Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8924000E378911F0B9AD7AECDAE4EC9C.roa
File: 8924000E378911F0B9AD7AECDAE4EC9C.roa (raw, json)
Hash identifier: r63c+zJaWzy+Mx4FWeNJ1ki1TuTHCkejG37GJMYX0C8=
Subject key identifier: 0A:F6:00:91:BC:AA:6C:DB:7D:D5:8D:44:CF:D9:9C:CC:E1:A9:47:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0181EC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8924000E378911F0B9AD7AECDAE4EC9C.roa
Signing time: Fri 23 May 2025 03:53:50 +0000
ROA not before: Fri 23 May 2025 03:53:46 +0000
ROA not after: Sun 22 Jun 2025 03:53:46 +0000
asID: 134365
IP address blocks: 154.194.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 10 Jun 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98796 (0x181ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 03:53:46 2025 GMT
Not After : Jun 22 03:53:46 2025 GMT
Subject: CN=682ff14e-d3a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ec:8f:c8:0f:b3:43:aa:96:de:18:be:bd:e6:
82:1b:be:09:cb:9d:cc:d3:ff:57:87:29:85:1a:59:
75:eb:2a:02:3c:9d:e8:39:20:87:9b:2d:f7:61:81:
d9:42:02:ba:04:dc:cc:1f:69:8f:32:fc:94:7e:48:
6e:1c:22:cf:c0:d6:4d:7d:0f:a9:9f:4f:33:e6:cb:
78:19:7f:13:1f:da:36:0c:2c:93:37:2b:8e:73:ad:
72:cc:d3:28:99:cb:27:4b:61:f0:96:58:93:23:25:
c0:fb:10:f0:49:17:5f:c4:f3:d7:30:35:4e:94:a3:
1c:0c:6b:d5:34:c8:d7:5e:80:53:5b:96:0e:21:e8:
b4:1e:e3:c0:6a:bf:5d:0a:49:1e:9f:36:75:6c:90:
13:03:d1:9a:3b:7c:26:c7:b4:24:b8:a3:0d:3e:d5:
eb:3f:85:fc:8b:20:d3:22:26:df:8e:1e:f3:29:46:
34:e9:0b:3b:56:8c:84:f5:d6:a2:9a:28:0e:9e:d5:
45:72:3e:3a:3b:48:0a:74:da:05:d3:c3:6a:32:6e:
53:5d:41:7d:f6:cc:3d:56:2a:d5:92:66:cf:6f:80:
17:25:34:45:fe:92:11:64:2c:14:55:68:98:34:6d:
80:27:5c:2e:9a:e5:3f:b8:9b:b9:f5:27:21:38:19:
90:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F6:00:91:BC:AA:6C:DB:7D:D5:8D:44:CF:D9:9C:CC:E1:A9:47:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8924000E378911F0B9AD7AECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.248.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:f8:ac:b0:6f:d4:73:53:d3:1e:c6:7f:d8:bd:0d:c6:a9:22:
5c:3d:a8:cd:73:fa:33:1e:ff:41:5e:4f:98:4e:c5:7b:97:17:
1b:6a:0a:57:1d:20:7b:5b:d1:59:ed:95:ec:b6:a8:f0:7c:8e:
f9:98:73:be:aa:4a:ac:40:59:56:4d:d5:31:2e:11:60:d9:d6:
f9:51:04:43:79:64:fe:f2:65:0d:df:99:87:f9:38:11:b1:ae:
5d:73:26:b9:f7:fe:e9:e8:5e:95:07:9c:b7:5e:4e:54:cc:be:
76:8c:e7:5b:35:7e:75:01:8c:59:ff:73:3e:d5:bb:27:54:ea:
c5:e3:f5:37:f1:d9:ac:24:5b:75:52:4b:84:c3:20:ba:1c:fd:
f3:2f:ca:2c:93:76:0c:0c:8c:89:cb:93:e6:69:d3:03:71:19:
20:c9:9c:b3:4c:66:57:ec:45:9f:2d:dc:8c:82:3b:16:30:31:
a7:5b:76:98:32:c7:02:4f:ca:15:05:48:87:d5:14:89:3d:3b:
1e:79:7b:c4:ae:b2:47:40:15:1a:19:50:8c:92:89:17:2a:07:
14:d5:4d:f1:6e:77:4e:2d:96:d4:e9:ae:0a:92:7d:5f:29:b6:
aa:98:98:a5:8b:7e:8c:60:d9:5c:8c:9e:fd:36:ca:fb:8d:82:
f2:ce:35:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYHsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMDM1MzQ2WhcNMjUwNjIyMDM1MzQ2WjAYMRYw
FAYDVQQDEw02ODJmZjE0ZS1kM2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0+yPyA+zQ6qW3hi+veaCG74Jy53M0/9XhymFGll16yoCPJ3oOSCHmy33
YYHZQgK6BNzMH2mPMvyUfkhuHCLPwNZNfQ+pn08z5st4GX8TH9o2DCyTNyuOc61y
zNMomcsnS2HwlliTIyXA+xDwSRdfxPPXMDVOlKMcDGvVNMjXXoBTW5YOIei0HuPA
ar9dCkkenzZ1bJATA9GaO3wmx7QkuKMNPtXrP4X8iyDTIibfjh7zKUY06Qs7VoyE
9daimigOntVFcj46O0gKdNoF08NqMm5TXUF99sw9VirVkmbPb4AXJTRF/pIRZCwU
VWiYNG2AJ1wumuU/uJu59SchOBmQowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAr2
AJG8qmzbfdWNRM/ZnMzhqUfvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OTI0MDAwRTM3ODkxMUYwQjlBRDdBRUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsL4MA0GCSqGSIb3DQEB
CwUAA4IBAQCM+Kywb9RzU9Mexn/YvQ3GqSJcPajNc/ozHv9BXk+YTsV7lxcbagpX
HSB7W9FZ7ZXstqjwfI75mHO+qkqsQFlWTdUxLhFg2db5UQRDeWT+8mUN35mH+TgR
sa5dcya59/7p6F6VB5y3Xk5UzL52jOdbNX51AYxZ/3M+1bsnVOrF4/U38dmsJFt1
UkuEwyC6HP3zL8osk3YMDIyJy5PmadMDcRkgyZyzTGZX7EWfLdyMgjsWMDGnW3aY
MscCT8oVBUiH1RSJPTseeXvErrJHQBUaGVCMkokXKgcU1U3xbndOLZbU6a4Kkn1f
KbaqmJili36MYNlcjJ79Nsr7jYLyzjVt
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:41:45 2025 by rpki-client