Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67811DAE356F11F0AE5DAA79DAE4EC9C.roa
File: 67811DAE356F11F0AE5DAA79DAE4EC9C.roa (raw, json)
Hash identifier: PzW6LLkVZ30z5XejBYIIGmg9mnjQPcvnhXy9Y/TEjA0=
Subject key identifier: 06:D7:58:FA:AA:26:C3:FF:EE:3B:D8:D3:76:70:D8:E0:F1:06:31:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01819F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67811DAE356F11F0AE5DAA79DAE4EC9C.roa
Signing time: Tue 20 May 2025 11:41:45 +0000
ROA not before: Tue 20 May 2025 11:41:40 +0000
ROA not after: Fri 27 Jun 2025 11:41:40 +0000
asID: 48031
IP address blocks: 154.92.12.0/24 maxlen: 24
154.92.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98719 (0x1819f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 20 11:41:40 2025 GMT
Not After : Jun 27 11:41:40 2025 GMT
Subject: CN=682c6a78-cee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8e:65:3a:e2:b7:1d:50:b0:2b:b5:80:aa:2d:
8a:6d:1d:04:81:d9:be:9f:d7:9f:ad:de:cd:e0:b6:
c2:19:d0:8e:bd:3c:9b:0c:e5:bf:61:17:05:fc:6d:
46:83:f2:b0:19:19:be:9a:82:f3:d9:10:3f:cc:cd:
43:d1:9f:f1:93:c4:00:d0:e3:3e:fb:b6:cd:e5:95:
5f:84:bf:02:de:f4:57:0c:40:55:89:c5:54:7f:f4:
dd:34:3c:bd:cc:50:1c:f1:21:f2:5e:75:d4:8e:91:
6a:62:af:cf:b1:63:68:02:13:a5:70:1e:3e:dc:98:
10:28:be:7f:06:87:95:ce:d1:44:84:7e:8c:64:b3:
11:75:a1:18:80:fe:12:43:07:ec:99:eb:36:c9:9a:
05:f8:fd:f3:0b:57:4d:f3:e7:5f:95:5f:d8:65:26:
0c:ef:b7:0a:66:0d:8c:9d:52:8e:14:21:5b:39:bd:
8b:7e:6e:da:46:d9:dc:7e:b9:67:ad:c6:49:4d:bd:
6c:c7:90:dd:6e:62:af:13:ad:96:c4:9f:af:13:37:
d3:67:f8:74:c4:ec:d0:7e:49:5a:a5:fa:78:10:aa:
ba:62:5f:7a:f6:12:da:b5:db:63:11:3c:81:3a:5e:
dd:fa:94:bc:6b:b7:a0:42:bb:75:0f:02:30:07:dc:
29:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D7:58:FA:AA:26:C3:FF:EE:3B:D8:D3:76:70:D8:E0:F1:06:31:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67811DAE356F11F0AE5DAA79DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.12.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:bc:eb:63:93:2b:cc:73:5d:08:3e:45:96:d4:83:7c:94:0f:
5e:2f:cd:8f:33:fb:07:11:b5:5a:33:de:d1:cc:f5:8e:70:82:
49:a9:4d:72:f1:f0:55:1f:a9:d9:29:64:c8:0d:4d:e3:c3:fe:
13:b7:a9:3e:d8:08:d9:c3:68:62:27:24:f4:14:64:01:9d:f2:
3b:d6:92:fc:45:6d:fc:dd:6d:7b:17:ea:7b:67:f7:8b:66:05:
d0:6f:c5:df:c2:d3:0e:61:bb:4b:81:1f:f2:a6:1c:8d:d8:bc:
c3:26:c1:69:7b:2c:4f:36:30:33:b9:58:4c:7a:63:92:90:8c:
c7:f2:2b:49:45:c9:33:88:52:9a:4b:f8:e4:3a:99:72:8d:99:
cd:70:ad:35:a8:95:b9:87:ef:3a:bf:a8:55:e8:69:43:9f:e2:
f0:32:73:13:1a:d2:d7:64:9c:dc:9e:8f:bf:c1:c5:f2:55:95:
c6:8b:51:2b:59:8a:03:8f:2d:1b:ed:7a:92:4b:cb:c4:64:3e:
ac:47:cf:a3:d2:6e:7b:ca:90:fb:98:43:68:49:af:b6:04:62:
0d:83:38:41:d6:f1:a8:a9:d3:69:4f:47:9f:39:15:43:b3:7a:
63:23:38:ca:b6:fb:ea:fa:f5:18:4e:ee:87:97:b2:2c:c7:6e:
37:74:c5:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYGfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIwMTE0MTQwWhcNMjUwNjI3MTE0MTQwWjAYMRYw
FAYDVQQDEw02ODJjNmE3OC1jZWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoI5lOuK3HVCwK7WAqi2KbR0Egdm+n9efrd7N4LbCGdCOvTybDOW/YRcF
/G1Gg/KwGRm+moLz2RA/zM1D0Z/xk8QA0OM++7bN5ZVfhL8C3vRXDEBVicVUf/Td
NDy9zFAc8SHyXnXUjpFqYq/PsWNoAhOlcB4+3JgQKL5/BoeVztFEhH6MZLMRdaEY
gP4SQwfsmes2yZoF+P3zC1dN8+dflV/YZSYM77cKZg2MnVKOFCFbOb2Lfm7aRtnc
frlnrcZJTb1sx5DdbmKvE62WxJ+vEzfTZ/h0xOzQfklapfp4EKq6Yl969hLatdtj
ETyBOl7d+pS8a7egQrt1DwIwB9wpFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAbX
WPqqJsP/7jvY03Zw2ODxBjEcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NzgxMURBRTM1NkYxMUYwQUU1REFBNzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlwMMA0GCSqGSIb3DQEB
CwUAA4IBAQCovOtjkyvMc10IPkWW1IN8lA9eL82PM/sHEbVaM97RzPWOcIJJqU1y
8fBVH6nZKWTIDU3jw/4Tt6k+2AjZw2hiJyT0FGQBnfI71pL8RW383W17F+p7Z/eL
ZgXQb8XfwtMOYbtLgR/yphyN2LzDJsFpeyxPNjAzuVhMemOSkIzH8itJRckziFKa
S/jkOplyjZnNcK01qJW5h+86v6hV6GlDn+LwMnMTGtLXZJzcno+/wcXyVZXGi1Er
WYoDjy0b7XqSS8vEZD6sR8+j0m57ypD7mENoSa+2BGINgzhB1vGoqdNpT0efORVD
s3pjIzjKtvvq+vUYTu6Hl7Isx243dMV/
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:55:56 2025 by rpki-client