Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6104120A28C311F0A1126FB4DAE4EC9C.roa
File: 6104120A28C311F0A1126FB4DAE4EC9C.roa (raw, json)
Hash identifier: vErIMOqd6OVYRBVb2/UxFyJlr3LI5vUQtgbYPNtN1VI=
Subject key identifier: DE:5E:38:5D:8D:2D:CF:82:CC:CA:AD:FB:A8:7A:7A:5D:CA:AB:E1:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017EC2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6104120A28C311F0A1126FB4DAE4EC9C.roa
Signing time: Sun 04 May 2025 08:40:06 +0000
ROA not before: Sun 04 May 2025 08:40:02 +0000
ROA not after: Wed 11 Jun 2025 08:40:02 +0000
asID: 214143
IP address blocks: 154.197.60.0/23 maxlen: 24
154.197.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 00:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97986 (0x17ec2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 4 08:40:02 2025 GMT
Not After : Jun 11 08:40:02 2025 GMT
Subject: CN=681727e6-7d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a1:c6:3d:04:83:d9:5f:9e:8d:85:98:fd:a0:
43:9d:29:a3:c1:01:1e:07:9a:53:f9:1b:1a:49:a8:
f3:16:36:75:77:f9:43:39:32:83:6d:6d:74:02:0f:
c3:6f:40:c3:30:7c:9c:ad:02:d5:4f:83:7d:c4:2b:
6d:a4:39:42:c4:e3:e3:a8:19:a3:93:79:47:6d:30:
cf:dd:a3:31:bb:4b:d4:85:48:7f:01:77:98:73:17:
3a:d7:e5:76:aa:88:f8:65:90:27:55:1f:50:ed:e4:
7b:77:ab:22:05:c0:7a:55:9e:4d:5e:dd:9f:3a:97:
cc:99:ae:25:73:5e:30:4d:00:d8:c7:fa:23:be:c5:
21:ce:44:14:47:1c:5f:c6:2d:39:00:06:f7:43:1a:
1f:b8:d2:17:29:c6:be:c0:c4:79:c4:e4:e5:6d:50:
e6:00:60:fd:1d:68:5b:72:5b:06:45:db:d2:14:b3:
b3:e2:2a:84:f8:32:1c:22:46:c3:18:7d:47:11:54:
02:94:b5:b0:83:8b:41:24:53:cf:bd:6d:9a:c7:91:
41:dc:ac:fe:2e:1e:4a:7c:bf:c3:0f:cc:95:a0:8f:
a2:b9:52:66:80:a4:0d:f1:ee:29:9a:d2:cf:66:d8:
e1:2f:e0:21:a2:61:fd:14:ed:08:4d:1c:1f:84:77:
f8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5E:38:5D:8D:2D:CF:82:CC:CA:AD:FB:A8:7A:7A:5D:CA:AB:E1:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6104120A28C311F0A1126FB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.60.0/23
154.197.86.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:5a:ae:66:7e:0e:a7:ba:6f:6e:8a:59:ab:72:a5:6e:9f:eb:
d4:2a:ac:6f:a2:d7:06:43:08:1c:24:d9:c9:8c:87:98:53:db:
e9:68:4e:25:5a:ce:10:36:bc:00:ea:99:10:5b:74:0a:8f:81:
26:cb:2a:5b:a7:0b:e0:6a:d9:df:35:47:a4:05:56:cd:47:d9:
85:91:bd:17:da:d1:fc:26:98:ed:fa:17:88:38:ae:9f:e2:7e:
2e:cc:27:a9:2d:af:25:4e:cc:3e:86:2e:41:a3:1a:0b:d4:8c:
5b:47:96:03:40:46:ac:94:8a:55:b6:97:dc:6f:30:55:3a:f2:
48:22:9a:fe:19:39:02:a9:b3:18:d1:cf:d8:9c:33:16:c8:6d:
19:cf:c2:8f:27:23:5b:10:c2:6f:b2:29:5a:54:81:26:54:d6:
34:d4:16:83:6c:aa:68:a4:f2:72:6b:04:0f:61:85:b4:0d:4d:
0e:fe:d6:cf:e1:cb:a4:a5:48:cb:1a:92:fc:e6:1e:b4:02:83:
d0:2d:1f:f8:49:bc:ae:f2:06:b1:71:04:a3:18:11:67:fc:b8:
19:c6:28:2b:e7:b8:a9:51:98:a0:0e:bc:21:42:d2:8e:1d:f8:
0c:28:3b:23:ba:c8:f6:be:b8:e1:31:5e:fc:b9:59:77:f2:37:
7d:7d:38:57
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAX7CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA0MDg0MDAyWhcNMjUwNjExMDg0MDAyWjAYMRYw
FAYDVQQDEw02ODE3MjdlNi03ZDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoqHGPQSD2V+ejYWY/aBDnSmjwQEeB5pT+RsaSajzFjZ1d/lDOTKDbW10
Ag/Db0DDMHycrQLVT4N9xCttpDlCxOPjqBmjk3lHbTDP3aMxu0vUhUh/AXeYcxc6
1+V2qoj4ZZAnVR9Q7eR7d6siBcB6VZ5NXt2fOpfMma4lc14wTQDYx/ojvsUhzkQU
Rxxfxi05AAb3QxofuNIXKca+wMR5xOTlbVDmAGD9HWhbclsGRdvSFLOz4iqE+DIc
IkbDGH1HEVQClLWwg4tBJFPPvW2ax5FB3Kz+Lh5KfL/DD8yVoI+iuVJmgKQN8e4p
mtLPZtjhL+AhomH9FO0ITRwfhHf4zwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFN5e
OF2NLc+CzMqt+6h6el3Kq+G6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MTA0MTIwQTI4QzMxMUYwQTExMjZGQjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmsU8AwQBmsVWMA0GCSqG
SIb3DQEBCwUAA4IBAQCsWq5mfg6num9uilmrcqVun+vUKqxvotcGQwgcJNnJjIeY
U9vpaE4lWs4QNrwA6pkQW3QKj4EmyypbpwvgatnfNUekBVbNR9mFkb0X2tH8Jpjt
+heIOK6f4n4uzCepLa8lTsw+hi5BoxoL1IxbR5YDQEaslIpVtpfcbzBVOvJIIpr+
GTkCqbMY0c/YnDMWyG0Zz8KPJyNbEMJvsilaVIEmVNY01BaDbKpopPJyawQPYYW0
DU0O/tbP4cukpUjLGpL85h60AoPQLR/4Sbyu8gaxcQSjGBFn/LgZxigr57ipUZig
DrwhQtKOHfgMKDsjusj2vrjhMV78uVl38jd9fThX
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:45:57 2025 by rpki-client