Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D967BD83E2811F0875A8E81DAE4EC9C.roa
File: 5D967BD83E2811F0875A8E81DAE4EC9C.roa (raw, json)
Hash identifier: pBgP+/ycFskQJK1uC1tSdNxyC1y/9dHr1Fj0Ju4fw5Y=
Subject key identifier: 8B:BB:CA:3C:5E:AC:97:5F:70:47:EF:A7:81:BF:8D:21:CB:28:E6:27
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018410
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D967BD83E2811F0875A8E81DAE4EC9C.roa
Signing time: Sat 31 May 2025 14:05:54 +0000
ROA not before: Sat 31 May 2025 14:05:49 +0000
ROA not after: Mon 30 Jun 2025 14:05:49 +0000
asID: 401696
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99344 (0x18410)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 31 14:05:49 2025 GMT
Not After : Jun 30 14:05:49 2025 GMT
Subject: CN=683b0cc2-23b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0b:09:32:bd:86:4c:92:57:42:ec:ed:52:53:
76:25:b4:93:d5:ab:00:76:c3:3b:5e:dd:e4:b5:ae:
5f:a9:3b:08:47:0f:6c:d5:b0:b1:cf:c0:43:ae:b1:
90:e1:85:20:ce:ed:06:3e:78:09:e7:f0:f2:de:b0:
93:ba:13:93:ef:cb:06:46:82:aa:f2:6e:b0:a6:4e:
31:4f:1c:9a:d8:f7:b6:f1:72:16:aa:81:f0:b9:d9:
c4:a9:b9:53:6f:b6:ed:46:1d:e3:8f:ec:2b:cb:a0:
37:6d:d9:b8:b5:ed:b4:78:c6:f1:89:7f:79:50:5d:
71:82:d0:25:49:9a:7f:e1:eb:24:4c:3b:a4:0b:d3:
3f:99:db:60:15:2d:23:9e:7d:30:a3:4d:d5:aa:95:
e3:c5:c4:58:29:ef:11:98:b5:cb:98:79:57:98:88:
eb:aa:06:53:58:52:7c:84:cd:53:19:de:ad:1d:4b:
65:78:34:9e:06:02:a3:ac:35:73:29:89:89:a3:d8:
7b:5a:d3:e2:22:43:ff:2a:98:42:1b:eb:5e:44:c3:
8c:45:10:82:ff:4e:45:3b:94:70:94:82:d4:bc:e5:
8d:50:52:ab:af:53:20:03:44:66:8a:54:4c:c4:aa:
4f:2a:2b:a2:ce:6d:0e:09:f3:32:b2:21:64:a1:2b:
55:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BB:CA:3C:5E:AC:97:5F:70:47:EF:A7:81:BF:8D:21:CB:28:E6:27
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D967BD83E2811F0875A8E81DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
35:03:53:02:32:da:2e:74:01:62:cf:4f:a3:34:d7:85:25:b9:
93:35:cc:1e:4a:2f:d3:0a:45:f3:a8:4e:2e:b3:a6:1f:53:4c:
11:1b:a3:64:71:39:82:2e:b9:74:95:e5:38:c1:8b:3e:38:cb:
c3:48:0f:f8:3a:07:bb:50:e0:5d:e8:9c:ae:b6:cd:3e:16:b2:
1d:af:6f:1e:e8:4e:55:51:a4:1c:3e:ce:d5:3c:5d:16:32:8c:
6d:7c:62:54:2f:ed:b5:17:53:dd:4c:2f:09:54:83:63:25:9f:
c5:13:49:8a:ef:14:c3:90:1b:38:20:bd:2b:ae:a8:23:e6:e8:
cf:c4:3a:46:64:e7:03:7f:60:fc:9a:35:34:cc:7d:76:fa:0c:
34:6d:60:be:b4:27:de:72:70:3a:6d:f5:5b:03:90:2b:83:d4:
5c:12:a9:11:f4:59:5f:e3:10:47:86:3f:7c:d5:7a:e2:e0:a1:
39:aa:8f:0b:95:73:61:95:e3:79:7b:44:b2:fb:30:36:e1:38:
e5:2c:e6:c5:ce:4d:f7:17:5a:73:cb:31:89:73:ba:55:a1:f2:
d3:b3:8a:e6:97:f3:b7:92:4d:4a:24:c1:2d:cb:31:7b:24:64:
17:83:30:d8:a1:98:9f:e5:47:07:48:70:79:dd:f7:1c:9a:cc:
68:6b:8c:f9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYQQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMxMTQwNTQ5WhcNMjUwNjMwMTQwNTQ5WjAYMRYw
FAYDVQQDEw02ODNiMGNjMi0yM2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArAsJMr2GTJJXQuztUlN2JbST1asAdsM7Xt3kta5fqTsIRw9s1bCxz8BD
rrGQ4YUgzu0GPngJ5/Dy3rCTuhOT78sGRoKq8m6wpk4xTxya2Pe28XIWqoHwudnE
qblTb7btRh3jj+wry6A3bdm4te20eMbxiX95UF1xgtAlSZp/4eskTDukC9M/mdtg
FS0jnn0wo03VqpXjxcRYKe8RmLXLmHlXmIjrqgZTWFJ8hM1TGd6tHUtleDSeBgKj
rDVzKYmJo9h7WtPiIkP/KphCG+teRMOMRRCC/05FO5RwlILUvOWNUFKrr1MgA0Rm
ilRMxKpPKiuizm0OCfMysiFkoStVuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIu7
yjxerJdfcEfvp4G/jSHLKOYnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDk2N0JEODNFMjgxMUYwODc1QThFODFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQA1A1MCMtoudAFiz0+jNNeFJbmTNcweSi/TCkXzqE4us6YfU0wRG6Nk
cTmCLrl0leU4wYs+OMvDSA/4Oge7UOBd6Jyuts0+FrIdr28e6E5VUaQcPs7VPF0W
MoxtfGJUL+21F1PdTC8JVINjJZ/FE0mK7xTDkBs4IL0rrqgj5ujPxDpGZOcDf2D8
mjU0zH12+gw0bWC+tCfecnA6bfVbA5Arg9RcEqkR9Flf4xBHhj981Xri4KE5qo8L
lXNhleN5e0Sy+zA24TjlLObFzk33F1pzyzGJc7pVofLTs4rml/O3kk1KJMEtyzF7
JGQXgzDYoZif5UcHSHB53fccmsxoa4z5
-----END CERTIFICATE-----
Generated at Fri Jun 6 15:55:29 2025 by rpki-client