Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDA0682E3BC011F08FEDA3DFDAE4EC9C.roa
File: FDA0682E3BC011F08FEDA3DFDAE4EC9C.roa (raw, json)
Hash identifier: uO4blP2B3xGQAG34VXUZlwz9a/Jh38FiTUenCtvwkl4=
Subject key identifier: C6:DB:5F:18:3B:21:CD:77:07:B8:C9:FD:0A:B8:DF:90:76:40:43:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01836A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDA0682E3BC011F08FEDA3DFDAE4EC9C.roa
Signing time: Wed 28 May 2025 12:40:53 +0000
ROA not before: Wed 28 May 2025 12:40:48 +0000
ROA not after: Fri 06 Jun 2025 12:40:48 +0000
asID: 23764
IP address blocks: 154.85.14.0/24 maxlen: 24
154.85.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 12:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99178 (0x1836a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 12:40:48 2025 GMT
Not After : Jun 6 12:40:48 2025 GMT
Subject: CN=68370455-92a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c2:ed:3a:74:10:0a:b9:ea:18:5f:d2:bc:0b:
65:02:d7:7c:e7:c7:16:22:cc:40:60:49:97:f8:7e:
9b:bc:f4:34:7f:45:b8:a8:8d:7b:37:4c:b6:f3:19:
4b:bb:20:28:b3:2c:e5:57:e2:3a:db:f3:5b:77:95:
3f:5d:7c:6c:14:d0:bf:89:be:9f:fe:f2:5c:c3:31:
c4:b5:7d:c3:3c:13:e1:71:6b:02:fb:c6:eb:db:2d:
fa:3a:6c:52:2f:69:da:d0:f7:58:32:17:55:b4:1f:
55:f8:a3:11:23:76:15:89:89:f3:de:f2:41:ca:72:
2a:38:ed:70:81:27:6e:b4:4a:db:d5:5f:a6:ad:91:
a8:45:94:61:56:c2:95:5d:cd:98:6e:b9:07:7a:17:
06:c8:79:32:65:92:9f:89:cb:ae:d7:cb:6c:33:64:
1c:41:f8:07:db:e2:c6:55:d6:9d:4c:25:26:9b:65:
93:43:59:90:be:50:eb:b9:16:a7:28:d8:f0:4f:f0:
d3:8c:9f:bc:fe:cf:9c:05:58:6d:c7:ea:34:69:1a:
bf:6a:7f:21:cb:b1:d2:47:d3:d7:7f:01:5b:9e:6a:
35:c8:96:21:02:6f:6a:c1:71:b6:98:18:f3:62:0c:
3b:22:99:4e:67:06:1c:bb:e6:d6:6c:07:7e:0c:d8:
27:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DB:5F:18:3B:21:CD:77:07:B8:C9:FD:0A:B8:DF:90:76:40:43:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDA0682E3BC011F08FEDA3DFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.14.0/23
Signature Algorithm: sha256WithRSAEncryption
51:9f:6e:3d:6c:b9:4a:6e:f7:e4:09:70:9d:74:02:1e:f4:9e:
be:71:98:25:f0:bb:9b:ef:f1:2e:a5:48:ec:97:b3:c4:d3:68:
10:79:62:bc:24:bd:61:8b:68:03:e9:98:38:03:bc:a2:9c:1a:
20:17:32:61:03:a3:bd:89:7b:f1:c2:e7:83:52:72:03:af:66:
23:21:ce:88:f2:af:21:df:6e:e9:96:8c:70:a3:b4:de:ad:75:
da:70:ec:4e:89:59:cf:8e:db:36:5b:48:0e:39:59:d3:59:9f:
d7:72:8a:64:92:9f:56:cd:d6:94:2a:7c:57:b9:8f:13:fe:68:
26:e1:69:10:e2:0e:48:57:8e:69:11:49:d3:a8:b2:31:97:62:
53:39:e6:11:e4:7f:2c:5e:bf:21:ce:b9:56:d5:ca:e4:82:e9:
38:9c:d1:fe:62:72:bf:d4:73:16:b2:55:0a:89:5d:75:13:89:
5a:cf:56:07:7f:f6:60:c0:d7:d6:15:4e:08:8e:84:a6:b0:93:
c9:e8:62:78:11:52:50:12:7d:61:64:3b:d9:61:d1:9b:41:c0:
ac:d1:a1:fc:95:d6:1e:cb:7a:52:cd:be:8d:86:cb:2e:ba:c7:
18:9b:20:bb:18:6f:e3:ab:39:f3:76:59:64:e6:ed:da:c9:f6:
b8:62:5b:50
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYNqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTI0MDQ4WhcNMjUwNjA2MTI0MDQ4WjAYMRYw
FAYDVQQDEw02ODM3MDQ1NS05MmE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5sLtOnQQCrnqGF/SvAtlAtd858cWIsxAYEmX+H6bvPQ0f0W4qI17N0y2
8xlLuyAosyzlV+I62/Nbd5U/XXxsFNC/ib6f/vJcwzHEtX3DPBPhcWsC+8br2y36
OmxSL2na0PdYMhdVtB9V+KMRI3YViYnz3vJBynIqOO1wgSdutErb1V+mrZGoRZRh
VsKVXc2YbrkHehcGyHkyZZKficuu18tsM2QcQfgH2+LGVdadTCUmm2WTQ1mQvlDr
uRanKNjwT/DTjJ+8/s+cBVhtx+o0aRq/an8hy7HSR9PXfwFbnmo1yJYhAm9qwXG2
mBjzYgw7IplOZwYcu+bWbAd+DNgnQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMbb
Xxg7Ic13B7jJ/Qq435B2QENnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GREEwNjgyRTNCQzAxMUYwOEZFREEzREZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlUOMA0GCSqGSIb3DQEB
CwUAA4IBAQBRn249bLlKbvfkCXCddAIe9J6+cZgl8Lub7/EupUjsl7PE02gQeWK8
JL1hi2gD6Zg4A7yinBogFzJhA6O9iXvxwueDUnIDr2YjIc6I8q8h327ploxwo7Te
rXXacOxOiVnPjts2W0gOOVnTWZ/Xcopkkp9WzdaUKnxXuY8T/mgm4WkQ4g5IV45p
EUnTqLIxl2JTOeYR5H8sXr8hzrlW1crkguk4nNH+YnK/1HMWslUKiV11E4laz1YH
f/ZgwNfWFU4IjoSmsJPJ6GJ4EVJQEn1hZDvZYdGbQcCs0aH8ldYey3pSzb6Nhssu
uscYmyC7GG/jqznzdllk5u3ayfa4YltQ
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:24:06 2025 by rpki-client