Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3910286332311F09D83329DDAE4EC9C.roa
File: E3910286332311F09D83329DDAE4EC9C.roa (raw, json)
Hash identifier: ksD8q9lz+A7bn2ZvrU1z974wjAj9+1pb66S/7igJ6Wc=
Subject key identifier: 49:D3:A2:91:8B:7E:21:DC:E5:6A:5E:42:39:A4:BE:9C:21:E9:B6:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018132
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3910286332311F09D83329DDAE4EC9C.roa
Signing time: Sat 17 May 2025 13:36:09 +0000
ROA not before: Sat 17 May 2025 13:36:04 +0000
ROA not after: Tue 24 Jun 2025 13:36:04 +0000
asID: 20473
IP address blocks: 154.200.168.0/23 maxlen: 24
154.200.170.0/23 maxlen: 24
154.200.172.0/23 maxlen: 24
154.200.174.0/23 maxlen: 24
154.200.176.0/23 maxlen: 24
154.200.178.0/23 maxlen: 24
154.200.180.0/23 maxlen: 24
154.200.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 00:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98610 (0x18132)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 17 13:36:04 2025 GMT
Not After : Jun 24 13:36:04 2025 GMT
Subject: CN=682890c9-c98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:a3:5a:53:80:8e:5a:3b:a7:b8:c8:81:38:32:
f8:4c:eb:c2:7f:80:20:a6:b2:42:56:62:a2:26:a5:
52:76:e1:13:f1:26:7e:b6:5e:e2:de:1b:60:b7:25:
25:2f:69:54:d1:fc:67:3a:67:f2:b7:19:3c:52:cc:
21:f2:a2:7d:da:b0:24:f1:bd:25:c2:08:0b:b8:f1:
35:62:40:63:cb:a9:9a:d9:2e:f3:75:2f:c0:0e:9a:
48:41:3e:25:c0:8d:73:ac:dc:14:48:7e:ec:d4:ab:
12:e9:32:50:50:9d:1b:45:88:b3:ed:58:dc:9b:c6:
1d:1d:f1:38:6d:a8:3b:f7:3b:36:a6:d1:32:e1:90:
b1:bc:65:4e:9a:32:0c:34:f1:fd:47:12:71:46:9b:
d4:41:6e:e1:91:e4:b7:98:54:31:16:e1:47:f2:ba:
22:65:50:44:4d:d7:f4:1f:4f:fa:2d:af:d7:c9:1f:
9b:29:c3:f4:52:a5:77:5b:e8:66:7f:c8:ff:35:52:
2b:1e:53:81:bf:ff:3f:f4:6e:3f:69:ca:14:13:3c:
ca:70:c6:f6:a0:1c:62:d3:cc:58:ec:c8:2d:4d:fb:
e8:b3:89:af:fe:53:32:af:d8:81:8f:73:fa:d2:0a:
f3:ac:ed:9e:26:81:a1:a3:ad:a7:1e:e4:a5:31:61:
11:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D3:A2:91:8B:7E:21:DC:E5:6A:5E:42:39:A4:BE:9C:21:E9:B6:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3910286332311F09D83329DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.168.0-154.200.183.255
Signature Algorithm: sha256WithRSAEncryption
b2:2c:05:28:da:20:5b:f3:5d:d6:ce:a8:be:08:87:bc:1c:58:
18:24:4d:eb:63:43:1c:2d:d2:8f:6f:f9:ca:b5:fd:eb:9e:27:
a4:78:e3:08:83:09:8a:c0:6d:04:ef:a2:37:d2:82:1c:dd:26:
7b:ff:4a:44:bd:9f:4d:e7:f3:29:2d:7d:29:ea:7e:49:d9:17:
bd:ba:3c:f4:ae:27:0c:8c:a9:b0:ef:a1:b1:34:ae:95:d7:46:
22:f0:9c:ee:50:bb:58:cd:a0:7f:82:ee:a8:b0:fd:bd:ee:c9:
37:f6:f6:0b:b5:87:1d:37:c4:f4:7f:96:02:26:6e:58:6b:ba:
c7:55:10:fe:da:07:c1:f7:d4:4b:74:6a:70:5a:99:07:cc:b4:
c8:83:99:20:80:c6:ff:f2:43:dd:3e:7f:03:dd:e4:ad:da:5a:
6d:86:8f:8a:2a:aa:05:02:d2:21:ab:c4:71:93:f9:cd:5f:75:
f9:23:f3:7a:06:c3:35:e2:65:99:1a:a6:a5:a4:26:e4:44:41:
37:bd:86:e5:22:08:fc:53:fe:31:e1:4c:85:fe:03:18:fe:50:
45:ad:5f:36:6e:36:10:f5:e5:ad:52:8b:da:d4:c9:b8:01:82:
3b:40:91:af:3b:31:71:ab:c6:2c:09:10:ef:ac:58:60:98:8e:
26:b0:ff:77
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYEyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE3MTMzNjA0WhcNMjUwNjI0MTMzNjA0WjAYMRYw
FAYDVQQDEw02ODI4OTBjOS1jOThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8KNaU4COWjunuMiBODL4TOvCf4AgprJCVmKiJqVSduET8SZ+tl7i3htg
tyUlL2lU0fxnOmfytxk8Uswh8qJ92rAk8b0lwggLuPE1YkBjy6ma2S7zdS/ADppI
QT4lwI1zrNwUSH7s1KsS6TJQUJ0bRYiz7Vjcm8YdHfE4bag79zs2ptEy4ZCxvGVO
mjIMNPH9RxJxRpvUQW7hkeS3mFQxFuFH8roiZVBETdf0H0/6La/XyR+bKcP0UqV3
W+hmf8j/NVIrHlOBv/8/9G4/acoUEzzKcMb2oBxi08xY7MgtTfvos4mv/lMyr9iB
j3P60grzrO2eJoGho62nHuSlMWERQwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFEnT
opGLfiHc5WpeQjmkvpwh6bZ7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMzkxMDI4NjMzMjMxMUYwOUQ4MzMyOUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOayKgDBAOayLAwDQYJ
KoZIhvcNAQELBQADggEBALIsBSjaIFvzXdbOqL4Ih7wcWBgkTetjQxwt0o9v+cq1
/eueJ6R44wiDCYrAbQTvojfSghzdJnv/SkS9n03n8yktfSnqfknZF726PPSuJwyM
qbDvobE0rpXXRiLwnO5Qu1jNoH+C7qiw/b3uyTf29gu1hx03xPR/lgImblhrusdV
EP7aB8H31Et0anBamQfMtMiDmSCAxv/yQ90+fwPd5K3aWm2Gj4oqqgUC0iGrxHGT
+c1fdfkj83oGwzXiZZkapqWkJuREQTe9huUiCPxT/jHhTIX+Axj+UEWtXzZuNhD1
5a1Si9rUybgBgjtAka87MXGrxiwJEO+sWGCYjiaw/3c=
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:01:38 2025 by rpki-client