
154.91.99.0/24 maxlen: 24
154.91.100.0/24 maxlen: 24
154.91.101.0/24 maxlen: 24
154.91.102.0/24 maxlen: 24
154.91.103.0/24 maxlen: 24
154.91.104.0/24 maxlen: 24
154.91.105.0/24 maxlen: 24
154.91.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 15:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99218 (0x18392)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 15:48:44 2025 GMT
Not After : Jun 8 15:48:44 2025 GMT
Subject: CN=68373061-0665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c1:c8:13:fb:77:99:5a:25:2f:5e:3f:2f:41:
37:94:a4:67:d4:8c:b7:61:cc:a0:84:29:5d:49:c0:
ad:24:fc:dd:94:d1:96:93:a1:a0:24:9f:bc:d7:45:
75:2e:2e:aa:86:30:ef:a7:f0:80:d0:71:0c:e9:08:
08:79:52:3e:de:28:4a:76:b4:40:c4:66:56:43:53:
37:13:67:ed:34:a3:76:11:08:bf:b0:be:6d:1f:af:
b3:43:54:50:d6:6f:35:22:ce:61:b9:25:8e:61:b8:
57:c9:e9:7a:9b:e1:ed:9f:a2:d5:f1:ff:c3:b2:8f:
16:50:92:6e:b4:6e:27:80:d2:5c:15:49:a9:98:63:
0c:4e:e4:ce:fc:fd:5c:6f:bb:4a:db:2a:66:22:b0:
a9:af:12:76:50:9d:60:50:0a:f8:8e:54:85:56:36:
90:4d:88:ff:7d:5a:99:7f:ed:1d:c7:d8:8f:a1:1a:
72:ab:c7:03:49:9a:97:5b:eb:3f:28:62:cd:63:a8:
42:30:52:19:34:5c:af:05:e9:a0:c1:c0:be:24:3d:
a3:ce:8a:e9:98:ae:75:c5:a5:f3:19:33:e6:4b:14:
c9:87:58:56:35:d2:db:9b:6b:1e:45:e9:50:ec:2b:
ef:27:b2:25:05:3a:e6:a3:0b:0a:5e:82:7e:35:50:
95:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:75:FD:70:E3:84:6D:5F:F4:32:D0:28:D0:F3:88:39:4C:4B:06:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EF0B4723BDB11F086F52789DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.97.0-154.91.106.255
Signature Algorithm: sha256WithRSAEncryption
91:51:b4:22:dc:b1:40:7f:86:06:25:fa:df:c8:ed:46:c8:8c:
84:d4:bd:47:bb:06:7c:ea:94:8a:12:b0:7c:63:37:6d:19:92:
9c:6a:64:2a:74:ad:d4:af:79:53:ad:99:bb:84:9c:84:69:aa:
c5:89:89:f5:d2:56:27:b4:26:01:4e:fc:00:76:3f:a4:43:55:
f1:52:08:aa:74:aa:66:1b:45:1e:36:0a:73:17:e3:ce:c4:f5:
bb:28:9a:ba:46:21:c7:fa:e4:04:b1:d3:6c:d0:6c:ba:be:5b:
d8:1c:d2:49:13:f9:6e:10:53:55:31:95:a8:52:52:c6:3b:b3:
64:4f:af:fb:6c:4a:9a:9c:20:4a:2c:0b:a4:c1:e5:79:39:e0:
89:0d:30:be:23:67:43:05:eb:74:a8:c8:f4:82:d2:db:59:1d:
29:14:2b:60:5a:fb:4d:1f:9d:e7:d0:1e:3d:71:a6:8a:7a:88:
92:dc:8a:ae:8f:58:19:27:3e:a7:c3:a3:60:6f:63:7d:d9:a7:
e1:25:01:f5:d4:d6:7f:dd:63:a6:97:6c:14:5f:e3:70:48:7c:
63:d9:67:14:d3:1c:a4:23:25:3e:07:7a:80:df:82:aa:26:0b:
cf:f2:e8:02:c3:ee:69:92:61:23:41:43:e7:ee:13:d3:60:9c:
4c:13:bc:f1
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYOSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTU0ODQ0WhcNMjUwNjA4MTU0ODQ0WjAYMRYw
FAYDVQQDEw02ODM3MzA2MS0wNjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxMHIE/t3mVolL14/L0E3lKRn1Iy3YcyghCldScCtJPzdlNGWk6GgJJ+8
10V1Li6qhjDvp/CA0HEM6QgIeVI+3ihKdrRAxGZWQ1M3E2ftNKN2EQi/sL5tH6+z
Q1RQ1m81Is5huSWOYbhXyel6m+Htn6LV8f/Dso8WUJJutG4ngNJcFUmpmGMMTuTO
/P1cb7tK2ypmIrCprxJ2UJ1gUAr4jlSFVjaQTYj/fVqZf+0dx9iPoRpyq8cDSZqX
W+s/KGLNY6hCMFIZNFyvBemgwcC+JD2jzorpmK51xaXzGTPmSxTJh1hWNdLbm2se
RelQ7CvvJ7IlBTrmowsKXoJ+NVCVHQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFBJ1
/XDjhG1f9DLQKNDziDlMSwZIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRUYwQjQ3MjNCREIxMUYwODZGNTI3ODlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaW2EDBACaW2owDQYJ
KoZIhvcNAQELBQADggEBAJFRtCLcsUB/hgYl+t/I7UbIjITUvUe7BnzqlIoSsHxj
N20ZkpxqZCp0rdSveVOtmbuEnIRpqsWJifXSVie0JgFO/AB2P6RDVfFSCKp0qmYb
RR42CnMX487E9bsomrpGIcf65ASx02zQbLq+W9gc0kkT+W4QU1UxlahSUsY7s2RP
r/tsSpqcIEosC6TB5Xk54IkNML4jZ0MF63SoyPSC0ttZHSkUK2Ba+00fnefQHj1x
pop6iJLciq6PWBknPqfDo2BvY33Zp+ElAfXU1n/dY6aXbBRf43BIfGPZZxTTHKQj
JT4HeoDfgqomC8/y6ALD7mmSYSNBQ+fuE9NgnEwTvPE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:52:38 2025 by rpki-client