Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2387F7A3E1B11F0A1E3D9AFDAE4EC9C.roa
File: D2387F7A3E1B11F0A1E3D9AFDAE4EC9C.roa (raw, json)
Hash identifier: ahDYXtJ8a+5+FI9y+dQPRxEHmF5EQn9NUp4ort+UAAY=
Subject key identifier: B9:3C:60:25:5E:4C:84:66:7E:5C:50:A5:14:DC:15:C9:60:96:92:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0183FE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2387F7A3E1B11F0A1E3D9AFDAE4EC9C.roa
Signing time: Sat 31 May 2025 12:36:06 +0000
ROA not before: Sat 31 May 2025 12:36:01 +0000
ROA not after: Mon 16 Jun 2025 12:36:01 +0000
asID: 401696
IP address blocks: 154.219.96.0/19 maxlen: 24
154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99326 (0x183fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 31 12:36:01 2025 GMT
Not After : Jun 16 12:36:01 2025 GMT
Subject: CN=683af7b6-2b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:76:5b:f7:f6:64:ac:10:94:5b:48:35:da:be:
9a:dd:4d:28:a2:9f:73:ec:41:10:66:c3:eb:90:81:
0e:c1:7a:11:be:2b:7d:b5:86:60:1c:15:6d:65:1f:
b4:e5:32:bc:9a:18:f3:9e:e9:a7:09:be:66:e7:07:
2a:55:2d:96:f5:ff:0a:29:37:44:2a:74:28:0e:1a:
87:a3:75:41:92:04:37:44:a2:ef:c6:53:ae:47:02:
ff:9d:c4:2b:d9:f1:22:e4:9c:1d:4c:6d:de:48:d0:
f4:1b:02:47:e3:ec:e6:eb:a4:64:7b:78:15:c2:1d:
74:7d:65:7c:06:39:a7:03:02:f3:e2:61:86:66:1b:
44:bc:24:5c:0f:d7:16:1b:68:24:82:0f:89:27:ab:
69:26:b8:1e:6f:3b:d4:d0:24:15:fc:62:a1:9d:79:
9c:9d:2a:89:da:dd:9f:7b:a6:74:da:7e:4c:cd:fc:
91:29:99:ff:8b:2c:b1:f5:2e:70:ad:55:6e:c5:3d:
6f:67:0c:c6:0c:c3:ad:46:cf:ce:3f:40:45:e9:2b:
21:19:98:72:0d:8c:5d:28:6d:a7:d8:f6:ec:84:6f:
21:4e:91:a2:7c:fe:8a:e7:ad:2b:e3:bf:9f:49:3d:
f5:f7:24:a2:5c:b8:7d:55:72:8c:8b:b3:35:0a:2c:
40:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:3C:60:25:5E:4C:84:66:7E:5C:50:A5:14:DC:15:C9:60:96:92:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2387F7A3E1B11F0A1E3D9AFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
3b:84:41:09:a9:2e:54:46:dc:6e:82:6a:e6:88:f4:06:42:84:
90:9d:05:6f:28:8f:b8:4d:6f:40:a4:e5:bc:52:6d:3f:7b:e1:
a7:4e:de:88:23:6c:bf:29:13:66:e8:44:cf:9b:34:d9:b8:d6:
1f:ec:9c:0b:84:23:48:2f:5d:ef:aa:5f:66:4e:04:d6:3b:fd:
f6:f5:35:8e:9b:48:54:99:34:a7:b1:4d:e6:e8:9a:40:d2:fe:
c9:d3:c3:f9:b5:6a:fe:6c:59:38:66:81:35:3f:80:eb:96:44:
7f:35:ad:30:01:64:fe:e6:6f:55:8a:02:6b:fe:a1:d2:ff:64:
5c:1f:99:73:98:5c:56:e4:97:f7:58:49:11:d4:0e:92:74:cd:
b3:28:d7:70:c3:90:25:84:c9:7a:fe:c2:ac:8c:a3:31:5b:cd:
20:53:d2:d3:40:53:d8:15:1d:5b:52:52:5b:e3:e3:de:ec:f4:
82:98:3f:35:50:7f:cd:6f:dd:70:bb:fe:a6:41:65:52:c7:73:
bc:7d:f5:b2:36:62:bf:40:67:24:e6:d1:94:18:f0:98:41:38:
9f:75:e9:a8:cf:40:ff:48:a3:c3:cb:b0:09:25:52:e9:90:0e:
dc:a6:75:cb:a2:c7:f4:01:9c:21:c4:71:dd:9d:f9:be:f9:c0:
9d:3c:62:59
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYP+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMxMTIzNjAxWhcNMjUwNjE2MTIzNjAxWjAYMRYw
FAYDVQQDEw02ODNhZjdiNi0yYjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl3Zb9/ZkrBCUW0g12r6a3U0oop9z7EEQZsPrkIEOwXoRvit9tYZgHBVt
ZR+05TK8mhjznumnCb5m5wcqVS2W9f8KKTdEKnQoDhqHo3VBkgQ3RKLvxlOuRwL/
ncQr2fEi5JwdTG3eSND0GwJH4+zm66Rke3gVwh10fWV8BjmnAwLz4mGGZhtEvCRc
D9cWG2gkgg+JJ6tpJrgebzvU0CQV/GKhnXmcnSqJ2t2fe6Z02n5MzfyRKZn/iyyx
9S5wrVVuxT1vZwzGDMOtRs/OP0BF6SshGZhyDYxdKG2n2PbshG8hTpGifP6K560r
47+fST319ySiXLh9VXKMi7M1CixAzwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFLk8
YCVeTIRmflxQpRTcFclglpIoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMjM4N0Y3QTNFMUIxMUYwQTFFM0Q5QUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmttgAwQEmt4QMA0GCSqG
SIb3DQEBCwUAA4IBAQA7hEEJqS5URtxugmrmiPQGQoSQnQVvKI+4TW9ApOW8Um0/
e+GnTt6II2y/KRNm6ETPmzTZuNYf7JwLhCNIL13vql9mTgTWO/329TWOm0hUmTSn
sU3m6JpA0v7J08P5tWr+bFk4ZoE1P4DrlkR/Na0wAWT+5m9VigJr/qHS/2RcH5lz
mFxW5Jf3WEkR1A6SdM2zKNdww5AlhMl6/sKsjKMxW80gU9LTQFPYFR1bUlJb4+Pe
7PSCmD81UH/Nb91wu/6mQWVSx3O8ffWyNmK/QGck5tGUGPCYQTifdemoz0D/SKPD
y7AJJVLpkA7cpnXLosf0AZwhxHHdnfm++cCdPGJZ
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:42:58 2025 by rpki-client