Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C57F78D434BA11F0BC1591BCDAE4EC9C.roa
File: C57F78D434BA11F0BC1591BCDAE4EC9C.roa (raw, json)
Hash identifier: lEL20ptwIQ3lM3G8yDr576r4qb+enEewQnwKVdC2DX4=
Subject key identifier: 08:F9:54:E9:73:C6:67:09:0D:20:C4:55:D7:FA:17:8D:E4:60:37:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018158
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C57F78D434BA11F0BC1591BCDAE4EC9C.roa
Signing time: Mon 19 May 2025 14:08:43 +0000
ROA not before: Mon 19 May 2025 14:08:38 +0000
ROA not after: Wed 18 Jun 2025 14:08:38 +0000
asID: 57043
IP address blocks: 154.222.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98648 (0x18158)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 19 14:08:38 2025 GMT
Not After : Jun 18 14:08:38 2025 GMT
Subject: CN=682b3b6b-7a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6b:c0:d2:c8:15:6a:21:d9:a4:b3:a6:08:ae:
e7:09:1e:6f:39:1d:0e:68:c2:cb:fd:37:61:73:ab:
17:74:86:8a:c1:0a:55:41:49:27:0d:a5:ed:0f:f9:
3b:07:05:78:79:2b:e0:6c:2b:97:cc:ce:6d:fb:ca:
69:b5:2c:fd:cc:5c:ae:27:62:03:d5:46:9c:d6:af:
6f:63:8f:48:ae:4b:e6:07:5f:23:97:17:5d:3c:22:
7b:69:ac:80:0d:e1:27:2c:e6:39:06:50:c8:2b:8c:
4e:7a:60:8f:a9:d3:7e:03:57:7a:06:74:0c:66:d4:
e2:45:a4:2f:90:81:0d:b1:b9:fd:38:fd:d2:b9:5f:
f4:37:ea:81:ed:4b:8c:9d:28:e1:72:82:3e:d5:ab:
59:b7:33:88:cd:38:1b:70:00:22:31:99:ea:64:89:
2e:0a:45:ac:d2:2a:c3:ab:32:d1:a0:79:d5:67:4c:
c2:65:da:14:af:03:3f:18:e0:84:12:fa:6f:c0:a8:
78:be:96:f2:30:cf:2d:47:88:d2:e4:dd:7a:c5:3a:
9d:3b:f0:d5:c3:09:10:cd:81:1c:0c:95:e3:c8:a0:
09:2f:69:01:c6:ee:41:8e:ca:5b:c0:f3:c0:94:99:
4a:15:73:e2:e9:c2:65:a8:40:07:4c:49:e6:cb:f8:
28:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F9:54:E9:73:C6:67:09:0D:20:C4:55:D7:FA:17:8D:E4:60:37:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C57F78D434BA11F0BC1591BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.133.0/24
Signature Algorithm: sha256WithRSAEncryption
43:14:18:2b:4d:02:54:e3:4d:b1:41:5d:49:fa:2b:1c:7b:88:
d1:69:c2:d5:d8:14:82:6f:af:b6:de:e6:2e:0d:32:9c:87:ff:
a6:9c:d4:ee:47:5b:08:8e:14:a2:59:86:70:30:89:a3:c1:bd:
be:47:64:3a:de:85:86:8e:36:66:66:12:eb:fc:0b:d3:a6:1c:
07:fd:32:f8:54:30:3d:c3:83:34:8d:70:64:3b:a4:aa:8e:bd:
44:9e:21:ba:31:40:00:61:94:fe:63:e6:37:a3:99:77:57:60:
a8:4f:40:28:8f:8f:6e:de:98:93:f9:b6:5c:b9:e0:88:75:83:
f7:ea:af:f4:13:44:59:17:ad:64:d7:1e:d8:79:e9:8d:46:91:
64:f1:b6:ed:3a:1a:02:81:1e:f3:6b:00:11:4b:d4:40:df:01:
aa:ce:1e:f1:af:99:d0:a8:b9:53:fa:54:ec:85:11:71:16:b4:
88:38:49:7a:6e:68:05:94:82:d9:9a:73:15:67:61:f2:10:f8:
32:10:b3:ce:38:81:6a:ee:cd:52:1e:f4:08:9a:93:97:ce:ff:
f0:1a:d6:b7:f4:55:1a:a5:fe:ec:b1:bb:98:cd:f7:1a:fa:05:
40:01:24:3d:c5:f7:4f:ce:9e:87:a7:5d:db:1c:75:da:83:88:
a5:84:a7:ce
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYFYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE5MTQwODM4WhcNMjUwNjE4MTQwODM4WjAYMRYw
FAYDVQQDEw02ODJiM2I2Yi03YTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA42vA0sgVaiHZpLOmCK7nCR5vOR0OaMLL/Tdhc6sXdIaKwQpVQUknDaXt
D/k7BwV4eSvgbCuXzM5t+8pptSz9zFyuJ2ID1Uac1q9vY49IrkvmB18jlxddPCJ7
aayADeEnLOY5BlDIK4xOemCPqdN+A1d6BnQMZtTiRaQvkIENsbn9OP3SuV/0N+qB
7UuMnSjhcoI+1atZtzOIzTgbcAAiMZnqZIkuCkWs0irDqzLRoHnVZ0zCZdoUrwM/
GOCEEvpvwKh4vpbyMM8tR4jS5N16xTqdO/DVwwkQzYEcDJXjyKAJL2kBxu5Bjspb
wPPAlJlKFXPi6cJlqEAHTEnmy/goLwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAj5
VOlzxmcJDSDEVdf6F43kYDekMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNTdGNzhENDM0QkExMUYwQkMxNTkxQkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6FMA0GCSqGSIb3DQEB
CwUAA4IBAQBDFBgrTQJU402xQV1J+isce4jRacLV2BSCb6+23uYuDTKch/+mnNTu
R1sIjhSiWYZwMImjwb2+R2Q63oWGjjZmZhLr/AvTphwH/TL4VDA9w4M0jXBkO6Sq
jr1EniG6MUAAYZT+Y+Y3o5l3V2CoT0Aoj49u3piT+bZcueCIdYP36q/0E0RZF61k
1x7YeemNRpFk8bbtOhoCgR7zawARS9RA3wGqzh7xr5nQqLlT+lTshRFxFrSIOEl6
bmgFlILZmnMVZ2HyEPgyELPOOIFq7s1SHvQImpOXzv/wGta39FUapf7ssbuYzfca
+gVAASQ9xfdPzp6Hp13bHHXag4ilhKfO
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:26:32 2025 by rpki-client