Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5ABEB79C3F8E11F09806AF9CDAE4EC9C.roa
File: 5ABEB79C3F8E11F09806AF9CDAE4EC9C.roa (raw, json)
Hash identifier: soktwFDiWvI2tbJ1wSzIPTRvaOVBlAp3qASvjZgxcYY=
Subject key identifier: 20:EB:CE:95:D5:82:2D:7F:CE:4F:7C:95:E7:3F:CE:FC:D1:BC:AD:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018448
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5ABEB79C3F8E11F09806AF9CDAE4EC9C.roa
Signing time: Mon 02 Jun 2025 08:48:29 +0000
ROA not before: Mon 02 Jun 2025 08:48:24 +0000
ROA not after: Sun 08 Jun 2025 08:48:24 +0000
asID: 132839
IP address blocks: 154.195.192.0/19 maxlen: 24
154.195.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99400 (0x18448)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 2 08:48:24 2025 GMT
Not After : Jun 8 08:48:24 2025 GMT
Subject: CN=683d655d-31a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f1:02:bd:03:ec:5d:ab:aa:c9:85:2e:ea:00:
9d:9c:1e:af:08:6d:2e:75:cf:23:4b:b0:20:77:63:
a8:20:6b:b9:d9:58:a1:c2:56:64:6e:85:06:36:04:
86:16:77:01:4a:32:6e:8f:31:48:40:77:f5:0e:dc:
45:d0:5e:c6:70:e6:a3:b4:6e:8c:62:02:61:3d:71:
88:fc:aa:c9:9e:1a:d3:dd:cf:29:d5:62:e6:ce:5a:
2d:b9:d8:ee:f9:50:5c:83:9d:67:27:9f:56:3d:4c:
91:7a:8a:c2:7d:2c:17:99:37:6f:64:f1:3c:c3:4d:
c0:b6:84:f7:03:4a:c7:ea:9e:76:59:8a:61:7a:ae:
da:5b:e1:c4:41:b9:61:9d:76:2c:85:51:8a:fd:7b:
3b:30:bc:79:b3:ed:71:a3:57:69:7e:c7:e3:89:35:
dc:bc:32:26:79:bf:56:1e:41:24:48:19:8d:14:b9:
02:53:1d:20:cf:21:39:ce:58:3e:05:9f:af:c5:15:
35:d7:c8:25:31:05:35:5a:86:ce:a0:5f:fe:5c:2d:
f0:49:75:09:cf:5a:e2:50:66:09:ff:28:ba:65:a3:
5a:f1:6b:84:0b:02:53:26:c8:ea:bc:83:dd:b0:b9:
b2:71:12:4d:7d:83:22:c3:ed:f4:a8:1e:c8:5e:d9:
cd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:EB:CE:95:D5:82:2D:7F:CE:4F:7C:95:E7:3F:CE:FC:D1:BC:AD:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5ABEB79C3F8E11F09806AF9CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.192.0/18
Signature Algorithm: sha256WithRSAEncryption
95:f2:cd:6e:07:50:3d:84:7e:7b:df:7f:9d:ca:b0:4f:d1:6a:
d5:8c:ee:37:3a:19:ab:c3:72:d9:71:07:73:f1:91:91:0f:ef:
03:f5:cb:74:6e:98:5c:d4:aa:8e:5f:67:7e:cd:15:69:86:87:
8d:29:3d:3d:ea:41:79:8b:9e:9c:6f:df:b8:a2:1f:11:2b:d2:
a2:6d:b4:cf:67:61:70:d8:85:cd:1d:26:1d:aa:40:ff:43:d5:
c2:3d:2b:fa:2a:32:1e:34:68:d4:d1:2a:31:ae:d2:26:a6:f7:
72:7b:ce:e7:3b:55:8c:f8:7f:56:af:23:c0:bd:a5:06:ee:0f:
48:6d:1f:cc:0e:07:bc:3e:03:b9:68:e1:07:61:92:93:2f:0c:
5a:85:a2:d9:02:aa:37:a0:46:2a:bc:0d:cf:51:bd:91:7b:9f:
56:06:07:11:fa:13:96:1b:77:74:78:ac:ee:93:93:ac:7e:77:
ff:4a:2d:92:7c:7c:25:0e:7f:67:18:78:3f:6b:8f:b4:40:be:
5d:12:dd:e1:f5:8c:9a:91:c1:6e:c2:c7:0c:d5:da:61:8f:28:
d4:ef:63:ce:f9:e7:a3:be:f0:b2:1f:e3:d0:05:e5:ce:4c:24:
38:17:af:2b:6d:f2:c6:9a:71:1a:cb:c7:95:20:5b:46:d2:43:
64:63:0c:6b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYRIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjAyMDg0ODI0WhcNMjUwNjA4MDg0ODI0WjAYMRYw
FAYDVQQDEw02ODNkNjU1ZC0zMWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmPECvQPsXauqyYUu6gCdnB6vCG0udc8jS7Agd2OoIGu52VihwlZkboUG
NgSGFncBSjJujzFIQHf1DtxF0F7GcOajtG6MYgJhPXGI/KrJnhrT3c8p1WLmzlot
udju+VBcg51nJ59WPUyReorCfSwXmTdvZPE8w03AtoT3A0rH6p52WYpheq7aW+HE
QblhnXYshVGK/Xs7MLx5s+1xo1dpfsfjiTXcvDImeb9WHkEkSBmNFLkCUx0gzyE5
zlg+BZ+vxRU118glMQU1WobOoF/+XC3wSXUJz1riUGYJ/yi6ZaNa8WuECwJTJsjq
vIPdsLmycRJNfYMiw+30qB7IXtnNuQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCDr
zpXVgi1/zk98lec/zvzRvK3ZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QUJFQjc5QzNGOEUxMUYwOTgwNkFGOUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsPAMA0GCSqGSIb3DQEB
CwUAA4IBAQCV8s1uB1A9hH5733+dyrBP0WrVjO43Ohmrw3LZcQdz8ZGRD+8D9ct0
bphc1KqOX2d+zRVphoeNKT096kF5i56cb9+4oh8RK9KibbTPZ2Fw2IXNHSYdqkD/
Q9XCPSv6KjIeNGjU0SoxrtImpvdye87nO1WM+H9WryPAvaUG7g9IbR/MDge8PgO5
aOEHYZKTLwxahaLZAqo3oEYqvA3PUb2Re59WBgcR+hOWG3d0eKzuk5Osfnf/Si2S
fHwlDn9nGHg/a4+0QL5dEt3h9YyakcFuwscM1dphjyjU72PO+eejvvCyH+PQBeXO
TCQ4F68rbfLGmnEay8eVIFtG0kNkYwxr
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:59:53 2025 by rpki-client