Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F23D2F6382011F09A3264B7DAE4EC9C.roa
File: 5F23D2F6382011F09A3264B7DAE4EC9C.roa (raw, json)
Hash identifier: IXJFe3/ruu8/8OmctMAIqDBFNvGly66/LyaVxqqIErU=
Subject key identifier: 37:7D:80:8D:A7:81:1D:74:ED:66:58:41:82:11:EB:1E:5C:61:3D:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01826F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F23D2F6382011F09A3264B7DAE4EC9C.roa
Signing time: Fri 23 May 2025 21:53:34 +0000
ROA not before: Fri 23 May 2025 21:53:29 +0000
ROA not after: Fri 24 Oct 2025 21:53:29 +0000
asID: 135097
IP address blocks: 154.91.4.0/22 maxlen: 24
154.91.8.0/21 maxlen: 24
154.91.16.0/20 maxlen: 24
154.92.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 10 Jun 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98927 (0x1826f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 21:53:29 2025 GMT
Not After : Oct 24 21:53:29 2025 GMT
Subject: CN=6830ee5e-c346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a7:24:35:6d:8a:52:f4:57:23:5c:f7:06:47:
5c:8f:c9:e0:2a:b0:db:e4:f4:9d:7c:a5:63:3f:52:
59:07:ef:42:f9:b1:b7:e7:f8:29:6e:d9:35:28:96:
2e:2d:6b:8a:14:19:e1:d0:ab:8c:48:22:63:5a:39:
fd:b5:12:23:f9:7d:40:22:0f:46:09:c5:ec:f7:fe:
fa:c4:50:92:5e:2e:22:8c:be:ca:1a:76:f1:fb:12:
74:14:95:d5:ea:c5:4e:d4:20:41:a7:fb:b9:e7:ea:
97:ec:ce:2a:9b:fe:cf:50:2e:52:c0:90:b4:88:98:
35:ee:03:66:3f:be:f4:6f:37:54:2a:8f:5d:e2:e4:
f4:ed:d6:19:03:9d:e0:8c:e8:fc:dd:26:fd:14:25:
8d:05:a1:b1:37:c9:88:1d:11:d7:c2:a4:e4:a7:69:
d7:e0:03:6c:ce:05:6e:5f:fc:20:4d:f7:b3:8d:2e:
84:16:8e:7e:5a:59:26:87:51:84:8c:f8:a9:05:3c:
25:63:ea:47:10:df:fa:a1:87:a3:8d:8c:23:20:1d:
c6:76:34:80:bc:b1:8c:01:b2:66:dc:c9:f9:e2:4b:
43:18:51:61:0b:af:bd:aa:c9:ae:da:e6:70:5a:82:
c4:7e:84:15:1e:a6:8c:79:03:fc:ec:91:27:bf:f0:
12:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:7D:80:8D:A7:81:1D:74:ED:66:58:41:82:11:EB:1E:5C:61:3D:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5F23D2F6382011F09A3264B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.4.0-154.91.31.255
154.92.96.0/21
Signature Algorithm: sha256WithRSAEncryption
25:7a:92:db:76:a9:6b:d1:a1:fb:0f:52:7b:fe:42:33:0a:2d:
6f:70:58:1a:cf:a0:24:a5:41:2e:92:1d:06:3d:8b:4d:86:e8:
fc:3c:4d:f5:1f:6a:c2:66:c4:01:39:e8:d8:13:71:9c:d1:1b:
77:65:42:12:58:9a:05:3e:60:8f:a4:ec:6f:3d:84:3e:a0:d2:
ec:b8:7c:88:e6:19:e1:a2:bb:cb:32:35:aa:ea:13:81:3d:76:
d2:21:cc:32:35:82:dd:d2:ba:c5:8f:f6:59:1d:f1:81:c6:78:
ea:19:7f:4e:f7:d5:3c:e8:fe:67:09:c1:4a:5b:7d:d5:22:b0:
39:c3:3e:0e:48:4a:30:a1:af:d8:9d:60:b0:75:c8:26:77:0c:
dd:7c:f1:3f:31:24:ba:eb:08:81:fd:13:91:bf:4e:0f:3b:f4:
41:7f:99:ff:09:fb:93:3c:da:5f:11:38:68:62:9b:55:7e:eb:
c5:4c:d0:4c:f8:2e:5d:4c:34:59:9e:15:92:a6:50:9c:45:27:
d5:92:22:af:f3:dd:95:ea:28:7b:3a:3e:cf:03:78:f2:a9:f1:
07:63:f6:f3:eb:7e:2c:d4:01:dc:f6:b4:ec:56:46:3b:0d:8f:
a8:7d:aa:a4:74:d5:d5:5d:44:24:a5:68:c9:7b:92:fc:60:0f:
ef:bd:d4:2a
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAYJvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMjE1MzI5WhcNMjUxMDI0MjE1MzI5WjAYMRYw
FAYDVQQDEw02ODMwZWU1ZS1jMzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuqckNW2KUvRXI1z3Bkdcj8ngKrDb5PSdfKVjP1JZB+9C+bG35/gpbtk1
KJYuLWuKFBnh0KuMSCJjWjn9tRIj+X1AIg9GCcXs9/76xFCSXi4ijL7KGnbx+xJ0
FJXV6sVO1CBBp/u55+qX7M4qm/7PUC5SwJC0iJg17gNmP770bzdUKo9d4uT07dYZ
A53gjOj83Sb9FCWNBaGxN8mIHRHXwqTkp2nX4ANszgVuX/wgTfezjS6EFo5+Wlkm
h1GEjPipBTwlY+pHEN/6oYejjYwjIB3GdjSAvLGMAbJm3Mn54ktDGFFhC6+9qsmu
2uZwWoLEfoQVHqaMeQP87JEnv/AS+wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFDd9
gI2ngR107WZYQYIR6x5cYT26MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RjIzRDJGNjM4MjAxMUYwOUEzMjY0QjdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKaWwQDBAWaWwADBAOa
XGAwDQYJKoZIhvcNAQELBQADggEBACV6ktt2qWvRofsPUnv+QjMKLW9wWBrPoCSl
QS6SHQY9i02G6Pw8TfUfasJmxAE56NgTcZzRG3dlQhJYmgU+YI+k7G89hD6g0uy4
fIjmGeGiu8syNarqE4E9dtIhzDI1gt3SusWP9lkd8YHGeOoZf0731Tzo/mcJwUpb
fdUisDnDPg5ISjChr9idYLB1yCZ3DN188T8xJLrrCIH9E5G/Tg879EF/mf8J+5M8
2l8ROGhim1V+68VM0Ez4Ll1MNFmeFZKmUJxFJ9WSIq/z3ZXqKHs6Ps8DePKp8Qdj
9vPrfizUAdz2tOxWRjsNj6h9qqR01dVdRCSlaMl7kvxgD++91Co=
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:21:38 2025 by rpki-client