Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A3CB0F637E411F09FF749B7DAE4EC9C.roa
File: 4A3CB0F637E411F09FF749B7DAE4EC9C.roa (raw, json)
Hash identifier: WhIj3Nwtz6UGAT8oyQVjKi9GbsavemHor4YPjz4pgQQ=
Subject key identifier: 5A:BF:17:33:21:DC:47:39:CB:83:4E:71:D7:D6:C1:AD:0E:44:D5:3A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018219
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A3CB0F637E411F09FF749B7DAE4EC9C.roa
Signing time: Fri 23 May 2025 14:43:29 +0000
ROA not before: Fri 23 May 2025 14:43:24 +0000
ROA not after: Wed 03 Dec 2025 14:43:24 +0000
asID: 55720
IP address blocks: 154.91.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98841 (0x18219)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 14:43:24 2025 GMT
Not After : Dec 3 14:43:24 2025 GMT
Subject: CN=68308991-8115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c4:e2:8a:5c:dc:ad:ca:83:91:cf:7d:1a:b5:
5a:5a:a8:bf:94:7a:b2:40:1e:75:8e:25:dd:20:e2:
96:6b:00:2e:88:20:40:a6:a8:55:0b:05:60:4b:52:
f2:da:db:2f:5f:8e:5e:e6:f6:d4:76:ff:45:e7:99:
4c:7f:fa:ed:02:e9:d5:82:70:77:34:6b:a4:f8:c7:
9b:d0:09:db:d6:53:59:23:e8:4e:68:79:70:6c:84:
bd:16:b8:a3:a8:c9:79:2c:dc:50:2a:2c:ad:02:7b:
a1:a8:25:52:c0:a9:30:11:8c:22:6f:31:36:c0:7e:
23:6b:9e:c8:d6:92:ca:eb:ab:d5:7b:d1:71:bb:20:
cb:f5:03:aa:bf:54:31:97:07:ce:9d:ce:b8:13:92:
90:57:7c:96:81:6e:e4:dc:eb:76:c9:c4:84:f7:94:
dc:ec:c1:c8:52:5b:a8:39:29:4a:a8:75:fa:50:ca:
a4:15:4c:04:89:68:56:7d:b4:a1:15:3d:5e:aa:e8:
31:2b:34:ec:56:dc:73:90:6e:00:40:77:5f:b7:8a:
b9:dc:e3:c1:8e:ae:c2:0b:d0:4b:b6:6f:29:10:ff:
7d:89:6c:be:8b:f0:72:76:28:e8:1c:11:e7:00:86:
63:3a:96:ed:23:ad:7d:08:e8:fa:4f:f0:68:0b:d9:
99:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BF:17:33:21:DC:47:39:CB:83:4E:71:D7:D6:C1:AD:0E:44:D5:3A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A3CB0F637E411F09FF749B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.146.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:4e:e4:39:17:34:dd:83:ae:5c:8c:79:19:c7:c5:06:0b:30:
22:aa:11:86:48:1d:04:21:5c:72:6e:7e:ea:0f:04:da:e8:03:
97:94:e1:11:65:63:95:1d:61:28:9f:55:00:85:74:3e:93:77:
0b:0b:86:bd:19:81:49:34:67:32:1a:40:c8:30:15:74:d2:52:
e3:d7:7a:b2:b5:eb:64:de:42:ef:d4:c1:ba:ca:20:6c:db:a3:
3c:53:12:3f:40:f4:92:47:a1:e5:1b:d4:80:cb:e6:c0:33:f7:
98:49:fc:33:40:81:e5:1c:c1:32:9a:9c:1b:3c:b1:10:aa:fe:
84:66:fe:b0:57:11:2f:ff:ce:d7:54:80:48:d1:49:9f:ec:71:
28:c2:82:d3:8f:ef:18:d9:0c:96:4e:79:16:0b:ad:ef:12:cc:
7b:af:79:05:02:f8:c1:3e:4a:dd:bf:5c:ed:f6:e9:94:c0:06:
3e:08:43:be:f0:36:33:0d:58:af:d0:2a:68:1d:d1:40:cf:13:
db:5e:97:a1:36:74:71:4b:31:02:82:32:d2:88:8b:47:bd:11:
2a:5a:d6:ec:23:ba:72:db:47:22:67:b2:0e:30:6a:6e:06:13:
84:26:5c:b4:1b:af:26:a0:cd:4b:17:2d:93:f8:6b:6d:c1:3a:
f8:47:18:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYIZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMTQ0MzI0WhcNMjUxMjAzMTQ0MzI0WjAYMRYw
FAYDVQQDEw02ODMwODk5MS04MTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAncTiilzcrcqDkc99GrVaWqi/lHqyQB51jiXdIOKWawAuiCBApqhVCwVg
S1Ly2tsvX45e5vbUdv9F55lMf/rtAunVgnB3NGuk+Meb0Anb1lNZI+hOaHlwbIS9
FrijqMl5LNxQKiytAnuhqCVSwKkwEYwibzE2wH4ja57I1pLK66vVe9FxuyDL9QOq
v1QxlwfOnc64E5KQV3yWgW7k3Ot2ycSE95Tc7MHIUluoOSlKqHX6UMqkFUwEiWhW
fbShFT1equgxKzTsVtxzkG4AQHdft4q53OPBjq7CC9BLtm8pEP99iWy+i/Bydijo
HBHnAIZjOpbtI619COj6T/BoC9mZzwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFq/
FzMh3Ec5y4NOcdfWwa0ORNU6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QTNDQjBGNjM3RTQxMUYwOUZGNzQ5QjdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmluSMA0GCSqGSIb3DQEB
CwUAA4IBAQDOTuQ5FzTdg65cjHkZx8UGCzAiqhGGSB0EIVxybn7qDwTa6AOXlOER
ZWOVHWEon1UAhXQ+k3cLC4a9GYFJNGcyGkDIMBV00lLj13qytetk3kLv1MG6yiBs
26M8UxI/QPSSR6HlG9SAy+bAM/eYSfwzQIHlHMEympwbPLEQqv6EZv6wVxEv/87X
VIBI0Umf7HEowoLTj+8Y2QyWTnkWC63vEsx7r3kFAvjBPkrdv1zt9umUwAY+CEO+
8DYzDViv0CpoHdFAzxPbXpehNnRxSzECgjLSiItHvREqWtbsI7py20ciZ7IOMGpu
BhOEJly0G68moM1LFy2T+GttwTr4RxiE
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:03:30 2025 by rpki-client