Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBBF93DC3D6511F0B032848FDAE4EC9C.roa
File: DBBF93DC3D6511F0B032848FDAE4EC9C.roa (raw, json)
Hash identifier: 9BCWDR6wQ7PUn8caU3IGKS3BFlYTXhQrQy4EgKPzouQ=
Subject key identifier: 50:DC:BB:98:23:10:46:9A:30:D3:DA:3E:44:1C:20:D9:F7:20:20:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0183F1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBBF93DC3D6511F0B032848FDAE4EC9C.roa
Signing time: Fri 30 May 2025 14:53:34 +0000
ROA not before: Fri 30 May 2025 14:53:29 +0000
ROA not after: Mon 09 Jun 2025 14:53:29 +0000
asID: 139923
IP address blocks: 154.210.16.0/20 maxlen: 24
154.213.64.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99313 (0x183f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 30 14:53:29 2025 GMT
Not After : Jun 9 14:53:29 2025 GMT
Subject: CN=6839c66e-6614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8a:f8:e3:e3:40:19:a5:82:c9:af:d8:e3:d2:
ac:85:21:bc:62:d1:1a:40:cb:84:58:c1:2e:5e:50:
0a:67:bb:14:fd:4f:78:44:70:11:b8:68:43:e8:47:
fc:f8:6a:10:c3:4f:d8:1b:c8:e7:fe:a6:0b:14:fb:
a7:02:6f:c8:7e:bd:3f:d5:db:c9:76:cc:67:0c:6d:
e3:30:1b:a1:91:6f:09:07:d3:fe:00:ec:e3:07:4e:
17:c9:07:b2:70:ca:d2:c1:16:a0:58:55:b6:db:c1:
2d:4f:62:4e:03:82:a5:19:ef:87:1a:73:0d:c5:81:
09:1b:71:71:f4:7e:cf:10:90:7c:72:41:8b:4c:4a:
8a:d5:f7:ab:bc:3f:4c:d2:f9:9d:fb:4b:6a:43:08:
91:19:c8:b0:cb:eb:f9:d9:21:6a:d2:97:02:13:6b:
7d:0b:b4:bc:10:f3:9d:0f:61:ee:f0:23:83:ca:2c:
a3:2e:1b:39:92:2e:49:d6:08:53:13:9d:0e:02:3e:
3c:1c:04:cd:07:98:aa:c2:fb:59:37:78:11:9a:59:
15:9c:9d:29:42:f2:d9:0d:c2:01:cb:78:d6:e9:d0:
a8:35:c2:d2:3a:c0:8a:bf:5c:d2:38:8f:88:9e:bb:
46:14:a6:44:6d:19:11:d0:ed:7f:75:10:e2:f9:62:
c9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DC:BB:98:23:10:46:9A:30:D3:DA:3E:44:1C:20:D9:F7:20:20:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBBF93DC3D6511F0B032848FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.16.0/20
154.213.64.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:7a:a7:6f:6f:55:ac:ea:d2:b3:94:49:35:f9:50:d3:3f:0b:
1c:f8:85:26:40:c5:a1:b8:01:78:ca:4f:31:31:97:27:03:08:
da:dd:ee:f1:4d:66:35:97:9d:3f:5b:7c:51:62:c6:88:6f:be:
15:03:bd:3c:a6:e7:c7:a2:b6:62:46:2b:34:47:c8:97:aa:4f:
39:ce:29:68:dc:3f:54:b5:b5:78:bf:a1:c9:97:a8:71:a6:d2:
90:6c:28:2d:19:22:46:ae:96:3e:06:fb:48:50:ea:c7:f2:0d:
54:2b:90:85:35:98:45:97:08:6c:8a:86:e9:e4:03:a1:71:51:
17:c2:e3:ec:ec:c4:0f:e5:f4:b4:9b:2b:01:10:0c:2b:93:4e:
eb:3e:50:87:fe:74:19:6e:ab:22:aa:a8:c1:16:e1:85:66:e8:
ec:f8:69:9f:c3:97:46:09:01:9b:e2:fe:1d:5c:6c:55:c8:18:
b4:5d:4e:26:ba:7c:6d:bd:b3:dd:2e:e3:37:49:64:4b:ba:8c:
6e:e5:50:dc:66:2e:8f:dd:ec:31:75:e4:14:1b:0e:a0:9d:e0:
d2:3d:bc:db:ce:03:57:df:50:d0:30:bb:56:b4:70:7c:cf:77:
ec:cb:c1:ea:60:37:11:ad:b5:fd:ea:86:6f:99:d7:ea:0c:4d:
92:c8:21:9a
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYPxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMwMTQ1MzI5WhcNMjUwNjA5MTQ1MzI5WjAYMRYw
FAYDVQQDEw02ODM5YzY2ZS02NjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz4r44+NAGaWCya/Y49KshSG8YtEaQMuEWMEuXlAKZ7sU/U94RHARuGhD
6Ef8+GoQw0/YG8jn/qYLFPunAm/Ifr0/1dvJdsxnDG3jMBuhkW8JB9P+AOzjB04X
yQeycMrSwRagWFW228EtT2JOA4KlGe+HGnMNxYEJG3Fx9H7PEJB8ckGLTEqK1fer
vD9M0vmd+0tqQwiRGciwy+v52SFq0pcCE2t9C7S8EPOdD2Hu8CODyiyjLhs5ki5J
1ghTE50OAj48HATNB5iqwvtZN3gRmlkVnJ0pQvLZDcIBy3jW6dCoNcLSOsCKv1zS
OI+InrtGFKZEbRkR0O1/dRDi+WLJ4QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFDc
u5gjEEaaMNPaPkQcINn3ICAMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQkJGOTNEQzNENjUxMUYwQjAzMjg0OEZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmtIQAwQEmtVAMA0GCSqG
SIb3DQEBCwUAA4IBAQAMeqdvb1Ws6tKzlEk1+VDTPwsc+IUmQMWhuAF4yk8xMZcn
Awja3e7xTWY1l50/W3xRYsaIb74VA708pufHorZiRis0R8iXqk85zilo3D9UtbV4
v6HJl6hxptKQbCgtGSJGrpY+BvtIUOrH8g1UK5CFNZhFlwhsiobp5AOhcVEXwuPs
7MQP5fS0mysBEAwrk07rPlCH/nQZbqsiqqjBFuGFZujs+Gmfw5dGCQGb4v4dXGxV
yBi0XU4munxtvbPdLuM3SWRLuoxu5VDcZi6P3ewxdeQUGw6gneDSPbzbzgNX31DQ
MLtWtHB8z3fsy8HqYDcRrbX96oZvmdfqDE2SyCGa
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:47:47 2025 by rpki-client