Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3C9C26E382311F0B30C4BCDDAE4EC9C.roa
File: A3C9C26E382311F0B30C4BCDDAE4EC9C.roa (raw, json)
Hash identifier: 2/rJjaSHBqFO51DN4XYx4Pw1YjmmE4MT6djrtzw+NbY=
Subject key identifier: C2:84:85:07:9D:D3:3B:0C:11:3F:EE:E7:95:1F:FE:41:16:04:D7:29
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018277
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3C9C26E382311F0B30C4BCDDAE4EC9C.roa
Signing time: Fri 23 May 2025 22:16:58 +0000
ROA not before: Fri 23 May 2025 22:16:52 +0000
ROA not after: Fri 24 Oct 2025 22:16:52 +0000
asID: 140570
IP address blocks: 154.91.5.0/24 maxlen: 24
154.91.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98935 (0x18277)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 22:16:52 2025 GMT
Not After : Oct 24 22:16:52 2025 GMT
Subject: CN=6830f3d9-e083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:97:0b:3f:10:52:42:a4:10:02:b1:ca:9d:53:
9a:26:43:02:40:8c:4a:3a:46:89:87:f9:35:67:86:
f6:40:24:da:78:b8:ec:da:95:3d:73:48:76:09:18:
90:c0:b7:9f:dc:a3:a5:b0:3f:30:58:d1:67:12:96:
de:d5:3e:50:b6:7f:88:de:36:db:ae:db:dc:64:7e:
46:81:32:16:d1:68:23:f3:63:bb:8f:77:f7:b8:27:
61:01:7b:5b:d5:dd:af:e0:36:9e:87:fb:95:8b:f1:
47:9b:32:95:e8:b3:ff:2f:2b:2c:b7:56:12:18:87:
23:15:0f:dc:44:b2:2c:15:5c:ac:69:42:0e:53:05:
7e:0b:94:a0:0f:36:b6:f5:84:8d:b2:2c:a4:1e:85:
a6:c7:fd:3e:11:a8:73:d2:34:06:ab:65:c7:12:9e:
1e:f2:10:c3:ba:02:e1:45:31:76:6b:41:58:88:78:
78:04:f2:cb:63:27:68:f6:3b:ef:6f:f9:4b:93:23:
a6:c9:10:5f:bd:2f:7c:59:fc:29:1c:59:43:b7:d2:
e8:d6:0f:ae:e0:08:d4:bf:2f:38:41:1b:9f:bf:c8:
c9:30:d6:de:75:d7:41:43:59:e1:c9:8b:95:ce:28:
b4:34:bc:41:9c:e3:97:9d:62:fd:5d:7c:01:f6:b5:
0c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:84:85:07:9D:D3:3B:0C:11:3F:EE:E7:95:1F:FE:41:16:04:D7:29
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3C9C26E382311F0B30C4BCDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.5.0/24
154.91.7.0/24
Signature Algorithm: sha256WithRSAEncryption
49:a8:b6:b3:7c:fa:ca:15:85:03:a9:70:64:03:80:1c:86:d1:
59:ba:ab:73:08:5d:47:88:ac:14:93:a8:e2:61:8b:28:44:bb:
7d:38:20:dd:35:3e:10:9b:89:5b:d3:33:99:17:23:70:7f:7d:
24:3c:0a:2d:40:08:e1:de:7e:dd:63:ba:03:19:27:f6:cb:60:
e5:15:b0:8b:53:72:16:d2:d8:be:94:1d:ab:ac:1f:46:a2:93:
cd:16:78:a4:9d:c8:86:c3:f6:77:31:5f:de:ac:cb:cb:a8:5b:
29:43:4e:89:fe:49:f7:4a:f5:d5:6a:13:4e:27:e2:5d:52:03:
48:13:75:fe:73:33:2b:f8:cd:86:fd:65:50:9a:60:b8:cf:1a:
33:9e:36:8a:1d:e9:d9:b7:15:ec:6b:9e:03:8b:6e:fd:98:c5:
5a:68:4d:93:7f:25:8b:c5:75:6c:8d:bd:4a:a4:59:5a:85:98:
f6:64:71:8a:c6:ab:16:86:75:28:db:f6:80:b0:6a:fc:6b:63:
64:43:bd:dd:30:03:4a:c5:5d:ba:c0:7c:68:95:ba:cf:f6:9c:
05:77:f1:37:92:41:de:7f:24:f8:8f:61:eb:2c:45:5d:f7:08:
a1:6b:c6:fd:c9:89:5d:7a:72:bf:b7:36:fa:bc:3d:7a:be:42:
c2:cd:ad:03
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYJ3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMjIxNjUyWhcNMjUxMDI0MjIxNjUyWjAYMRYw
FAYDVQQDEw02ODMwZjNkOS1lMDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA15cLPxBSQqQQArHKnVOaJkMCQIxKOkaJh/k1Z4b2QCTaeLjs2pU9c0h2
CRiQwLef3KOlsD8wWNFnEpbe1T5Qtn+I3jbbrtvcZH5GgTIW0Wgj82O7j3f3uCdh
AXtb1d2v4Daeh/uVi/FHmzKV6LP/Lysst1YSGIcjFQ/cRLIsFVysaUIOUwV+C5Sg
Dza29YSNsiykHoWmx/0+Eahz0jQGq2XHEp4e8hDDugLhRTF2a0FYiHh4BPLLYydo
9jvvb/lLkyOmyRBfvS98WfwpHFlDt9Lo1g+u4AjUvy84QRufv8jJMNbedddBQ1nh
yYuVzii0NLxBnOOXnWL9XXwB9rUMdQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMKE
hQed0zsMET/u55Uf/kEWBNcpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BM0M5QzI2RTM4MjMxMUYwQjMwQzRCQ0REQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlsFAwQAmlsHMA0GCSqG
SIb3DQEBCwUAA4IBAQBJqLazfPrKFYUDqXBkA4AchtFZuqtzCF1HiKwUk6jiYYso
RLt9OCDdNT4Qm4lb0zOZFyNwf30kPAotQAjh3n7dY7oDGSf2y2DlFbCLU3IW0ti+
lB2rrB9GopPNFniknciGw/Z3MV/erMvLqFspQ06J/kn3SvXVahNOJ+JdUgNIE3X+
czMr+M2G/WVQmmC4zxoznjaKHenZtxXsa54Di279mMVaaE2TfyWLxXVsjb1KpFla
hZj2ZHGKxqsWhnUo2/aAsGr8a2NkQ73dMANKxV26wHxolbrP9pwFd/E3kkHefyT4
j2HrLEVd9wiha8b9yYldenK/tzb6vD16vkLCza0D
-----END CERTIFICATE-----
Generated at Fri Jun 6 15:55:48 2025 by rpki-client