Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1553D57E483611F0B52814F0DAE4EC9C.roa
File: 1553D57E483611F0B52814F0DAE4EC9C.roa (raw, json)
Hash identifier: 2aYZZpo2Hs8fHw2rNjtcfPaGE/Qjloz4Rs2FOFlIGwc=
Subject key identifier: D8:7B:58:C2:66:A8:05:63:F8:59:F8:3E:E9:D0:FB:3D:E1:13:F6:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018658
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1553D57E483611F0B52814F0DAE4EC9C.roa
Signing time: Fri 13 Jun 2025 09:09:18 +0000
ROA not before: Fri 13 Jun 2025 09:09:13 +0000
ROA not after: Thu 17 Jul 2025 09:09:13 +0000
asID: 203020
IP address blocks: 154.204.96.0/19 maxlen: 24
154.220.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99928 (0x18658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 13 09:09:13 2025 GMT
Not After : Jul 17 09:09:13 2025 GMT
Subject: CN=684beabd-b1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:27:bb:fe:a0:61:3e:0d:6a:da:5a:32:3b:c9:
7a:36:61:86:8d:3c:ac:b1:96:28:0d:ef:10:08:44:
47:f7:dc:c0:f7:a0:a8:bb:fa:5b:a6:1b:fa:10:b7:
ff:9e:5f:81:55:e5:db:14:3e:4b:64:24:2b:f8:09:
37:02:2e:11:a1:33:1b:fc:f9:9d:90:f7:26:20:70:
4f:53:72:d7:75:e6:f4:ae:9d:d1:ca:96:c4:0e:74:
cd:ad:2f:62:bc:4c:80:b7:dc:e8:c3:43:25:47:bd:
3d:70:10:18:16:7d:31:c3:fc:70:3f:99:36:b3:9c:
20:ca:93:dc:fa:c9:39:e2:e7:67:7b:90:1f:4b:79:
26:50:5d:ee:15:1d:b9:6f:5d:5c:e9:5a:e8:e1:8d:
17:e4:e7:06:95:f0:0b:37:e0:e3:88:c3:c8:c0:6d:
b4:cf:ed:3c:86:72:38:2f:ab:a7:c2:9d:1b:f8:eb:
3b:8b:ef:75:8a:d4:c4:1b:e2:36:60:54:a9:53:34:
55:49:d3:39:19:60:25:1e:95:6f:ab:23:08:9f:aa:
24:ba:aa:04:c6:94:91:68:8f:5c:9d:ad:66:f9:85:
d3:b8:dc:bb:ee:bc:d2:67:2a:a0:08:68:62:c2:e1:
db:43:4a:ee:9a:d4:4b:30:0d:6b:81:b1:67:e0:43:
58:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7B:58:C2:66:A8:05:63:F8:59:F8:3E:E9:D0:FB:3D:E1:13:F6:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1553D57E483611F0B52814F0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.96.0/19
154.220.128.0/18
Signature Algorithm: sha256WithRSAEncryption
64:e3:5a:f6:16:05:42:fd:59:11:a7:bf:81:d0:7a:36:55:ac:
b4:97:a6:78:90:43:2c:03:46:48:8e:a4:f9:65:94:8c:c3:73:
81:19:a8:e0:9e:e5:34:0b:4f:d8:e9:37:a2:75:84:7d:61:5c:
de:ef:8c:9b:65:1b:b2:76:e3:78:68:3a:64:40:1e:66:f2:da:
bc:e7:09:b1:20:2b:b2:16:36:60:e0:ef:14:39:fe:b9:ca:93:
2e:86:9e:35:00:31:5a:83:51:fd:ac:c7:a5:59:7c:62:81:01:
d3:95:0a:13:8b:86:e8:5c:f8:e7:47:96:3f:83:8c:a6:74:8a:
60:41:72:5b:39:75:47:96:5c:96:c1:d5:9d:0d:ba:c9:4d:44:
53:02:62:20:28:57:ed:30:6f:b1:6d:18:65:5c:a2:7e:56:71:
d4:47:a3:d9:92:9c:94:dd:d8:6a:98:bd:71:8f:b6:74:df:96:
5d:99:ec:58:33:a7:16:8a:dd:7f:7d:79:43:38:32:26:df:c7:
d8:49:fc:6b:ab:4a:e0:7a:10:37:dd:e6:a9:12:b7:45:9d:97:
ed:19:21:9c:8e:10:ca:37:97:96:f0:83:1a:38:9e:39:f1:bf:
ed:ca:66:89:4f:13:26:23:1a:f4:56:fa:a9:85:c0:81:48:8a:
9f:53:70:7d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYZYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEzMDkwOTEzWhcNMjUwNzE3MDkwOTEzWjAYMRYw
FAYDVQQDEw02ODRiZWFiZC1iMWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ie7/qBhPg1q2loyO8l6NmGGjTyssZYoDe8QCERH99zA96Cou/pbphv6
ELf/nl+BVeXbFD5LZCQr+Ak3Ai4RoTMb/PmdkPcmIHBPU3LXdeb0rp3RypbEDnTN
rS9ivEyAt9zow0MlR709cBAYFn0xw/xwP5k2s5wgypPc+sk54udne5AfS3kmUF3u
FR25b11c6Vro4Y0X5OcGlfALN+DjiMPIwG20z+08hnI4L6unwp0b+Os7i+91itTE
G+I2YFSpUzRVSdM5GWAlHpVvqyMIn6okuqoExpSRaI9cna1m+YXTuNy77rzSZyqg
CGhiwuHbQ0rumtRLMA1rgbFn4ENY3QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNh7
WMJmqAVj+Fn4PunQ+z3hE/bgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNTUzRDU3RTQ4MzYxMUYwQjUyODE0RjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmsxgAwQGmtyAMA0GCSqG
SIb3DQEBCwUAA4IBAQBk41r2FgVC/VkRp7+B0Ho2Vay0l6Z4kEMsA0ZIjqT5ZZSM
w3OBGajgnuU0C0/Y6TeidYR9YVze74ybZRuyduN4aDpkQB5m8tq85wmxICuyFjZg
4O8UOf65ypMuhp41ADFag1H9rMelWXxigQHTlQoTi4boXPjnR5Y/g4ymdIpgQXJb
OXVHllyWwdWdDbrJTURTAmIgKFftMG+xbRhlXKJ+VnHUR6PZkpyU3dhqmL1xj7Z0
35ZdmexYM6cWit1/fXlDODIm38fYSfxrq0rgehA33eapErdFnZftGSGcjhDKN5eW
8IMaOJ458b/tymaJTxMmIxr0VvqphcCBSIqfU3B9
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:25:24 2025 by rpki-client