Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/57661692355411F094AB8DC7DAE4EC9C.roa
File: 57661692355411F094AB8DC7DAE4EC9C.roa (raw, json)
Hash identifier: NG3vs4Kt0nA5eDUrO6wtea8yDFFaK8K5wMIYy/3hkxw=
Subject key identifier: 39:01:EB:10:7E:93:26:89:20:3C:D2:6D:4B:04:D5:60:0E:66:7C:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01818F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/57661692355411F094AB8DC7DAE4EC9C.roa
Signing time: Tue 20 May 2025 08:28:01 +0000
ROA not before: Tue 20 May 2025 08:27:57 +0000
ROA not after: Thu 26 Jun 2025 08:27:57 +0000
asID: 150698
IP address blocks: 154.197.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 10 Jun 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98703 (0x1818f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 20 08:27:57 2025 GMT
Not After : Jun 26 08:27:57 2025 GMT
Subject: CN=682c3d11-71ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:72:d5:e1:cf:95:70:24:2e:f7:fe:68:11:12:
64:72:a9:2a:6b:d1:a0:25:56:f9:a0:b6:97:ef:3f:
37:10:f6:f1:62:c0:4c:cd:cb:df:41:b9:c0:56:7c:
a0:a4:e0:a7:f8:72:b8:50:3f:27:08:2f:3e:b9:66:
02:f3:eb:d4:a7:88:0b:1a:01:e9:bc:3b:06:64:ed:
2c:75:9c:81:51:c1:41:40:09:f4:00:3e:79:db:10:
d2:bc:f2:cf:c0:c4:98:d5:ce:45:b3:38:f8:16:9c:
1a:a1:3b:2c:59:0f:d6:54:cd:7b:20:cd:f4:8e:31:
01:1a:02:0f:2f:c4:c1:10:95:91:35:e1:97:d4:49:
ea:f4:31:1e:10:84:69:47:61:ba:6c:e9:61:4b:2e:
c2:50:2c:eb:55:89:0b:ef:cc:0c:64:16:73:f2:79:
f0:d8:b8:2c:c4:87:af:40:9d:11:cf:37:3e:fd:97:
9f:88:14:0f:d7:b4:1e:c5:0d:86:4f:c9:13:ee:c7:
3c:d9:47:54:c7:79:67:b5:93:4c:96:26:ef:c6:3d:
34:48:15:2d:b7:01:56:3d:00:60:d5:ac:f2:d8:37:
88:0e:26:52:cd:f9:77:d2:f7:f5:99:0d:92:4e:39:
66:16:68:a8:1e:20:f2:2a:2c:3a:c0:03:90:ee:b1:
f4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:01:EB:10:7E:93:26:89:20:3C:D2:6D:4B:04:D5:60:0E:66:7C:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/57661692355411F094AB8DC7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.119.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:d2:aa:b3:96:5d:b0:e0:aa:12:24:26:fd:5d:67:3c:26:83:
26:0b:af:07:de:f5:42:d5:9f:ba:74:e7:2f:da:d9:77:52:2f:
24:51:0e:aa:3e:c4:be:14:3b:87:3c:1d:8c:4b:73:f5:3e:4e:
77:c6:c9:91:d9:37:84:3d:b9:6b:80:c7:e3:ec:f8:1b:f3:e3:
af:e0:b9:4d:ce:2f:5e:95:c1:77:ff:fc:ac:87:6d:9d:14:81:
06:8d:a0:20:f9:fc:17:00:a1:55:b6:65:48:15:e4:f1:28:4d:
75:2a:7e:4b:f2:6b:4f:67:f5:28:db:4b:82:3f:b8:e1:f3:bc:
08:20:e7:2b:df:5c:3a:4b:c2:e8:bc:64:2a:0c:3b:7b:8d:39:
54:86:9e:77:ba:08:56:b4:82:7e:da:a7:a0:fb:e0:61:58:80:
f1:dc:4b:71:5f:e5:53:8f:79:cf:0f:4f:bc:5e:b1:c1:d1:79:
ae:44:5c:4a:5d:9d:d6:3e:3e:d6:d0:f8:43:1e:6d:c9:eb:16:
a7:ee:c8:53:08:58:c4:ee:80:65:12:bd:e9:a0:61:12:57:4e:
eb:06:58:e5:d9:77:d8:b8:14:66:3d:34:07:93:99:82:95:85:
b2:ff:e1:2e:26:c7:fe:d0:25:80:62:42:d7:8e:e1:db:36:b5:
c0:71:9b:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYGPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIwMDgyNzU3WhcNMjUwNjI2MDgyNzU3WjAYMRYw
FAYDVQQDEw02ODJjM2QxMS03MWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw3LV4c+VcCQu9/5oERJkcqkqa9GgJVb5oLaX7z83EPbxYsBMzcvfQbnA
VnygpOCn+HK4UD8nCC8+uWYC8+vUp4gLGgHpvDsGZO0sdZyBUcFBQAn0AD552xDS
vPLPwMSY1c5Fszj4FpwaoTssWQ/WVM17IM30jjEBGgIPL8TBEJWRNeGX1Enq9DEe
EIRpR2G6bOlhSy7CUCzrVYkL78wMZBZz8nnw2LgsxIevQJ0Rzzc+/ZefiBQP17Qe
xQ2GT8kT7sc82UdUx3lntZNMlibvxj00SBUttwFWPQBg1azy2DeIDiZSzfl30vf1
mQ2STjlmFmioHiDyKiw6wAOQ7rH0lwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDkB
6xB+kyaJIDzSbUsE1WAOZnzdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NzY2MTY5MjM1NTQxMUYwOTRBQjhEQzdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsV3MA0GCSqGSIb3DQEB
CwUAA4IBAQBv0qqzll2w4KoSJCb9XWc8JoMmC68H3vVC1Z+6dOcv2tl3Ui8kUQ6q
PsS+FDuHPB2MS3P1Pk53xsmR2TeEPblrgMfj7Pgb8+Ov4LlNzi9elcF3//ysh22d
FIEGjaAg+fwXAKFVtmVIFeTxKE11Kn5L8mtPZ/Uo20uCP7jh87wIIOcr31w6S8Lo
vGQqDDt7jTlUhp53ughWtIJ+2qeg++BhWIDx3EtxX+VTj3nPD0+8XrHB0XmuRFxK
XZ3WPj7W0PhDHm3J6xan7shTCFjE7oBlEr3poGESV07rBljl2XfYuBRmPTQHk5mC
lYWy/+EuJsf+0CWAYkLXjuHbNrXAcZt0
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:01:36 2025 by rpki-client