Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F7D39023D0F11F080342EE3DAE4EC9C.roa
File: 9F7D39023D0F11F080342EE3DAE4EC9C.roa (raw, json)
Hash identifier: LZztUPt+jvwh35WAQ7rmCrdp6Qa9ql2bY3bMIaPSbDY=
Subject key identifier: 3A:1E:15:CE:D2:BB:A9:DA:99:D1:44:AA:D4:35:B1:E2:FD:A4:A4:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0183C5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F7D39023D0F11F080342EE3DAE4EC9C.roa
Signing time: Fri 30 May 2025 04:36:16 +0000
ROA not before: Fri 30 May 2025 04:36:11 +0000
ROA not after: Tue 10 Jun 2025 04:36:11 +0000
asID: 21859
IP address blocks: 154.193.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99269 (0x183c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 30 04:36:11 2025 GMT
Not After : Jun 10 04:36:11 2025 GMT
Subject: CN=683935c0-aa02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:52:2e:32:96:86:0d:25:6c:c0:b8:53:83:2d:
a2:77:3b:f0:89:49:36:f3:79:c2:64:42:e6:44:8e:
9e:38:24:44:72:67:b7:62:dd:08:a0:dd:d1:7e:88:
fa:bb:bf:29:25:62:c3:43:5e:d3:8e:1e:e4:01:58:
89:66:6f:6d:81:51:5a:30:b0:c0:18:d2:74:c6:1d:
2a:ac:08:db:77:e2:8a:27:71:cf:71:ec:c3:e4:70:
5d:ad:97:35:5e:c7:79:7b:32:28:ce:31:38:44:3e:
c7:76:9a:24:9f:a6:e0:a3:b4:03:ea:bf:a1:51:89:
dd:bb:af:0d:50:31:3e:d9:cf:d7:69:e7:13:c5:b7:
87:6c:d9:93:e4:f1:73:cc:f5:73:ef:0c:5b:03:f8:
c2:ba:30:03:08:ff:8d:03:9e:c9:b0:76:18:b4:2f:
98:77:66:af:1a:64:54:4a:5b:cd:5c:33:6e:ce:72:
06:3e:68:44:6b:02:7e:fb:c6:3f:82:23:06:8f:c8:
66:33:ea:11:41:5c:28:f6:a5:73:ec:29:3f:d7:6e:
c3:6e:c3:fd:09:31:51:03:4d:16:d5:a5:ea:85:42:
7c:2c:b7:60:02:00:da:1b:7e:84:de:be:da:27:2c:
9d:f5:e5:f4:89:2e:dc:ae:c1:75:69:6d:e2:8c:8c:
b2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1E:15:CE:D2:BB:A9:DA:99:D1:44:AA:D4:35:B1:E2:FD:A4:A4:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F7D39023D0F11F080342EE3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.248.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:75:77:bc:b8:8e:75:74:9f:89:12:2e:e7:e5:e4:af:77:23:
a8:85:c0:e1:62:e1:26:af:8d:39:9c:cb:34:84:7d:3d:6c:31:
a1:00:f7:2c:ac:59:e6:2b:61:7b:48:f1:fa:9c:91:17:bf:4e:
8c:d7:10:66:75:cb:15:0d:f0:07:47:74:8e:8e:cb:92:78:c9:
a7:f8:e1:4f:9d:4d:23:ee:a4:59:7d:f1:cd:6d:90:8c:8f:84:
1f:30:a5:b0:dc:82:60:99:7b:4e:f1:c5:f0:56:41:56:62:6e:
50:1f:1d:dd:c0:aa:dc:68:5a:01:e0:d9:ba:38:48:10:c4:38:
0c:9a:25:2a:d9:e0:2d:81:b3:a7:ad:e8:8f:5c:69:30:7c:b6:
59:78:8a:b0:f1:81:ab:ee:c0:56:26:43:e4:99:a8:d2:bf:9f:
97:23:3b:fc:81:b9:03:fe:6c:5f:20:45:0b:ee:fe:8f:fb:78:
e4:8e:5a:7c:df:50:85:ea:c0:24:e7:10:ff:bf:dd:ad:d0:9a:
78:b6:f0:c9:fb:a3:a1:e8:ab:4b:70:cc:e1:48:15:6f:2e:38:
c4:96:cd:6d:cb:cd:8f:93:fc:1c:5f:bc:b1:82:2f:34:58:42:
87:07:d8:d9:10:ad:af:d9:fb:d5:a2:80:66:35:62:22:e2:75:
67:56:c2:8f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYPFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMwMDQzNjExWhcNMjUwNjEwMDQzNjExWjAYMRYw
FAYDVQQDEw02ODM5MzVjMC1hYTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyFIuMpaGDSVswLhTgy2idzvwiUk283nCZELmRI6eOCREcme3Yt0IoN3R
foj6u78pJWLDQ17Tjh7kAViJZm9tgVFaMLDAGNJ0xh0qrAjbd+KKJ3HPcezD5HBd
rZc1Xsd5ezIozjE4RD7Hdpokn6bgo7QD6r+hUYndu68NUDE+2c/XaecTxbeHbNmT
5PFzzPVz7wxbA/jCujADCP+NA57JsHYYtC+Yd2avGmRUSlvNXDNuznIGPmhEawJ+
+8Y/giMGj8hmM+oRQVwo9qVz7Ck/127DbsP9CTFRA00W1aXqhUJ8LLdgAgDaG36E
3r7aJyyd9eX0iS7crsF1aW3ijIyyNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDoe
Fc7Su6namdFEqtQ1seL9pKTSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RjdEMzkwMjNEMEYxMUYwODAzNDJFRTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsH4MA0GCSqGSIb3DQEB
CwUAA4IBAQCbdXe8uI51dJ+JEi7n5eSvdyOohcDhYuEmr405nMs0hH09bDGhAPcs
rFnmK2F7SPH6nJEXv06M1xBmdcsVDfAHR3SOjsuSeMmn+OFPnU0j7qRZffHNbZCM
j4QfMKWw3IJgmXtO8cXwVkFWYm5QHx3dwKrcaFoB4Nm6OEgQxDgMmiUq2eAtgbOn
reiPXGkwfLZZeIqw8YGr7sBWJkPkmajSv5+XIzv8gbkD/mxfIEUL7v6P+3jkjlp8
31CF6sAk5xD/v92t0Jp4tvDJ+6Oh6KtLcMzhSBVvLjjEls1ty82Pk/wcX7yxgi80
WEKHB9jZEK2v2fvVooBmNWIi4nVnVsKP
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:40:30 2025 by rpki-client