Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C803F324328E11F0BDFB1BAFDAE4EC9C.roa
File: C803F324328E11F0BDFB1BAFDAE4EC9C.roa (raw, json)
Hash identifier: seNnmMEAGjM5h3n0lG2X+bxZr0oVUFlWXzyY7v/CeO0=
Subject key identifier: 80:36:81:2D:B4:3A:CE:D7:6A:AC:11:F6:99:65:67:52:9D:C1:03:07
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01810A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C803F324328E11F0BDFB1BAFDAE4EC9C.roa
Signing time: Fri 16 May 2025 19:48:47 +0000
ROA not before: Fri 16 May 2025 19:48:43 +0000
ROA not after: Mon 15 Jun 2026 19:48:43 +0000
asID: 984
IP address blocks: 154.211.139.0/24 maxlen: 24
154.211.140.0/24 maxlen: 24
154.211.141.0/24 maxlen: 24
154.211.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98570 (0x1810a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 16 19:48:43 2025 GMT
Not After : Jun 15 19:48:43 2026 GMT
Subject: CN=6827969f-cd64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:89:6d:59:f2:4f:68:be:00:d8:c8:d6:cd:69:
52:5a:8d:24:0a:29:c0:7d:21:2b:ab:ee:b1:86:12:
e4:ab:cf:1f:e1:a8:a1:28:d0:31:55:6d:db:a4:00:
40:0b:23:93:40:bd:7e:72:a3:a6:76:cf:3e:cc:af:
55:d8:de:63:98:3a:1d:20:e4:c2:20:7c:26:9e:5b:
ff:f3:bb:c9:8f:59:0a:a1:2c:6b:d2:13:4f:55:2f:
13:55:58:45:32:b9:e0:d9:d2:c3:e8:c3:37:67:41:
aa:6b:57:38:8a:78:41:ba:58:23:c2:0f:4a:83:12:
31:dd:fe:c3:a1:29:0b:e3:c3:83:65:27:1a:56:3e:
65:2a:fd:45:0e:5e:f1:66:0c:ea:a3:8d:f6:a2:5f:
f7:ed:71:ee:96:3d:b3:f3:80:30:74:fd:05:e5:55:
42:3e:0f:60:85:10:94:05:d7:fe:bd:e9:bb:d9:eb:
13:91:2d:65:60:37:98:71:af:88:9b:89:8e:68:eb:
51:86:fb:d9:c9:0b:55:6e:e7:7a:c9:d6:db:d1:27:
d3:1c:68:72:ce:e6:53:09:be:d2:c9:6b:fc:fb:1f:
81:16:98:63:36:0e:77:e9:c0:c9:76:d3:12:c4:b7:
d0:74:6e:1c:f2:df:5b:30:62:01:bd:fc:5f:67:ae:
1d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:36:81:2D:B4:3A:CE:D7:6A:AC:11:F6:99:65:67:52:9D:C1:03:07
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C803F324328E11F0BDFB1BAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.139.0-154.211.142.255
Signature Algorithm: sha256WithRSAEncryption
60:32:66:c6:fe:ef:75:b5:2f:c0:94:11:29:c4:4e:16:61:6e:
60:8b:5c:aa:0c:4d:d0:66:5e:e8:e7:f8:6c:b0:8d:f0:13:10:
22:c6:ae:9a:03:10:46:c9:41:6d:75:dd:a1:57:6c:ab:92:8e:
ce:e8:9f:17:aa:09:52:0a:e5:e2:b9:fe:69:0c:97:d9:b7:e6:
c2:88:6d:05:af:28:21:b0:2c:1a:74:e4:f8:88:4d:94:4d:63:
6c:90:19:1b:d5:4e:05:7e:67:b5:66:a9:7b:89:aa:08:4d:ee:
c4:9f:72:4d:d7:23:42:7c:64:44:93:32:d4:29:06:5a:a8:fe:
9c:51:2d:47:2a:c8:b9:dd:49:08:7f:5c:df:e5:13:32:af:6b:
49:44:65:11:91:7a:8c:53:07:5f:51:d1:0f:3c:49:df:22:1c:
dd:5b:ac:99:bd:6a:84:f0:03:57:df:46:8d:ba:46:4e:a3:63:
7e:1d:19:1b:0a:64:71:ef:8f:6c:49:ca:4c:a5:dd:89:1c:dd:
e3:42:25:be:e8:73:61:45:44:45:e2:0d:d9:33:0f:48:55:6e:
a0:c5:44:51:f2:b7:08:a4:6e:73:4f:99:0c:85:e1:0c:10:2f:
2c:0c:2d:3e:b3:3c:ea:df:0f:07:22:b2:b0:51:67:c8:5f:54:
8f:0b:16:2f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYEKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE2MTk0ODQzWhcNMjYwNjE1MTk0ODQzWjAYMRYw
FAYDVQQDEw02ODI3OTY5Zi1jZDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA24ltWfJPaL4A2MjWzWlSWo0kCinAfSErq+6xhhLkq88f4aihKNAxVW3b
pABACyOTQL1+cqOmds8+zK9V2N5jmDodIOTCIHwmnlv/87vJj1kKoSxr0hNPVS8T
VVhFMrng2dLD6MM3Z0Gqa1c4inhBulgjwg9KgxIx3f7DoSkL48ODZScaVj5lKv1F
Dl7xZgzqo432ol/37XHulj2z84AwdP0F5VVCPg9ghRCUBdf+vem72esTkS1lYDeY
ca+Im4mOaOtRhvvZyQtVbud6ydbb0SfTHGhyzuZTCb7SyWv8+x+BFphjNg536cDJ
dtMSxLfQdG4c8t9bMGIBvfxfZ64dXQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFIA2
gS20Os7XaqwR9pllZ1KdwQMHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DODAzRjMyNDMyOEUxMUYwQkRGQjFCQUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACa04sDBACa044wDQYJ
KoZIhvcNAQELBQADggEBAGAyZsb+73W1L8CUESnEThZhbmCLXKoMTdBmXujn+Gyw
jfATECLGrpoDEEbJQW113aFXbKuSjs7onxeqCVIK5eK5/mkMl9m35sKIbQWvKCGw
LBp05PiITZRNY2yQGRvVTgV+Z7VmqXuJqghN7sSfck3XI0J8ZESTMtQpBlqo/pxR
LUcqyLndSQh/XN/lEzKva0lEZRGReoxTB19R0Q88Sd8iHN1brJm9aoTwA1ffRo26
Rk6jY34dGRsKZHHvj2xJykyl3Ykc3eNCJb7oc2FFREXiDdkzD0hVbqDFRFHytwik
bnNPmQyF4QwQLywMLT6zPOrfDwcisrBRZ8hfVI8LFi8=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:59:18 2025 by rpki-client