Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA90D164328111F08B5AF8D8DAE4EC9C.roa
File: CA90D164328111F08B5AF8D8DAE4EC9C.roa (raw, json)
Hash identifier: YNrizxP30KLHlFGW/tScyHK38Vw0Wye6S/89gA5fLzE=
Subject key identifier: 28:62:FC:2B:3A:ED:0D:65:D2:50:54:2F:D2:3C:2E:D6:97:3B:71:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0180FA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA90D164328111F08B5AF8D8DAE4EC9C.roa
Signing time: Fri 16 May 2025 18:15:48 +0000
ROA not before: Fri 16 May 2025 18:15:44 +0000
ROA not after: Fri 20 Jun 2025 18:15:44 +0000
asID: 214413
IP address blocks: 154.205.253.0/24 maxlen: 24
154.205.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98554 (0x180fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 16 18:15:44 2025 GMT
Not After : Jun 20 18:15:44 2025 GMT
Subject: CN=682780d4-07a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:52:df:51:1b:c6:d4:34:77:22:da:0f:e5:e3:
fc:41:a5:ae:cd:48:fb:35:3b:eb:ea:81:0f:61:6a:
03:20:aa:3a:c2:23:d3:fc:32:3f:5d:e5:8c:93:4d:
63:d6:0b:3e:87:99:a6:c8:e4:19:e6:42:4c:0a:ba:
f2:11:76:e8:1e:c0:a9:8e:48:4e:42:ce:40:4b:84:
4f:aa:b2:8a:67:ce:7a:2b:3e:85:d1:28:84:1f:f4:
c5:56:69:9b:79:eb:23:6e:52:62:74:93:cb:a8:ca:
46:5d:1b:a7:de:76:f9:e4:6b:b7:e5:75:c5:31:7d:
82:0e:33:d9:e9:01:f3:8b:e7:a3:48:6b:96:fa:19:
fd:b9:e1:5c:69:84:51:1b:b8:01:02:b9:2a:ab:7d:
98:37:60:97:4b:67:6a:7e:4a:7a:7e:4b:1e:48:46:
f4:74:da:ca:19:b1:e3:78:51:4b:22:1d:db:b2:57:
43:94:0c:38:24:a9:b9:6e:7d:82:93:2d:af:4a:9a:
e9:17:b8:3d:46:d7:b8:1e:ac:da:e3:04:47:f9:1d:
78:2e:f5:41:83:0b:d6:2d:a8:02:7b:24:64:2c:68:
79:27:e0:6f:77:f3:1f:da:53:81:70:0a:c8:e1:32:
25:6f:70:47:53:96:c9:07:fd:e9:1d:ea:60:97:00:
df:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:62:FC:2B:3A:ED:0D:65:D2:50:54:2F:D2:3C:2E:D6:97:3B:71:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA90D164328111F08B5AF8D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.253.0-154.205.254.255
Signature Algorithm: sha256WithRSAEncryption
46:34:70:19:8d:43:07:8d:53:5f:c6:ff:ce:5e:d5:55:1a:91:
54:8b:f0:da:de:7f:22:d1:35:4e:08:8c:b6:a3:f4:d9:99:56:
6c:b3:4a:ac:17:5b:6c:db:f3:54:bb:e8:84:a8:b2:38:69:a3:
fb:6f:07:25:09:69:59:f1:9f:f9:79:a5:fd:fd:1c:ec:64:d5:
3f:bd:92:b6:d5:07:cd:8d:17:c5:1e:0d:b0:7e:d3:9b:22:29:
0a:72:2f:e7:e7:a2:50:cf:44:af:9f:c3:d0:4e:0a:00:3b:af:
93:9c:95:cb:23:9b:be:af:7d:24:40:d4:0e:8e:41:4c:9e:b3:
6f:5e:f2:1d:62:2b:d2:c0:49:f3:16:73:9f:2a:7b:fc:c9:ad:
dd:93:c8:a7:9a:bb:de:f0:fa:19:2a:f3:34:6c:ba:ec:9d:78:
78:ff:7b:0d:9e:96:b2:ee:20:a7:07:d7:de:e6:aa:0f:7b:35:
8b:22:64:e1:7e:68:d7:04:60:7d:22:0e:23:97:ed:a0:e7:ab:
b3:a2:f2:14:cc:2a:cd:bd:55:31:b7:c7:80:1c:d1:41:04:f0:
8a:4a:ca:9a:24:ce:20:ed:45:1f:0a:ef:e6:0a:b3:ad:07:97:
bb:7a:07:da:ce:be:1c:c4:b3:a8:d1:56:d5:4f:a7:cd:c2:61:
1f:36:0a:8a
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYD6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE2MTgxNTQ0WhcNMjUwNjIwMTgxNTQ0WjAYMRYw
FAYDVQQDEw02ODI3ODBkNC0wN2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtVLfURvG1DR3ItoP5eP8QaWuzUj7NTvr6oEPYWoDIKo6wiPT/DI/XeWM
k01j1gs+h5mmyOQZ5kJMCrryEXboHsCpjkhOQs5AS4RPqrKKZ856Kz6F0SiEH/TF
VmmbeesjblJidJPLqMpGXRun3nb55Gu35XXFMX2CDjPZ6QHzi+ejSGuW+hn9ueFc
aYRRG7gBArkqq32YN2CXS2dqfkp6fkseSEb0dNrKGbHjeFFLIh3bsldDlAw4JKm5
bn2Cky2vSprpF7g9Rte4Hqza4wRH+R14LvVBgwvWLagCeyRkLGh5J+Bvd/Mf2lOB
cArI4TIlb3BHU5bJB/3pHepglwDfFQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFChi
/Cs67Q1l0lBUL9I8LtaXO3EwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQTkwRDE2NDMyODExMUYwOEI1QUY4RDhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACazf0DBACazf4wDQYJ
KoZIhvcNAQELBQADggEBAEY0cBmNQweNU1/G/85e1VUakVSL8NrefyLRNU4IjLaj
9NmZVmyzSqwXW2zb81S76ISosjhpo/tvByUJaVnxn/l5pf39HOxk1T+9krbVB82N
F8UeDbB+05siKQpyL+fnolDPRK+fw9BOCgA7r5Oclcsjm76vfSRA1A6OQUyes29e
8h1iK9LASfMWc58qe/zJrd2TyKeau97w+hkq8zRsuuydeHj/ew2elrLuIKcH197m
qg97NYsiZOF+aNcEYH0iDiOX7aDnq7Oi8hTMKs29VTG3x4Ac0UEE8IpKypokziDt
RR8K7+YKs60Hl7t6B9rOvhzEs6jRVtVPp83CYR82Coo=
-----END CERTIFICATE-----
Generated at Fri Jun 6 15:12:55 2025 by rpki-client