Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9247589A332211F09C723694DAE4EC9C.roa
File: 9247589A332211F09C723694DAE4EC9C.roa (raw, json)
Hash identifier: e5J0T1cPcUU2oM6L4B79msyhCqqpikBeQmF/E9C2lfQ=
Subject key identifier: 96:63:C1:58:C1:FE:AF:96:1F:DE:EC:38:52:74:1D:FA:4D:6C:99:3B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01812E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9247589A332211F09C723694DAE4EC9C.roa
Signing time: Sat 17 May 2025 13:26:43 +0000
ROA not before: Sat 17 May 2025 13:26:38 +0000
ROA not after: Fri 08 Aug 2025 13:26:38 +0000
asID: 149014
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98606 (0x1812e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 17 13:26:38 2025 GMT
Not After : Aug 8 13:26:38 2025 GMT
Subject: CN=68288e93-fb98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:e4:27:77:06:51:68:fb:ee:2a:12:b3:62:80:
ea:4e:1c:0d:70:18:6e:9a:2b:7f:57:e4:21:fb:e0:
2c:a6:8d:26:ac:37:e6:4e:7e:7f:bc:f9:04:1c:73:
94:8c:77:3e:2b:ac:48:4d:63:6e:96:26:41:46:b7:
a0:a9:98:ee:b6:d7:43:97:2d:a9:b2:d9:1c:c1:19:
f3:fe:7b:9d:51:b9:02:87:5e:7b:f4:cf:b4:68:fc:
bd:ed:b0:52:21:70:75:c8:d7:42:f4:ee:f0:8a:ec:
92:33:82:d2:d5:c5:71:8f:25:cf:d1:c3:41:47:3a:
c0:5d:39:2c:b1:5b:72:46:fd:80:9b:39:7d:32:0f:
8e:84:ce:cb:f5:54:c8:47:22:46:1c:10:56:98:d4:
54:22:ea:47:74:03:d7:d0:c2:98:bc:88:3c:29:8e:
5b:96:5e:d2:c0:ca:a8:60:73:0e:8f:d3:92:a5:4e:
fd:15:93:49:73:85:77:e7:f7:8c:06:73:bf:7d:75:
db:a3:7e:d0:97:be:87:fd:da:56:43:98:e0:68:80:
08:37:f2:15:67:64:d8:b2:69:6e:f0:b3:4d:1e:f6:
2e:19:1c:81:7e:79:19:55:2d:0a:a7:ca:b4:19:27:
97:0b:47:7b:89:48:d2:de:39:66:75:39:f1:dd:13:
f7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:63:C1:58:C1:FE:AF:96:1F:DE:EC:38:52:74:1D:FA:4D:6C:99:3B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9247589A332211F09C723694DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:64:1c:9a:bc:40:c6:e2:ce:eb:05:89:8a:e8:96:c0:4c:8e:
06:c3:19:a7:2c:f1:a0:78:3d:43:ab:21:e8:d0:4a:c3:83:79:
65:4f:e7:d7:58:75:16:cc:56:27:a7:08:00:26:9a:fb:cf:55:
e4:50:49:aa:fe:99:b0:85:e5:31:63:d7:8f:4b:0d:09:bb:8a:
eb:55:26:06:96:47:27:0c:ee:99:dc:30:bf:57:97:3a:c5:ba:
1c:8c:ec:f2:3a:54:55:01:81:a1:3d:d7:b2:5e:1d:d6:f5:2d:
3a:15:be:40:e7:0b:2c:d1:e7:50:bf:6d:2d:0c:67:91:19:ee:
bd:a9:12:30:6e:e9:1d:33:b1:ac:23:74:98:1d:7e:18:06:9b:
07:31:34:8c:ca:22:f9:4b:51:13:5a:19:a1:b1:4d:74:5f:aa:
a5:b6:30:94:17:6c:8f:ff:8d:c9:72:19:21:3f:25:c4:d2:1b:
ed:c1:a0:6d:3a:ea:23:a0:05:58:6c:52:e2:fd:aa:95:64:c1:
00:13:ed:4a:ec:1e:22:dc:1f:06:9d:1d:99:99:e7:f5:82:dc:
b3:fd:27:b2:05:74:fe:bc:ae:bc:05:88:41:5c:fc:2b:35:9a:
f5:6a:db:75:ac:d4:26:54:e3:2c:b0:e7:98:c1:3e:5c:f7:b1:
04:3c:bb:d7
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYEuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE3MTMyNjM4WhcNMjUwODA4MTMyNjM4WjAYMRYw
FAYDVQQDEw02ODI4OGU5My1mYjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+eQndwZRaPvuKhKzYoDqThwNcBhumit/V+Qh++Aspo0mrDfmTn5/vPkE
HHOUjHc+K6xITWNuliZBRregqZjuttdDly2pstkcwRnz/nudUbkCh1579M+0aPy9
7bBSIXB1yNdC9O7wiuySM4LS1cVxjyXP0cNBRzrAXTkssVtyRv2Amzl9Mg+OhM7L
9VTIRyJGHBBWmNRUIupHdAPX0MKYvIg8KY5bll7SwMqoYHMOj9OSpU79FZNJc4V3
5/eMBnO/fXXbo37Ql76H/dpWQ5jgaIAIN/IVZ2TYsmlu8LNNHvYuGRyBfnkZVS0K
p8q0GSeXC0d7iUjS3jlmdTnx3RP3vQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJZj
wVjB/q+WH97sOFJ0HfpNbJk7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MjQ3NTg5QTMzMjIxMUYwOUM3MjM2OTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQBfZByavEDG4s7rBYmK6JbATI4GwxmnLPGgeD1D
qyHo0ErDg3llT+fXWHUWzFYnpwgAJpr7z1XkUEmq/pmwheUxY9ePSw0Ju4rrVSYG
lkcnDO6Z3DC/V5c6xbocjOzyOlRVAYGhPdeyXh3W9S06Fb5A5wss0edQv20tDGeR
Ge69qRIwbukdM7GsI3SYHX4YBpsHMTSMyiL5S1ETWhmhsU10X6qltjCUF2yP/43J
chkhPyXE0hvtwaBtOuojoAVYbFLi/aqVZMEAE+1K7B4i3B8GnR2Zmef1gtyz/Sey
BXT+vK68BYhBXPwrNZr1att1rNQmVOMssOeYwT5c97EEPLvX
-----END CERTIFICATE-----
Generated at Fri Jun 6 14:06:47 2025 by rpki-client