Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E517B73637D211F0B3DA4BC7DAE4EC9C.roa
File: E517B73637D211F0B3DA4BC7DAE4EC9C.roa (raw, json)
Hash identifier: t+dRNY2jx6dyUHhVKTGMekaPdXZAEPHeoJZ38U1JBTI=
Subject key identifier: 72:EB:C2:43:7A:C5:8D:65:CF:03:58:0F:A2:D9:1E:D5:39:FB:88:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018200
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E517B73637D211F0B3DA4BC7DAE4EC9C.roa
Signing time: Fri 23 May 2025 12:38:58 +0000
ROA not before: Fri 23 May 2025 12:38:53 +0000
ROA not after: Fri 27 Jun 2025 12:38:53 +0000
asID: 395793
IP address blocks: 154.200.80.0/21 maxlen: 24
154.223.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98816 (0x18200)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 12:38:53 2025 GMT
Not After : Jun 27 12:38:53 2025 GMT
Subject: CN=68306c62-d3f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:02:ce:39:c1:46:0a:5f:49:ab:aa:1e:f2:79:
78:68:e4:80:01:d1:fd:3e:ea:de:33:27:9a:34:99:
a1:97:28:50:9a:4e:1c:d2:f4:dd:39:0c:d7:e4:16:
b7:a0:9d:14:b4:1d:34:7d:cd:bd:ec:2b:fb:32:ac:
19:ed:60:01:f6:b3:84:5a:15:cf:8d:19:5d:40:84:
e9:44:41:4a:9c:20:ad:cf:51:84:bd:71:b1:7e:8c:
be:90:02:e9:c1:e1:d1:9d:43:f0:eb:90:41:14:1b:
b2:fe:29:aa:15:f6:6c:2f:86:8a:01:7b:1a:6b:f1:
21:50:e9:1a:12:6e:5e:b3:78:e3:e7:0b:1d:8b:3c:
12:04:39:a4:aa:6d:a4:34:79:58:c2:bd:aa:b9:ae:
85:55:6d:82:32:91:03:23:2d:6e:8f:08:dd:b7:f1:
24:a5:b2:a6:f0:64:11:f1:d9:ca:77:76:52:b6:e2:
e4:36:c2:55:c6:a8:f1:2a:1e:8c:f2:28:57:c1:0d:
e5:84:c0:79:af:33:b7:93:51:5d:4c:45:81:ee:2b:
a8:f9:d4:c3:4d:d9:58:0a:ac:6f:a2:35:c4:c6:a2:
8e:c5:5b:7a:1d:cd:e9:0b:07:69:fe:21:e8:c1:30:
af:02:2a:a6:49:56:5c:09:1c:77:42:39:c2:be:cd:
f9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:EB:C2:43:7A:C5:8D:65:CF:03:58:0F:A2:D9:1E:D5:39:FB:88:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E517B73637D211F0B3DA4BC7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.80.0/21
154.223.248.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:64:f9:63:29:57:4a:4e:a0:7f:5b:56:7e:b7:e7:04:5f:5b:
2e:bf:ab:e3:91:f5:a3:7d:d8:83:27:8c:0a:3b:69:de:23:a4:
53:5f:26:f7:ae:31:77:76:bf:b5:5c:93:89:a8:29:d9:b0:de:
b6:cb:eb:a4:63:35:b8:b1:0d:8c:dc:ec:b6:0e:31:88:e7:49:
43:25:47:62:75:6e:9d:19:e4:bf:29:2f:b3:c5:c9:27:bc:3c:
87:fc:a1:ba:e3:df:a6:43:8a:aa:17:77:94:72:8c:86:67:2d:
90:ac:9f:c3:53:b8:44:9b:16:11:48:66:87:67:b2:97:1f:69:
eb:bf:5a:e1:d7:a3:f1:1c:28:fa:2b:48:1f:0d:89:5f:6b:d3:
e5:27:61:a6:b7:cd:46:26:ae:1b:c1:b1:d5:0d:a0:eb:00:1b:
6d:73:7a:54:c8:d1:74:3e:de:44:cb:c1:ae:c4:43:1c:5c:37:
e3:f7:0e:a0:e9:65:7e:d7:41:06:e4:0d:ad:f0:74:26:fc:c4:
b9:6d:7a:f4:ec:17:52:10:a9:ac:35:64:3c:8a:92:76:4c:a4:
c0:6a:9e:06:7b:d9:22:f1:51:0d:ad:80:68:c5:b0:4d:36:e2:
81:4b:7e:ee:df:1b:5d:04:d8:e3:96:ca:f5:3f:50:10:36:ad:
84:cb:df:66
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYIAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMTIzODUzWhcNMjUwNjI3MTIzODUzWjAYMRYw
FAYDVQQDEw02ODMwNmM2Mi1kM2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQLOOcFGCl9Jq6oe8nl4aOSAAdH9PureMyeaNJmhlyhQmk4c0vTdOQzX
5Ba3oJ0UtB00fc297Cv7MqwZ7WAB9rOEWhXPjRldQITpREFKnCCtz1GEvXGxfoy+
kALpweHRnUPw65BBFBuy/imqFfZsL4aKAXsaa/EhUOkaEm5es3jj5wsdizwSBDmk
qm2kNHlYwr2qua6FVW2CMpEDIy1ujwjdt/EkpbKm8GQR8dnKd3ZStuLkNsJVxqjx
Kh6M8ihXwQ3lhMB5rzO3k1FdTEWB7iuo+dTDTdlYCqxvojXExqKOxVt6Hc3pCwdp
/iHowTCvAiqmSVZcCRx3QjnCvs352wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFHLr
wkN6xY1lzwNYD6LZHtU5+4geMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNTE3QjczNjM3RDIxMUYwQjNEQTRCQzdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDmshQAwQDmt/4MA0GCSqG
SIb3DQEBCwUAA4IBAQAPZPljKVdKTqB/W1Z+t+cEX1suv6vjkfWjfdiDJ4wKO2ne
I6RTXyb3rjF3dr+1XJOJqCnZsN62y+ukYzW4sQ2M3Oy2DjGI50lDJUdidW6dGeS/
KS+zxcknvDyH/KG649+mQ4qqF3eUcoyGZy2QrJ/DU7hEmxYRSGaHZ7KXH2nrv1rh
16PxHCj6K0gfDYlfa9PlJ2Gmt81GJq4bwbHVDaDrABttc3pUyNF0Pt5Ey8GuxEMc
XDfj9w6g6WV+10EG5A2t8HQm/MS5bXr07BdSEKmsNWQ8ipJ2TKTAap4Ge9ki8VEN
rYBoxbBNNuKBS37u3xtdBNjjlsr1P1AQNq2Ey99m
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:45:27 2025 by rpki-client