Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/659A7D063D5211F0A21CA591DAE4EC9C.roa
File: 659A7D063D5211F0A21CA591DAE4EC9C.roa (raw, json)
Hash identifier: eR8z2JUBV8og3bt44/KtVqAhVOeJwdEU6Qj3SbBrQHs=
Subject key identifier: DB:22:A2:1B:30:D0:95:BB:7D:57:B6:74:91:82:EC:ED:73:F2:98:FC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0183D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/659A7D063D5211F0A21CA591DAE4EC9C.roa
Signing time: Fri 30 May 2025 12:34:15 +0000
ROA not before: Fri 30 May 2025 12:34:09 +0000
ROA not after: Mon 16 Jun 2025 12:34:09 +0000
asID: 141167
IP address blocks: 154.212.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 14 Jun 2025 11:24:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99283 (0x183d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 30 12:34:09 2025 GMT
Not After : Jun 16 12:34:09 2025 GMT
Subject: CN=6839a5c7-11eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:9f:82:40:f9:4b:78:c1:b0:91:f4:37:e4:4c:
14:6e:52:89:d5:0a:2b:0b:c6:57:5d:3e:83:9c:62:
73:27:a5:2e:5e:a9:ac:71:6c:8e:f6:2c:22:22:9b:
49:85:86:22:ca:e3:b2:ce:c4:6b:82:e8:1b:70:3b:
71:34:dc:71:d1:0d:ae:5b:d6:cd:d8:7a:6e:20:63:
97:30:2f:14:1f:00:27:7b:b6:d4:8c:c9:40:ef:8a:
b5:91:aa:09:3a:d4:6d:49:c0:fe:78:04:ee:98:0c:
07:76:ff:57:c7:67:f2:4e:49:84:dd:84:c2:d2:ea:
8e:cf:85:7d:5c:b0:30:2b:40:a5:2c:bf:60:2b:5f:
01:45:e1:a9:a1:da:d3:5c:18:bf:e6:a3:62:6b:50:
6b:a3:6b:e0:b0:03:aa:c8:88:1d:fc:a4:dd:45:5d:
56:40:78:c9:89:5f:a0:f0:ce:40:2f:4c:a5:d5:34:
e6:60:46:de:8d:76:17:1f:d6:b7:f0:84:57:7c:2f:
f6:66:7a:fb:fe:a4:10:29:dd:81:7d:f6:c2:f0:d3:
34:d4:5f:6c:02:a5:12:30:32:ad:1d:c2:f8:a5:55:
54:3b:b8:c1:b6:cf:bd:f5:06:22:ac:cd:6d:40:a5:
e8:c8:a5:58:e2:97:45:15:9c:90:51:b5:27:39:13:
96:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:22:A2:1B:30:D0:95:BB:7D:57:B6:74:91:82:EC:ED:73:F2:98:FC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/659A7D063D5211F0A21CA591DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.140.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:ed:14:2c:7c:7b:6e:ab:d5:d3:ba:38:99:c1:24:dc:6c:d8:
40:4a:55:23:b3:d7:67:bb:92:2a:e1:7b:62:28:d1:c6:b2:22:
5f:f2:81:da:4f:b0:0e:0c:85:ec:d7:0d:3d:00:ed:23:33:00:
3a:bd:4c:fc:28:f7:cb:35:a1:28:a9:d1:4d:45:a5:70:32:42:
28:96:eb:54:25:07:01:2b:d8:1f:c1:c0:cd:f2:ec:53:57:7a:
0d:70:02:b2:90:41:49:f8:6d:54:41:9c:ee:65:b6:0a:cf:ec:
43:78:f9:fc:96:8d:42:20:91:69:d1:44:40:f0:5f:e6:1a:17:
c6:2c:26:da:84:a1:02:9f:6b:ce:f6:ca:fa:96:a7:6f:89:9d:
23:92:b9:3c:d3:4d:34:b5:f1:e1:d2:77:90:f8:26:70:06:f1:
31:af:45:24:83:11:9a:8f:b5:52:71:de:89:02:d5:9b:19:17:
93:2d:0b:3e:ee:8e:a9:13:e2:33:ea:60:86:f3:24:42:d1:db:
c9:7c:70:d3:4b:1e:cb:c3:43:42:63:da:a0:5d:a6:ae:75:60:
56:d7:0e:80:6f:28:a3:99:da:01:a2:d7:dc:9e:b6:54:5b:56:
71:0c:e3:2f:66:0e:a6:9b:d5:d7:b4:0c:65:b9:db:de:1f:d0:
f3:6d:16:d4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYPTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMwMTIzNDA5WhcNMjUwNjE2MTIzNDA5WjAYMRYw
FAYDVQQDEw02ODM5YTVjNy0xMWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6J+CQPlLeMGwkfQ35EwUblKJ1QorC8ZXXT6DnGJzJ6UuXqmscWyO9iwi
IptJhYYiyuOyzsRrgugbcDtxNNxx0Q2uW9bN2HpuIGOXMC8UHwAne7bUjMlA74q1
kaoJOtRtScD+eATumAwHdv9Xx2fyTkmE3YTC0uqOz4V9XLAwK0ClLL9gK18BReGp
odrTXBi/5qNia1Bro2vgsAOqyIgd/KTdRV1WQHjJiV+g8M5AL0yl1TTmYEbejXYX
H9a38IRXfC/2Znr7/qQQKd2BffbC8NM01F9sAqUSMDKtHcL4pVVUO7jBts+99QYi
rM1tQKXoyKVY4pdFFZyQUbUnOROWAwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNsi
ohsw0JW7fVe2dJGC7O1z8pj8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NTlBN0QwNjNENTIxMUYwQTIxQ0E1OTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtSMMA0GCSqGSIb3DQEB
CwUAA4IBAQBL7RQsfHtuq9XTujiZwSTcbNhASlUjs9dnu5Iq4XtiKNHGsiJf8oHa
T7AODIXs1w09AO0jMwA6vUz8KPfLNaEoqdFNRaVwMkIolutUJQcBK9gfwcDN8uxT
V3oNcAKykEFJ+G1UQZzuZbYKz+xDePn8lo1CIJFp0URA8F/mGhfGLCbahKECn2vO
9sr6lqdviZ0jkrk80000tfHh0neQ+CZwBvExr0UkgxGaj7VScd6JAtWbGReTLQs+
7o6pE+Iz6mCG8yRC0dvJfHDTSx7Lw0NCY9qgXaaudWBW1w6AbyijmdoBotfcnrZU
W1ZxDOMvZg6mm9XXtAxludveH9DzbRbU
-----END CERTIFICATE-----
Generated at Thu Jun 12 13:46:26 2025 by rpki-client