Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8431915C381411F0971240EBDAE4EC9C.roa
File: 8431915C381411F0971240EBDAE4EC9C.roa (raw, json)
Hash identifier: 2ZYKg+uzB4ED38Owmoz9hNM4vGl3Ed4jwc+lPRzWVyQ=
Subject key identifier: CD:AC:9A:36:37:E4:51:68:1B:D6:D2:46:8E:CF:3D:1B:77:9F:12:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018259
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8431915C381411F0971240EBDAE4EC9C.roa
Signing time: Fri 23 May 2025 20:28:42 +0000
ROA not before: Fri 23 May 2025 20:28:37 +0000
ROA not after: Wed 10 Jun 2026 20:28:37 +0000
asID: 150150
IP address blocks: 154.89.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98905 (0x18259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 20:28:37 2025 GMT
Not After : Jun 10 20:28:37 2026 GMT
Subject: CN=6830da7a-5409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b8:94:2d:15:91:a4:af:4f:c4:ea:5d:a8:1c:
0f:16:f7:87:aa:c6:f9:c4:6e:17:84:8c:37:49:64:
85:4f:ee:7c:63:93:6f:30:0e:e2:4f:10:11:fb:5d:
d9:e8:8f:cc:5a:96:59:f6:31:63:6e:07:8b:da:62:
e4:73:d2:a0:27:e3:d8:02:b7:3e:a4:08:c0:80:b4:
23:8d:62:b7:d0:ed:0a:eb:11:f6:48:c4:3e:ee:51:
3a:e4:66:87:ef:5f:8b:47:8c:5b:49:ac:b8:d9:eb:
c8:07:6a:95:2f:a4:cb:2c:c1:f0:b1:ce:7d:de:40:
32:47:99:5d:f8:0f:6b:eb:5f:51:66:6b:7c:1b:ec:
ac:70:8c:82:5e:b2:94:5a:8d:e8:f8:29:a1:5c:fd:
57:14:ec:42:63:13:6e:f0:20:1f:3a:bb:46:c9:2c:
ee:6f:db:47:e4:4a:28:97:86:29:fd:63:17:be:eb:
9a:bc:9d:72:1a:e7:e3:a1:9a:fe:aa:11:0b:b2:93:
37:09:bb:6a:99:84:39:64:9a:4c:21:8c:a5:24:dd:
4f:22:db:a1:9e:72:7a:1c:13:a3:1a:7c:21:8a:43:
15:76:d1:61:f4:6d:f1:f4:0d:cb:3f:ee:95:76:09:
cb:e9:d1:3b:77:1e:b3:db:25:a8:09:4a:ff:27:ff:
30:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AC:9A:36:37:E4:51:68:1B:D6:D2:46:8E:CF:3D:1B:77:9F:12:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8431915C381411F0971240EBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.0.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a4:93:b8:2f:91:f5:4b:b0:42:b2:81:51:92:fb:7c:2a:69:
22:0c:20:1b:bb:ad:c8:d9:a5:6f:03:3f:59:9d:50:ed:1b:24:
07:a8:2c:a0:b9:16:a0:08:85:a0:86:72:be:af:c0:d3:28:49:
08:96:55:c1:2f:04:88:58:2c:ce:0d:95:1c:99:1a:af:c6:88:
cb:56:0e:1b:b6:20:e2:3c:88:4d:0e:44:b6:08:e1:92:31:a6:
d6:66:1c:69:ce:a4:29:ed:1e:5f:b3:62:c1:62:f6:49:2a:d7:
30:b6:db:1a:64:57:94:bb:c1:ad:38:02:43:43:2d:e4:40:67:
ac:9a:0d:cb:be:1c:35:25:c5:10:5b:7d:62:88:94:02:fe:f5:
d4:02:43:db:0a:10:9e:40:9a:0b:5e:ec:f6:27:2b:b9:fd:db:
50:d3:09:bb:48:71:fd:0f:ff:6c:a4:e6:b0:a5:3a:88:52:99:
5c:b2:cf:22:75:67:bf:2d:dc:98:4f:5c:89:73:a1:0f:20:21:
c2:2b:cf:07:2c:8d:f5:5e:51:b3:68:3d:dd:a3:28:7e:86:9a:
19:d4:d7:d5:f2:3a:24:17:3c:94:0e:a7:17:92:de:be:c6:4e:
b6:14:34:f2:ee:63:bc:8a:bb:d3:00:ab:e2:99:97:1a:14:74:
69:cb:ed:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYJZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMjAyODM3WhcNMjYwNjEwMjAyODM3WjAYMRYw
FAYDVQQDEw02ODMwZGE3YS01NDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0LiULRWRpK9PxOpdqBwPFveHqsb5xG4XhIw3SWSFT+58Y5NvMA7iTxAR
+13Z6I/MWpZZ9jFjbgeL2mLkc9KgJ+PYArc+pAjAgLQjjWK30O0K6xH2SMQ+7lE6
5GaH71+LR4xbSay42evIB2qVL6TLLMHwsc593kAyR5ld+A9r619RZmt8G+yscIyC
XrKUWo3o+CmhXP1XFOxCYxNu8CAfOrtGySzub9tH5Eool4Yp/WMXvuuavJ1yGufj
oZr+qhELspM3CbtqmYQ5ZJpMIYylJN1PItuhnnJ6HBOjGnwhikMVdtFh9G3x9A3L
P+6VdgnL6dE7dx6z2yWoCUr/J/8wkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM2s
mjY35FFoG9bSRo7PPRt3nxLZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NDMxOTE1QzM4MTQxMUYwOTcxMjQwRUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkAMA0GCSqGSIb3DQEB
CwUAA4IBAQAzpJO4L5H1S7BCsoFRkvt8KmkiDCAbu63I2aVvAz9ZnVDtGyQHqCyg
uRagCIWghnK+r8DTKEkIllXBLwSIWCzODZUcmRqvxojLVg4btiDiPIhNDkS2COGS
MabWZhxpzqQp7R5fs2LBYvZJKtcwttsaZFeUu8GtOAJDQy3kQGesmg3Lvhw1JcUQ
W31iiJQC/vXUAkPbChCeQJoLXuz2Jyu5/dtQ0wm7SHH9D/9spOawpTqIUplcss8i
dWe/LdyYT1yJc6EPICHCK88HLI31XlGzaD3doyh+hpoZ1NfV8jokFzyUDqcXkt6+
xk62FDTy7mO8irvTAKvimZcaFHRpy+1w
-----END CERTIFICATE-----
Generated at Fri Jun 6 15:57:00 2025 by rpki-client