Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/45CABDD02FEA11F099C0EE89DAE4EC9C.roa
File: 45CABDD02FEA11F099C0EE89DAE4EC9C.roa (raw, json)
Hash identifier: 57z3RxLkAU0WGbvTeornUn9W7q9GoPEHrpw3hrKgMD0=
Subject key identifier: DC:72:90:43:1B:5F:2E:16:FF:02:8F:D3:A3:42:F2:F7:72:8C:50:B4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018056
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/45CABDD02FEA11F099C0EE89DAE4EC9C.roa
Signing time: Tue 13 May 2025 11:06:09 +0000
ROA not before: Tue 13 May 2025 11:06:04 +0000
ROA not after: Fri 13 Jun 2025 11:06:04 +0000
asID: 214432
IP address blocks: 154.193.208.0/24 maxlen: 24
154.193.209.0/24 maxlen: 24
154.193.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98390 (0x18056)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 13 11:06:04 2025 GMT
Not After : Jun 13 11:06:04 2025 GMT
Subject: CN=682327a1-39de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dc:a9:c0:7f:28:41:13:99:32:7c:37:7c:05:
a6:79:43:9f:0e:e2:5c:3c:21:28:f0:4d:2e:d0:fa:
8b:29:30:a6:ba:82:9c:72:18:49:bc:d9:3f:aa:7d:
ec:32:a9:28:7a:a9:b7:dd:a2:3a:95:3d:14:9e:dc:
30:52:f2:13:59:cc:8b:55:4f:33:60:bf:f3:15:a3:
f2:fd:8d:d5:77:13:4e:40:cf:9b:21:85:7c:a1:fa:
62:08:e5:e4:1d:5d:1d:27:98:b0:a5:3f:01:81:90:
20:43:a1:a4:d3:b3:24:d8:fe:60:fc:05:e6:5e:d2:
21:9a:6e:81:4c:21:06:44:f7:b4:c1:f6:ea:20:8c:
f4:95:e7:81:ae:30:cf:b7:38:bb:ef:a2:ab:aa:e0:
d2:61:d1:77:2c:fb:9a:99:a4:a5:a9:68:2c:03:d6:
7e:c5:ea:bd:a0:0d:ef:f2:50:46:22:53:fe:58:98:
82:04:eb:da:09:10:58:eb:42:2e:2b:2c:16:e4:d0:
64:b6:f4:25:25:56:88:6c:9d:fb:41:90:36:da:09:
b5:1a:28:ef:51:bf:02:fb:ae:fc:5e:5d:e4:ee:57:
61:71:d7:a2:f9:d6:67:07:1d:5c:89:56:92:cf:9c:
54:04:e3:be:66:75:72:32:82:71:7f:75:cd:75:48:
61:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:72:90:43:1B:5F:2E:16:FF:02:8F:D3:A3:42:F2:F7:72:8C:50:B4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/45CABDD02FEA11F099C0EE89DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.208.0-154.193.210.255
Signature Algorithm: sha256WithRSAEncryption
c5:c2:79:27:38:a0:5d:63:53:d2:79:34:90:7b:8c:fb:b1:5a:
1b:bf:15:ad:c4:c8:82:71:3e:3e:b1:06:11:d5:08:91:7d:01:
c4:1c:e3:04:d3:37:47:2c:93:7a:12:a3:7e:d5:ec:b7:07:6d:
c1:30:86:04:14:72:35:ec:a5:c2:a7:df:8c:ff:2c:3a:e5:c4:
d3:50:4e:9a:23:4f:05:45:d3:9e:62:e9:d1:f4:8a:37:76:db:
d7:e6:c7:c2:87:66:f3:07:f9:7f:43:8f:cd:bf:c1:98:78:74:
bb:4d:8b:3e:5a:16:dc:df:fa:1c:60:e5:5b:21:3c:da:a8:87:
2d:80:fb:f8:3f:d6:a7:2e:dc:69:51:19:8e:be:3f:bc:76:c6:
83:3c:cd:b5:73:c8:b6:9a:03:3f:cc:d7:e3:01:7b:3a:3b:35:
46:62:2e:fa:45:23:40:1f:b1:8e:9b:42:23:2a:7f:13:61:df:
b2:bd:83:17:4d:ad:1f:e9:75:e3:4d:ed:e8:e7:47:55:1e:37:
fc:54:9f:5c:b1:a6:f0:5f:58:39:a0:b7:58:d0:79:23:24:81:
92:70:f5:fd:7c:16:23:08:13:66:71:59:28:fb:6d:a5:d7:8a:
e5:3a:93:33:8e:ca:b4:ab:5e:17:50:a2:30:da:a2:1d:63:2b:
ba:b4:1a:d4
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYBWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEzMTEwNjA0WhcNMjUwNjEzMTEwNjA0WjAYMRYw
FAYDVQQDEw02ODIzMjdhMS0zOWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA09ypwH8oQROZMnw3fAWmeUOfDuJcPCEo8E0u0PqLKTCmuoKcchhJvNk/
qn3sMqkoeqm33aI6lT0UntwwUvITWcyLVU8zYL/zFaPy/Y3VdxNOQM+bIYV8ofpi
COXkHV0dJ5iwpT8BgZAgQ6Gk07Mk2P5g/AXmXtIhmm6BTCEGRPe0wfbqIIz0leeB
rjDPtzi776KrquDSYdF3LPuamaSlqWgsA9Z+xeq9oA3v8lBGIlP+WJiCBOvaCRBY
60IuKywW5NBktvQlJVaIbJ37QZA22gm1GijvUb8C+678Xl3k7ldhcdei+dZnBx1c
iVaSz5xUBOO+ZnVyMoJxf3XNdUhhmwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNxy
kEMbXy4W/wKP06NC8vdyjFC0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NUNBQkREMDJGRUExMUYwOTlDMEVFODlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASawdADBACawdIwDQYJ
KoZIhvcNAQELBQADggEBAMXCeSc4oF1jU9J5NJB7jPuxWhu/Fa3EyIJxPj6xBhHV
CJF9AcQc4wTTN0csk3oSo37V7LcHbcEwhgQUcjXspcKn34z/LDrlxNNQTpojTwVF
055i6dH0ijd229fmx8KHZvMH+X9Dj82/wZh4dLtNiz5aFtzf+hxg5VshPNqohy2A
+/g/1qcu3GlRGY6+P7x2xoM8zbVzyLaaAz/M1+MBezo7NUZiLvpFI0AfsY6bQiMq
fxNh37K9gxdNrR/pdeNN7ejnR1UeN/xUn1yxpvBfWDmgt1jQeSMkgZJw9f18FiMI
E2ZxWSj7baXXiuU6kzOOyrSrXhdQojDaoh1jK7q0GtQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:22:33 2025 by rpki-client