Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/641571663AE611F09A2625D3DAE4EC9C.roa
File: 641571663AE611F09A2625D3DAE4EC9C.roa (raw, json)
Hash identifier: E8QKTQnRuyJxWXfZq0MN4szpXngA9+Cnc+6aUFmGS18=
Subject key identifier: DA:14:F6:A9:CB:EB:AC:5F:75:50:AE:A1:9C:A7:26:71:B7:56:DA:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018311
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/641571663AE611F09A2625D3DAE4EC9C.roa
Signing time: Tue 27 May 2025 10:36:05 +0000
ROA not before: Tue 27 May 2025 10:36:00 +0000
ROA not after: Sun 29 Jun 2025 10:36:00 +0000
asID: 9304
IP address blocks: 154.203.241.0/24 maxlen: 24
154.203.242.0/24 maxlen: 24
154.208.76.0/22 maxlen: 24
154.208.84.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 00:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99089 (0x18311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 27 10:36:00 2025 GMT
Not After : Jun 29 10:36:00 2025 GMT
Subject: CN=68359595-9ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a1:82:98:88:79:21:ab:ff:80:5d:28:9a:68:
e2:d1:1b:a1:ab:af:97:ba:e4:fc:f5:c8:55:07:93:
d8:3b:b2:8e:8b:d0:7c:1b:fd:fa:45:ad:51:0e:15:
96:db:f9:ee:1e:69:b7:e6:23:f2:f6:e1:c5:c9:1a:
13:eb:a0:ae:c6:bf:d1:d4:6b:1f:29:60:60:c4:f2:
fd:c3:3e:76:7c:f8:bf:40:5c:b5:22:f6:41:46:eb:
fa:21:db:be:8f:83:86:88:7f:65:59:a7:24:c8:65:
0b:2f:29:03:42:8f:aa:fc:21:ee:04:e6:b5:84:15:
0f:81:dc:ef:52:38:b4:ee:ee:e2:29:ba:c0:78:03:
58:ba:97:e2:6f:22:9a:fa:c1:b7:08:5c:9e:7f:63:
0e:3b:1c:32:07:dd:dc:cd:5e:0a:fa:64:20:2b:f6:
1f:9d:90:ea:da:72:ff:30:75:19:1d:c1:2f:7e:f2:
c2:96:84:bd:8d:9e:c7:67:52:f6:29:70:7a:e9:fd:
16:70:d8:a9:c4:3d:a5:bf:7d:f0:27:ed:e2:33:75:
3e:21:69:db:75:bb:cf:12:76:49:c0:83:89:23:8a:
72:1e:05:ad:e2:6c:02:87:ae:df:ed:c3:93:f7:f0:
c1:3e:30:69:ef:bc:08:46:3a:0a:b4:35:da:12:e3:
47:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:14:F6:A9:CB:EB:AC:5F:75:50:AE:A1:9C:A7:26:71:B7:56:DA:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/641571663AE611F09A2625D3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.241.0-154.203.242.255
154.208.76.0/22
154.208.84.0/22
Signature Algorithm: sha256WithRSAEncryption
13:0c:8a:5b:02:1b:ad:9f:5a:bb:a8:06:8b:16:0b:c8:dc:91:
37:6e:e0:f3:95:a8:46:1e:d5:f1:32:35:37:4a:b8:1f:33:77:
7d:52:1f:17:40:58:bb:77:f4:05:3b:0c:29:24:be:3c:51:8d:
87:82:c6:82:49:b4:4e:a1:64:34:73:51:ca:be:d2:1e:a4:f3:
83:b3:08:e4:9c:04:15:76:63:ff:7c:ac:3b:7d:c3:c2:f7:a4:
54:46:d0:26:2b:c1:f6:93:2a:35:6a:e4:c6:cb:cd:d4:95:96:
2e:4d:00:94:df:50:a2:a5:9a:28:3b:9c:77:06:2d:30:1a:0b:
39:ee:45:15:d4:ca:9c:58:de:33:0f:c2:6b:44:bc:90:19:2e:
ed:a6:9a:20:dd:79:1e:d4:bb:de:7c:ab:5f:b8:f3:68:2e:b2:
34:95:16:4f:7d:43:fd:b6:a5:0c:e6:af:fe:cf:6c:3f:95:45:
ee:16:8d:44:4f:0e:2b:e0:81:57:fc:47:ec:a7:28:f3:31:49:
85:7b:02:c3:6c:b2:55:e9:f0:5a:be:70:fc:2b:80:42:1e:2f:
0e:1e:fd:0f:f0:16:0e:fc:a6:51:6b:84:48:9d:53:ef:ac:e7:
31:18:e0:4b:c3:c8:dc:6c:3f:df:46:d4:af:7e:00:7b:55:73:
80:99:ed:5a
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYMRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI3MTAzNjAwWhcNMjUwNjI5MTAzNjAwWjAYMRYw
FAYDVQQDEw02ODM1OTU5NS05YmE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzaGCmIh5Iav/gF0ommji0Ruhq6+XuuT89chVB5PYO7KOi9B8G/36Ra1R
DhWW2/nuHmm35iPy9uHFyRoT66Cuxr/R1GsfKWBgxPL9wz52fPi/QFy1IvZBRuv6
Idu+j4OGiH9lWackyGULLykDQo+q/CHuBOa1hBUPgdzvUji07u7iKbrAeANYupfi
byKa+sG3CFyef2MOOxwyB93czV4K+mQgK/YfnZDq2nL/MHUZHcEvfvLCloS9jZ7H
Z1L2KXB66f0WcNipxD2lv33wJ+3iM3U+IWnbdbvPEnZJwIOJI4pyHgWt4mwCh67f
7cOT9/DBPjBp77wIRjoKtDXaEuNHLwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFNoU
9qnL66xfdVCuoZynJnG3Vtr4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NDE1NzE2NjNBRTYxMUYwOUEyNjI1RDNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACay/EDBACay/IDBAKa
0EwDBAKa0FQwDQYJKoZIhvcNAQELBQADggEBABMMilsCG62fWruoBosWC8jckTdu
4POVqEYe1fEyNTdKuB8zd31SHxdAWLt39AU7DCkkvjxRjYeCxoJJtE6hZDRzUcq+
0h6k84OzCOScBBV2Y/98rDt9w8L3pFRG0CYrwfaTKjVq5MbLzdSVli5NAJTfUKKl
mig7nHcGLTAaCznuRRXUypxY3jMPwmtEvJAZLu2mmiDdeR7Uu958q1+482gusjSV
Fk99Q/22pQzmr/7PbD+VRe4WjURPDivggVf8R+ynKPMxSYV7AsNsslXp8Fq+cPwr
gEIeLw4e/Q/wFg78plFrhEidU++s5zEY4EvDyNxsP99G1K9+AHtVc4CZ7Vo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:10:57 2025 by rpki-client