Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8668A048382B11F0A8D24980DAE4EC9C.roa
File: 8668A048382B11F0A8D24980DAE4EC9C.roa (raw, json)
Hash identifier: L2WGkYfnvvJjFnSqYUDNoJXIBjDjaXbhjAr7Akr2lw4=
Subject key identifier: 37:32:B6:65:61:53:AC:8E:B9:42:29:96:6F:70:21:E4:0C:6E:D7:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018279
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8668A048382B11F0A8D24980DAE4EC9C.roa
Signing time: Fri 23 May 2025 23:13:24 +0000
ROA not before: Fri 23 May 2025 23:13:19 +0000
ROA not after: Fri 26 Feb 2027 23:13:19 +0000
asID: 41095
IP address blocks: 154.193.186.0/23 maxlen: 24
154.196.252.0/23 maxlen: 24
154.205.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98937 (0x18279)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 23:13:19 2025 GMT
Not After : Feb 26 23:13:19 2027 GMT
Subject: CN=68310114-5ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6f:53:bf:b5:5e:ac:3a:76:92:b0:89:a6:3b:
1e:ae:8d:d8:95:93:47:2e:31:e8:5f:29:e5:40:96:
6d:42:ce:58:30:67:66:76:11:59:e5:b5:70:05:b4:
b5:b7:a1:1b:e6:85:69:13:68:59:ce:49:8f:bb:be:
57:5e:8b:56:07:ac:99:51:9f:f7:b7:8d:6d:c5:8d:
da:d7:f8:5a:0b:bf:a8:95:89:f1:f3:97:88:2c:50:
8b:a9:33:53:12:ff:e7:2e:56:8a:1e:b0:72:35:9a:
15:c7:de:94:22:19:93:20:12:de:b2:2d:d4:b8:8a:
39:59:eb:85:1d:03:1a:e5:96:92:21:b8:1f:e8:d5:
7f:f0:17:64:bb:f5:ba:ac:8d:b5:b2:00:35:4d:7b:
b8:fb:47:b5:bb:5f:86:77:4b:2c:1c:32:79:ad:4f:
87:4a:1d:bc:88:9f:b2:71:7f:a1:24:23:a3:7a:ad:
fb:ce:4c:b8:9d:61:bf:68:e2:a3:57:06:75:55:59:
7e:b2:e5:99:b7:b5:82:db:17:5b:ff:98:c2:4b:11:
96:12:d3:49:e5:fa:72:ba:b2:24:e9:31:46:f8:3a:
ff:27:2b:70:f7:53:9f:a8:91:1e:dd:a1:e7:c1:2c:
32:cb:09:b7:ed:f6:dd:5a:b8:f7:99:fc:7f:6b:4e:
b8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:32:B6:65:61:53:AC:8E:B9:42:29:96:6F:70:21:E4:0C:6E:D7:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8668A048382B11F0A8D24980DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.186.0/23
154.196.252.0/23
154.205.0.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:9e:40:c8:89:aa:2d:db:6c:5b:83:ed:30:3d:4d:a9:10:71:
d8:58:85:6b:e0:2f:a6:ab:e2:e9:c2:67:01:11:4b:48:84:fc:
f0:d3:b2:55:99:f8:16:07:c4:b8:27:88:9f:37:10:37:34:0c:
a2:47:96:e7:08:32:06:fa:d9:bd:ce:ac:9d:2f:19:44:dd:b5:
dc:a9:1e:e6:a8:0e:d0:5d:ea:7d:53:de:f8:fc:74:a1:4d:18:
0c:93:0f:1c:09:d2:03:3c:b0:2d:2f:41:83:26:04:81:b3:b3:
33:42:46:c2:21:41:6b:ac:1d:30:f9:74:73:ba:24:c2:0d:c2:
7d:1d:36:07:aa:09:8a:3e:04:0c:16:bf:e2:56:3c:fe:24:76:
4b:6d:b1:40:a4:9c:cf:55:69:e5:45:c7:70:a6:8f:76:a0:d0:
d4:cc:40:65:7b:19:36:91:05:50:4b:00:10:cf:49:29:89:ba:
27:50:53:55:78:e4:d3:7d:d3:87:ab:45:94:73:0d:f7:19:a2:
8d:d9:a4:75:4d:73:c9:08:a8:2d:fc:b6:b3:78:d1:08:19:3a:
6a:cb:b6:2d:26:cf:f3:92:b7:94:87:5c:3b:19:40:ea:80:21:
17:69:3c:cc:ed:65:ff:d0:4b:56:f1:da:a0:e9:e7:b7:02:91:
6b:b8:bd:ee
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYJ5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMjMxMzE5WhcNMjcwMjI2MjMxMzE5WjAYMRYw
FAYDVQQDEw02ODMxMDExNC01ZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr29Tv7VerDp2krCJpjsero3YlZNHLjHoXynlQJZtQs5YMGdmdhFZ5bVw
BbS1t6Eb5oVpE2hZzkmPu75XXotWB6yZUZ/3t41txY3a1/haC7+olYnx85eILFCL
qTNTEv/nLlaKHrByNZoVx96UIhmTIBLesi3UuIo5WeuFHQMa5ZaSIbgf6NV/8Bdk
u/W6rI21sgA1TXu4+0e1u1+Gd0ssHDJ5rU+HSh28iJ+ycX+hJCOjeq37zky4nWG/
aOKjVwZ1VVl+suWZt7WC2xdb/5jCSxGWEtNJ5fpyurIk6TFG+Dr/Jytw91OfqJEe
3aHnwSwyywm37fbdWrj3mfx/a064JQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFDcy
tmVhU6yOuUIplm9wIeQMbtfYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NjY4QTA0ODM4MkIxMUYwQThEMjQ5ODBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBmsG6AwQBmsT8AwQBms0A
MA0GCSqGSIb3DQEBCwUAA4IBAQB/nkDIiaot22xbg+0wPU2pEHHYWIVr4C+mq+Lp
wmcBEUtIhPzw07JVmfgWB8S4J4ifNxA3NAyiR5bnCDIG+tm9zqydLxlE3bXcqR7m
qA7QXep9U974/HShTRgMkw8cCdIDPLAtL0GDJgSBs7MzQkbCIUFrrB0w+XRzuiTC
DcJ9HTYHqgmKPgQMFr/iVjz+JHZLbbFApJzPVWnlRcdwpo92oNDUzEBlexk2kQVQ
SwAQz0kpibonUFNVeOTTfdOHq0WUcw33GaKN2aR1TXPJCKgt/LazeNEIGTpqy7Yt
Js/zkreUh1w7GUDqgCEXaTzM7WX/0EtW8dqg6ee3ApFruL3u
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:40:50 2025 by rpki-client